Scammers are stealing hotels' log-in credentials for online travel site Booking.com and targeting their customers, experts warn. In many cases, attackers use Booking's own messaging system to contact customers and request their payment card data, they say.
A new GAO report says federal agencies fail to provide health are providers and patients with enough resources and information to address critical vulnerabilities in a majority of medical devices in the U.S. that can result in "potential catastrophic impact to hospital operations and patient care."
In the latest weekly update, two analysts at Forrester - Allie Mellen and Jeff Pollard - join three editors at ISMG to discuss important cybersecurity issues, including CISOs' primary inquiries about AI/ML, how organizations can thwart data poisoning attacks, and practical use cases for AI.
British prosecutors have sentenced a teenager behind high-profile hacks while he was part of the now-inactive Lapsus$ hacking group. Arion Kurtaj, from Oxford, will remain in medical care after doctors declared he was unfit to stand for trial owing to severe autism.
Microsoft said Iranian state hackers are using a newly developed backdoor to target organizations in the American defense industrial base. The Iranian state threat actor that Microsoft tracks as Peach Sandstorm employed a custom backdoor named FalseFont.
This week, MongoDB blamed a phishing email for causing unauthorized access to its corporate environment, hackers interrupted VF Corp. holiday shipping, Britain electrical grid operator National Grid dropped a Chinese supplier, German authorities shut down an online criminal bazaar, and more.
This week, Ledger looked to reimburse hack victims, NFT Trader suffered a $3 million theft, the U.S. DOJ announced the first criminal case involving a DeFi smart contract, a court approved Binance's settlement with the U.S. CFTC and a Nigerian court sentenced a pig -butchering scammer.
The BlackCat ransomware-as-a-service operation's putative "unseizing" of its leak site from the FBI is a stunt made possible by way the dark web handles address resolution, security researchers said Tuesday. The stunt was a "tactical error" that could alienate affiliates.
Fraudsters can now easily create fake driver's licenses to scam banks and merchants. Moving to electronic identification that can be stored on mobile devices has the potential to unlock innovation in the identity verification space, said Mary Ann Miller, vice president of client experience at Prove.
U.S. authorities seized dark web infrastructure of the BlackCat ransomware-as-a-service group, also known as Alphv, although the Russian-speaking threat actor said it has reestablished operations. The group's data leak site and its Tox instant messaging account went offline Dec. 7.
Cybercriminals increasingly use malicious ads through search engines to deploy new malware targeting businesses, marking a rise in browser-based attacks. Researchers at Malwarebytes observed PikaBot, a malware family that appeared in early 2023, being distributed via malvertising.
Synthetic IDs and mule accounts will continue to be a huge problem in 2024 even though vendors and financial institutions now recognize the problem and are beginning to address these risks, according to Trace Fooshee, strategic adviser at Datos Insights.
A group known as Predatory Sparrow claimed responsibility for a Monday cyberattack that shut down a majority of gas stations across Iran as officials blamed the attack on foreign powers. The group has previously taken credit for a number of attacks targeting Iran's fuel supply and rail system.
Attorney Jonathan Armstrong examines four cybersecurity legal trends that will shape 2024: heightened personal liability for security leaders, the impact of ransomware, legal and ethical concerns about AI, and the influence of shadow IT, especially regarding messaging apps.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.