An exploit has been created using critical remote code execution vulnerability CVE-2022-1388 in BIG-IP network traffic security management appliances. F5 BIG-IP admins are advised to immediately implement the patches for this vulnerability, which were released last week.
The Ukrainian CERT has issued a statement saying that a "massive" Jester Stealer malware distribution campaign, designed to steal authentication data, is currently underway. The malware, operated by an unknown attacker, self-destructs after its operation is complete, the agency's statement says.
The massive leak of internal communications from the Conti ransomware group has highlighted the extent to which cybercrime syndicates regularly beg, borrow, steal or sometimes even partner or collaborate, all in pursuit of increasing their illicit profits.
Microsoft plans to roll out new managed services that give organizations the expertise needed to proactively hunt for threats and extend XDR beyond the endpoint. Microsoft Security Experts features new managed services as well as existing services around incident response and modernization.
Healthcare sector organizations should prepare to deal with potential hacktivist attacks tied to controversy surrounding the U.S. Supreme Court's leaked draft ruling and eventual final decision involving Roe vs. Wade, says attorney Erik Weinick of the law firm Otterbourg PC.
Email is your most essential business tool—and today’s top malware delivery vector. This vital communications channel has become fertile ground for today's most damaging cyber threats and all kinds of fraud. Because email threats inherently target people, an effective cybersecurity program focuses on people first....
Transform attackers' favorite targets into your best defense
More than ever, attacks seek to exploit human vulnerabilities, not just technical flaws. In most cases, they do it through email. But you can transform every potential victim into a defensive choke point by making email reporting and remediation key parts...
In the today’s digital world, when so much of our lives are online, identity verification and authentication are critical to addressing fraud-related risk management challenges. To prevent fraud and protect your business and your customers, you must be certain the people you are dealing with are who they represent...
The U.S. Department of State is offering rewards of up to $10 million for information that leads to the identification or location of any individual who holds a key leadership position in the Conti ransomware variant transnational organized crime group.
Apple, Google and Microsoft are joining forces to back a standard that will allow websites and apps to offers passwordless sign-ins across devices and platforms. The three OS and browsing giants have put their weight behind a common passwordless sign-in standard created by the FIDO Alliance.
Virtual currency mixer Blender.io has been sanctioned by the U.S. for enabling North Korea to conduct "malicious cyber activities and money laundering of stolen virtual currency," the U.S. Treasury Department’s Office of Foreign Assets Control says in its first sanctioning of a currency mixer.
The European Parliament has granted Europol permission to receive and process datasets from private parties and pursue research projects for better handling of security-related cases. Use of these powers will be overseen by the European Data Protection Supervisor and the Fundamental Rights Officer.
U.S. President Joe Biden on Thursday signed into the law the Better Cybercrime Metrics Act, which aims to improve data collection on cybercrimes. The law requires the DOJ and the FBI to compile detailed statistics about cybercrime and develop a taxonomy to help contextualize and sort this data.
Containers and cloud-based resources are being used to launch DoS attacks against Russian, Belarusian and Lithuanian websites. Cybersecurity firm CrowdStrike's researchers say that through their Docker Engine honeypots, they observed two different Docker images targeting these assets.
Financially motivated and state-sponsored threat actors continue to evolve their tactics, techniques and procedures for successful attacks against healthcare and public health sector entities, federal authorities warn in a new report on the latest ransomware trends in healthcare.