Estimates of the number of devices affected by a duo of zero-days in a popular corporate VPN made by software developer Ivanti have skyrocketed from fewer than 10 to over 1,700. The flaws affect the firm's Connect Secure VPN appliance, formerly known as Pulse Secure, and Ivanti Policy Secure.
Consumer groups continue to fight for banks to reimburse victims of authorized push payment scams, but regulators in some countries including the United Kingdom and Australia are looking for ways to tighten controls, said Ken Palla, fraud expert and retired director at MUFG Union Bank.
A cloud services firm has turned over to a New York hospital alliance the patient data stolen in a ransomware attack by LockBit. The hospital group had filed a lawsuit against LockBit as a legal maneuver to force the storage firm to return data the cybercriminals had stashed on the vendor's servers.
A Mississippi health system is notifying nearly 253,000 individuals that their data was potentially compromised in a "malicious and sophisticated ransomware" attack last August that also took IT systems offline. The cybercriminal gang Rhysida had claimed responsibility for the assault.
Artificial intelligence-enabled voter misinformation campaigns and voter database hacking are some of the largest threats to election security in a year when more than half of the world's populace will take to the ballot box in elections ranging from free to flawed.
Cryptocurrency schemes continue to generate alleged returns for criminals, as two separate cases highlight. One centers on a Ukrainian accused of earning $2 million via cryptojacking, while another involves a U.S. Air Force cyber analyst charged with perpetrating an UndeadApes NFT rug pull.
A Chinese state hacking group is attacking superseded Cisco routers to target government entities in the United States, the United Kingdom and Australia. Beijing cyberespionage hackers dubbed "Volt Typhoon" are using vulnerabilities that were first disclosed in early 2019.
Ransomware-wielding attackers show no signs of stopping, and experts report December 2023 was the second-worst month on record for known victims. Lately, Akira-wielding attackers have been hitting Finland hard, and Medusa has been behind a rising number of attacks.
Financially motivated Turkish hackers are targeting Microsoft SQL servers in the United States, Europe and Latin America in hacking that ultimately ends with deployment of Mimic ransomware or the sale of access to infected hosts on criminal online markets.
Australian fashion and sports retailer The Iconic has blamed careless customers for a spree of incidents that allowed hackers to access customer accounts and place orders worth thousands of dollars. The firm said customers made themselves easy targets by reusing passwords across multiple websites.
Fraudsters have long relied on mule accounts to deposit proceeds from a variety of scams, but financial crimes investigators are seeing a shift to dropped accounts, which can be opened and quickly discarded to evade detection by law enforcement, said M&T Bank's Karen Boyer.
While cybercriminals and advanced persistent threat groups have long abused legitimate internet services both to scale and disguise various types of attacks, a new report warns of a growing challenge posed by the illegitimate use of GitHub and offers essential defenses for users.
Hackers possibly connected to the Chinese government since December have exploited two zero-days in a VPN from software developer Ivanti that is widely used by governments and corporations, and a patch won't be available until later this month.
This week, hackers ran crypto phishing scams on X accounts, the SEC approved bitcoin ETP, hackers stole $3.4 million from Gamma, dYdX detailed post-hack steps, CertiK published 2023 hack stats, TRM Labs discussed North Korean hacking and Apple India blocked users from offshore crypto exchanges.
Merck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.