Attackers have been actively exploiting a zero-day vulnerability in widely used managed file transfer software GoAnywhere MFT to take full control of systems, and in some cases to deploy ransomware. Vendor Fortra has released a patch and urged users to review systems for unusual behavior.
The Play ransomware group listed networking hardware manufacturer A10 Networks on its leak site after briefly gaining access to the company's IT infrastructure, according to data breach notifications firm BetterCyber. The Play group says it has confidential data, technical documentation and more.
Identity verification and lack of WebAuthn implementation in legacy applications and smartphones are two of the biggest challenges associated with adopting FIDO authentication. Merck Germany's Andreas Pellenghar also says the current setup of jumping to a browser to log in is turning people off.
Reddit says hackers penetrated its internal systems via a phishing attack but that user passwords and accounts appear safe. The self-proclaimed "front page of the internet" says the hackers gained access to its internal documents, code and some internal business systems.
Regal Medical Group, one of the largest medical groups in Southern California, has reported that a December ransomware incident involving data exfiltration has potentially compromised the protected health information of more than 3.3 million individuals.
Asia-Pacific healthcare sector organizations struggle with many of the same cybersecurity challenges as clinics in other parts of the world, including ransomware threats and denial-of-service attacks, says Errol Weiss, chief security officer of the Health Information Sharing and Analysis Center.
Australia's Department of Defense will rip out cameras made by Chinese manufacturers Hikvision and Dahua while the government considers whether to ban their use across all federal agencies. Chinese-made technology has come suspicious internationally for alleged influence by Chinese intelligence.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues, including cybersecurity innovation in today's market, how French police nabbed notorious Finnish hacker Zeekill and whether we are in a new form of cold war - specifically, an ongoing cyberwar.
Phishing is the number one way to compromise accounts, and Google's Christiaan Brand says passkeys have emerged as a great technical solution to the issue. He wants to ensure what FIDO Alliance has built benefits and is relevant to how Google wants to see passkeys implemented for its own accounts.
Banking Trojans, ransomware, fake finance apps programmed to steal data - the cybercriminal cartels have become more punitive in 2023, escalating destructive attacks on financial institutions. This is just one key finding of the annual Cyber Bank Heists report by Contrast Security's Tom Kellermann.
Revenue at dark web illicit marketplaces plummeted in 2022 following seizure by U.S. and German police last spring of what was then the world's largest online bazaar for illegal goods and services. Three markets have jockeyed for dominance following Hydra's collapse: OMG!OMG!, Blacksprut and Mega.
Cybercriminals found a way to circumvent OpenAI's prohibition on using its natural language artificial intelligence model for malicious purposes, say researchers who already spotted low-level hackers using the firm's ChatGPT chatbot for a machine-learning assist in creating malicious scripts.
Multiple government agencies in the U.S. and South Korea issued a joint alert warning critical infrastructure sectors - and especially the healthcare sector - of ongoing ransomware threats involving North Korean state-sponsored cybercriminals.
A group of bipartisan U.S. senators is seeking answers from three telehealth companies about their data tracking and sharing practices. The move comes as privacy and security concerns about broader data sharing by technology firms also are growing.
Ireland's Munster Technological University confirmed that an ongoing system outage that forced it to shutter its Cork campuses is the result of a ransomware attack. Staff from the National Cyber Security Center are on-site to assist with the forensic examination and recovery.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.