A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.
Emotions about the global pandemic are running high, and attackers are taking advantage. Researchers have observed criminals spreading malware by impersonating official sources, distributing malicious COVID-19 maps and trackers, and malvertising on coronavirus-related news stories.
As security professionals, we...
Russian authorities typically turn a blind eye to cybercrime committed by citizens, provided they target foreigners. But as the recent "BuyBest" arrests of 25 individuals demonstrate, authorities do not tolerate criminals that target Russians, and especially not anyone who targets Russian banks.
Microsoft has confirmed that a serious flaw in Windows SMB_v3 exists that could be exploited by attackers to remotely seize control of vulnerable systems. While no attacks have been seen in the wild, no patch for the wormable flaw is yet available. A workaround exists for servers, but not clients.
The 2020 Global Threat Report is one of the industry's most highly anticipated reports on today's most significant cyber threats and adversaries. It features a comprehensive overview of the global investigations and deep analysis conducted by the CrowdStrike Intelligence team, the Falcon OverWatch managed threat...
The rapidly evolving threat environment requires a multilayered protection strategy - one that closes the technical and human gaps - for every organization to maximize its cybersecurity performance and minimize the risk of falling victim to sophisticated attacks, including phishing, malware and ransomware which can...
Visser Precision, a U.S. manufacturer that supplies Boeing, Lockheed Martin, Tesla and SpaceX, appears to have been hit by the DoppelPaymer ransomware gang, which has begun leaking internal data and threatening to leak more unless the victim pays a ransom.
The operators behind the "Raccoon" infostealer Trojan have added new capabilities to this malware-as-service offering, which now has the ability to steal data from over 60 applications, according to researchers at the security firm CyberArk.
Bad news on the ransomware front: Victims that choose to pay attackers' ransom demands - in return for the promise of a decryption tool - last quarter paid an average of $84,116, according to Coveware. But gangs wielding Ryuk and Sodinokibi - aka REvil - often demanded much more.
Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.
British regulators have fined Dixons Carphone $653,000 for a breach that exposed millions of payment card details and personal data due to point-of-sale malware. The retailer's lack of security contributed to a "careless loss of data," the Information Commissioner's Office says.
Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns. Pulse Secure says that although many organizations have installed the critical April 2019 patch, holdouts persist.
The U.S. Coast Guard issued a security alert this month after a ransomware attack took down the IT network of an unnamed maritime facility. Investigators believe that the incident involved the Ryuk ransomware strain and started with a phishing email.
Warning: Attackers wielding LockerGoga and MegaCortex ransomware have been hitting large corporate networks, sometimes first lingering for months. That's according to a new FBI flash alert, as reported by Bleeping Computer, which essentially tells would-be victims: Please, get your defenses in order now.