The BlackCat RaaS group is developing a threat activity cluster using chosen keywords on webpages of legitimate organizations to deploy malicious malware. Trend Micro researchers discovered cybercriminals using malvertising to deploy malware using cloned webpages of WinSCP and SpyBoy.
At peak, MFA-bypass accounted for more than a million messages per month and Telephone-oriented attack delivery (TOAD) messages peaked at more than 13 million per month!
The most critical variable in today’s cyber threats is – people. This year, the 2023 Human Factor report takes an in depth look at new...
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links.
Cloudflare and Check Point joined Proofpoint and Microsoft atop Forrester's email security rankings, while Trend Micro, Barracuda Networks and Mimecast tumbled from the leaders category. A number of security vendors have gotten into email protection in recent years by acquiring CAPES startups.
This week's crypto roundup includes DeFi hacks and scams in the second quarter of 2023, FTX and SBF, Justby in the CFTC's crosshairs, and JokerSpy in a Japanese exchange. Also, the IMF says a crypto ban won't curb risk, Binance won't delist privacy coins, and EU banks have new capital requirements.
Researchers discovered an undisclosed malware family named EarlyRat being used by a branch of the North Korea-backed Lazarus Group. Kaspersky researchers said they stumbled upon the never-before-seen malware family, which is deployed in Log4j and phishing attacks.
Ukrainian cyber police raided and closed more than a dozen fraudulent call centers last week, saying the operations were running fake investment scams that involved stealing cryptocurrency and payment card details from European and Central Asian citizens.
Are unsolicited smartwatches the new USB thumb drive? The U.S. Army warns that service members are being sent free wearables preloaded with malware designed to steal data from mobile devices as well as intercept voice communications and hijack cameras.
Search engine optimization poisoning attacks, which involve intentionally manipulating search results to lead users onto malware-laced websites, are on the rise in the healthcare sector, U.S. federal regulators warn. Users should watch for typosquatting, keyword stuffing, meta tagging and cloaking.
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger Grimes, KnowBe4’s...
Suspected Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability in May to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan. Threat actors targeted officials from France, the United Kingdom, India, Singapore and Australia.
Understanding and Defending Against AI-Generated Email Attacks
ChatGPT. Google Bard. DeepFaceLab.
Generative AI is all the rage, and for good reason. What used to take hours can now be done in minutes, and what used to take minutes can be done in seconds. Which is great for productivity in the right hands.
But...
Ukrainian cyber defenders say they've identified a cyberespionage campaign active since mid-2022 that gained unauthorized access to "several dozen" computers. A government spokesperson said Tuesday the campaign targets government agencies and media organizations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.