A newly uncovered Russia-based business email compromise gang has been targeting hundreds of large, multinational corporations in over 40 countries since 2019, according to the security firm Agari.
The developers behind the Purple Fox fileless downloader malware recently upgraded their operation and are now targeting two new vulnerabilities to gain access to networks, according to a report by security firm Proofpoint.
Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches.
A Nigerian national who has been extradited to the United States allegedly laundered millions of dollars stolen in business email compromise scams, according to the Justice Department. He flaunted his lavish lifestyle on social media, prosecutors say.
Security researchers warn that the number of exploit attempts targeting a critical vulnerability in F5 Networks' BIG-IP networking products has steadily increased since the company first announced the flaw late last week. They urge users to immediately apply patches.
Hackers with apparent ties to North Korea have extended their bag of online attack tricks beyond cryptocurrency mining, online bank heists and ransomware. Now, they're also hitting e-commerce merchants in the U.S. and Europe with Magecart attacks to steal payment card data, security firm Sansec reports.
Fraud is constantly evolving. As organizations close one door to fraud, fraudsters find another. We track cybercrime to help us develop industry-leading fraud prevention solutions. You can use this information to help you stay one step ahead.
This report details the anatomy of global fraud networks to better...
The operators behind the Valak malware strain have expanded their malicious campaigns to other parts of the world, targeting financial, manufacturing, healthcare and insurance firms, according to Cisco Talos. Attackers are now using existing email threads and ZIP files to spread the information stealer.
The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.
European police gained access to messages sent via the encrypted cellular service EncroChat, leading to the arrest of hundreds of alleged organized crime members across the Netherlands, France, Norway, Sweden and the U.K., the EU's law enforcement intelligence agency Europol reports.
Fraudsters are using a revamped version of the Alina Trojan to target Windows-based POS devices to steal payment card data, according to Century Link's Black Lotus Labs. The malware operators are using unsecured DNS protocols to exfiltrate the data.
The gang behind the WastedLocker ransomware strain recently targeted dozens of newspaper websites operated by a U.S. media company, according to the security firm Symantec.
Could your organization withstand an attack by the master hacking operation known as "Fxmsp"? Hollywood loves to portray hackers as having ninja-like skills. But Fxmsp often favored the simplest tools for the job, because they so often worked. Defenders: Take note.
The operators behind an updated version of the FakeSpy malware are targeting Android devices using SMS phishing messages to spread the info stealer, according to Cybereason. The messages are designed to appear to come from postal and delivery services.
With the COVID-19 pandemic continuing to surge, organizations must remain vigilant in their defense against coronavirus-themed phishing, business email compromise and other fraud campaigns, says attorney Robert Egan, who offers risk mitigation insights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.