A North Korean government-backed threat group that was detected targeting security researchers in January is once again staging a campaign against them using advanced social engineering techniques, Google reports.
Economic turmoil, triggered by the global spread of COVID-19, is increasing and accelerating opportunistic, premeditated and organized insurance fraud. Criminals who invent claims will spend time to discern how to best exploit the weaknesses of an insurer’s fraud defenses. Customers and agents are learning how to...
The latest edition of the ISMG Security Report features an analysis of retailer Fat Face’s awkward "strictly private and confidential" data breach notification. Also featured: Discussions on the ethics of buying leaked data and the rise of central bank digital currencies.
Anyone wanting to invent a system designed to stoke widespread abuse by fraudsters would be hard-pressed to best the non-fungible token. Because they get bought and sold using cryptocurrency, it's only a question of when scammers will turn their attention to defrauding NFT aficionados.
An Israeli citizen who served as the administrator of the now-shuttered DeepDotWeb portal that connected internet users with dark web marketplaces selling malware, data and contraband has pleaded guilty to a money laundering conspiracy charge.
Pharmaceutical companies can leverage data analytics, predictive analytics and artificial intelligence to fight drug diversion fraud, says Charles Washington, senior director, global fraud and asset protection, at Pfizer.
The ODP Corp. reports in a Securities and Exchange Commission 8-K filing that it has suffered a loss of about $28 million due to a March 1 cyber incident at its business services and supplies subsidiary, CompuCom, that forced the company to shut down some of its operations.
The Iranian-linked threat group TA453, also known as Charming Kitten and Phosphorus, conducted a phishing campaign, dubbed "BadBlood," in late 2020 that targeted senior U.S. and Israeli medical researchers in an attempt to obtain their Microsoft Office credentials, according to Proofpoint.
Banks and mobile network operators should collaborate to mitigate the risks of SIM swap fraud, which can lead to account takeovers, says Clare Messenger, global head of fraud protection at the U.K. telecom firm JT Group Ltd.
Security practitioners often tread a fine and not entirely well-defined legal line in collecting current and meaningful research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area.
Check Point Research says it has spotted more than 50,000 ransomware attack attempts worldwide so far against unpatched on-premises Microsoft Exchange email servers.
The zero-day attacks against Accellion's File Transfer Appliance show that a number of big-name firms continued to use the legacy technology - even though more secure, cloud-based options were available. Evidently, many CISOs didn't see a compelling reason to move on. Of course, now they do.
An attacker added a backdoor to the source code for PHP, an open-source, server-side scripting language used by more than 75% of the world's websites. Core PHP project members say the backdoor was quickly removed.
A major Australian broadcaster was hit over the weekend by what was likely ransomware, and the country's federal Parliament was affected by what is described as a clumsy incident that nonetheless triggered a shutdown of its email system.
Researchers at Awake Security says at least one attack launched by the operators of Hades ransomware has a connection to the China-linked Hafnium group waging attacks on vulnerable Exchange servers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.