Researchers with FortiGuard Labs have uncovered two samples of the Ekans ransomware strain that offer some additional insight into how the crypto-locking malware targets industrial control systems, according to a new report. Ekans, also known as Snake, was first spotted earlier this year.
A recent Inspector General's report finds that NASA still struggles with implementing an agency-wide cybersecurity policy despite spending approximately $2.3 billion on IT, networking and security technology in 2019. The oversite report offers a series of improvements that NASA should make.
The operators behind the Valak malware strain have expanded their malicious campaigns to other parts of the world, targeting financial, manufacturing, healthcare and insurance firms, according to Cisco Talos. Attackers are now using existing email threads and ZIP files to spread the information stealer.
The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.
To mitigate cyberthreats, telecommunications companies in the GCC region need to enhance their incident detection and response capabilities, says Doha, Qatar-based Mustapha Huneyd, former global CISO of Ooredoo, a regional telecom firm.
European police gained access to messages sent via the encrypted cellular service EncroChat, leading to the arrest of hundreds of alleged organized crime members across the Netherlands, France, Norway, Sweden and the U.K., the EU's law enforcement intelligence agency Europol reports.
Fraudsters are using a revamped version of the Alina Trojan to target Windows-based POS devices to steal payment card data, according to Century Link's Black Lotus Labs. The malware operators are using unsecured DNS protocols to exfiltrate the data.
Tens of millions of Americans have lost jobs because of COVID-19. As a result, former 'most wanted" fraudster Brett Johnson predicts a surge in fraud, saying bluntly: "There are going to be a lot of victims."
Could your organization withstand an attack by the master hacking operation known as "Fxmsp"? Hollywood loves to portray hackers as having ninja-like skills. But Fxmsp often favored the simplest tools for the job, because they so often worked. Defenders: Take note.
The operators behind an updated version of the FakeSpy malware are targeting Android devices using SMS phishing messages to spread the info stealer, according to Cybereason. The messages are designed to appear to come from postal and delivery services.
The U.S. Federal Communications Commission has officially designated China's Huawei Technologies and ZTE Corp. as "national security threats," barring American telecommunications firms from using certain federal funds to buy their equipment, such as for building 5G networks.
With the COVID-19 pandemic continuing to surge, organizations must remain vigilant in their defense against coronavirus-themed phishing, business email compromise and other fraud campaigns, says attorney Robert Egan, who offers risk mitigation insights.
Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.
Since the start of the COVID-19 pandemic, the number of brute-force attacks targeting RDP connections has steadily increased, spiking to 100,000 incidents per day in April and May, according to the security firm ESET. These attacks pave the way for launching ransomware attacks and planting cryptominers.