Interpol says Dutch and Nigerian suspects created a cloned version of a legitimate personal protective equipment provider's website to trick a German health authority seeking face masks. The case is a reminder that a "sophisticated" scheme need not require extreme technical sophistication to succeed.
Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.
What's that IoT device on your network? A lot of organizations may not know. That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk.
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.
After being hit by SolarWinds hackers, the Administrative Office of the U.S. Courts instructed the nation's district courts to restrict the filing of sensitive information to hard copy or "secure electronic devices." But will this defense create an even bigger bureaucratic fallout than the attack itself?
Police have arrested Riley June Williams of Pennsylvania, who a tipster alleges stole a laptop or hard drive belonging to House Speaker Nancy Pelosi. But is the tipsters claim that she had planned to pass the device to a friend in Russia credible?
Following the discovery that attackers Trojanized SolarWinds' Orion software, expect the list of organizations that were running the backdoored network-monitoring tool to keep increasing. But with this being a suspected cyberespionage operation, attackers likely focused on only the juiciest targets.
Darkside is the latest ransomware operation to announce an affiliate program in which a ransomware operator maintains crypto-locking malware and a ransom payment infrastructure while crowdsourced and vetted affiliates find and infect targets. When a victim pays, the operator and affiliate share the loot.
Plaintiffs in the patent infringement case Centripetal Networks v. Cisco Networks won the day thanks to clear testimony and using Cisco's own technical documents in unaltered form. By contrast, the judge slammed Cisco for offering disagreeing witnesses and attempting to focus on old, irrelevant technology.
A hacking group targeting Iranian dissidents has developed malware that can bypass two-factor authentication protection on Android devices to steal passwords, according to Check Point Research. The hackers have also targeted victims' Telegram accounts.
With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one. That's because ransomware-wielding gangs continue to find innovative new ways to extort cryptocurrency from crypto-locking malware victims.
One day, you may drive your Tesla Cybertruck on Cyber Monday to your cybersecurity job, backed by a cyber insurance policy as you safeguard cyberspace against the threat of cyberwar. Or cyber whatever, since we've obviously entered the era of "maximum cyber." But what does cyber even mean?