In the latest weekly update, Information Security Media Group Editors discuss current cybersecurity and privacy issues, including advice on strengthening off-hours defenses during the holiday season, emerging cybercrime trends in 2022, and Palo Alto's first big M&A since early 2021.
The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.
Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.
Before the newly spotted AxLocker ransomware crypto-locks systems, it steals Discord tokens, which can be sold on cybercrime markets. Among Discord's many users are cryptocurrency and NFT enthusiasts, and experts say the stolen credentials facilitate attempts to socially engineer them.
Researchers say Black Basta is dropping QBot malware in a widespread ransomware campaign targeting mostly U.S.-based companies. In the group's latest campaign, attackers are again using the QakBot to install a backdoor and then drop in encryption malware and other malicious code.
The nefarious LockBit 3.0 cybercriminal group is claiming responsibility for the ransomware attack that halted municipal services and shut down employee email accounts in Westmount, Quebec, giving the city a deadline of Dec. 4 to make an undisclosed ransom payment.
Budding cybercriminals can purchase a large number of specialized services from the ransomware criminal underground, reports cybersecurity firm Sophos. The services range from malware distribution to network scanning and even include OPSEC-as-a-service.
Join us for an informative webinar session as we dive into the hard truth of phishing attacks. Phishing has evolved to be more precise and deceptive than ever before, with the influx of mobile devices, screen sizes and many other sophisticated schemes tricking users into divulging information that can compromise...
Join us for an informative webinar session as we dive into the hard truth of phishing attacks. Phishing has evolved to be more precise and deceptive than ever before, with the influx of mobile devices, screen sizes and many other sophisticated schemes tricking users into divulging information that can compromise...
Cybercrime syndicate Robin Banks is back with a new cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks and to attract more sophisticated, persistent actors set on compromising specific targets.
Threat actors are using Internet Information Services - Microsoft's extensible web server software - to deliver a previously undocumented dropper that is being used to install a new backdoor and other tools. The group dubbed Cranefly uses a new backdoor called Danfuan, researchers say.
A Ukrainian man is fighting extradition to the United States, where he faces a four-count criminal indictment for his role in operating the Raccoon malware-as-a-service infostealer malware. Dutch authorities arrested Mark Sokolovsky, 26, in March, shows an unsealed indictment.
The LockBit group has paid the first payment of $50,000 as part of its bug bounty program for researchers willing to aid in cybercriminality. The group had announced that it will pay individuals who find exploitable vulnerabilities in the software it uses to maliciously encrypt files.
Password manager LastPass says the attackers behind the August security incident had access to its systems for four days. LastPass CEO Karim Toubba, sharing details about last month's breach, confirms that there is no evidence of any threat actor activity beyond the established timeline.
After an international law enforcement operation shuttered stolen data forum RaidForums in February, one of its power users launched a replacement called Breached. Within months, the English-language forum has amassed more stolen records and nearly as many users as its predecessor.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.