Cryptocurrency has a reputation for being tough to trace - no wonder anonymity-craving criminals favor using it. In reality, cryptocurrencies don't make users anonymous. But just how did the FBI recover most of the bitcoins paid by Colonial Pipeline to the DarkSide ransomware operation?
Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
Cryptojacking group TeamTNT is leveraging compromised Amazon Web Services credentials to attack its cloud environments through the platform’s API, according to researchers from Unit 42 at Palo Alto Networks.
President Joe Biden's nominees for White House cyber director and CISA director faced questions from senators during their confirmation hearing Thursday, including how the federal government should respond to a recent spate of ransomware attacks and other cyberthreats.
Microsoft's June Patch Tuesday contained patches for six zero-day vulnerabilities being exploited in the wild, including two flaws detected by Kaspersky that were being exploited by a new threat group named PuzzleMaker.
Researchers have uncovered an ongoing campaign by a Chinese advanced persistent threat group that has spent the last three years testing and refining a custom backdoor in its arsenal to conduct espionage campaigns targeting governments in Southeast Asia.
Security researchers have identified two vulnerabilities in the Joomla content management system that can be chained together for complete compromise of the network, a report by security firm Fortbridge finds.
Content delivery network Fastly says its global outage on Tuesday was caused by an unanticipated software bug, which it has now patched. IT experts caution that content delivery networks and other cloud services can become single points of failure if they go down, unless users have resiliency plans.
Security automation is going to be the key for organizations to proactively protect themselves and also investigate incidents. Ty Miller of Threat Intelligence says security automation is driving everything from penetration testing to incident response.
Researchers at Malwarebytes have uncovered the latest tactics, techniques, and procedures used by the North Korean threat group Kimsuky, also known as Thallium, Black Banshee and Velvet Chollima, as it continues to launch espionage attacks. This time it is using an AppleSeed backdoor.
Weeks after VMware issued patches to address vulnerabilities in its vSphere Client (HTML5), threat intelligence firm Bad Packets says threat actors are mass scanning for vSphere hosts vulnerable to remote code execution.
CISA is preparing to expand its vulnerability research and disclosure program, which is now mandatory for nearly all executive branch agencies, by creating a vulnerability disclosure platform service. As part of this effort, the cybersecurity agency is partnering with Bugcrowd and EnDyna.
Amazon, Google, Spotify and Twitter were among the sites that were unreachable Tuesday morning due to a configuration error at widely used content delivery network Fastly, which said the problem was resolved after about an hour, after which the disruptions would begin to abate.
Thousands of suspected criminals have been relying on the "Anom" encrypted communications platform to coordinate their efforts. But the FBI and Australian police developed Anom as a honeypot for monitoring criminals, producing intelligence that globally led to 800 arrests and massive drug seizures.
The U.S. Justice Department reported it recouped $2.3 million of the $4.4 million ransom Colonial Pipeline Co. paid following a May 7 ransomware attack. The DOJ's Ransomware and Digital Extortion Task Force coordinated the effort, in which the FBI tracked payment to a bitcoin wallet it controls.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.
