Venture capital firm Sequoia Capital confirmed it was recently involved in a "cybersecurity incident," but offered no details on exactly what may have transpired. Cybersecurity teams and law enforcement agencies have been notified.
Individuals suspected of providing hacking, logistical and financial support to the Egregor ransomware-as-a-service operation have been arrested by police in Ukraine as part of a joint operation with French cybercrime police coordinated by Europol, according to a French media report.
The ongoing lockdown may be complicating the path of Cupid's arrows. But as another Valentine's Day rolls around, authorities are warning that romance scammers - and other types of fraudsters - are alive and well and have been increasingly preying on unsuspecting victims around the world.
Security researchers at Armorblox uncovered an unusual invoice-themed phishing campaign designed to extract victims' Microsoft Office 365 login credentials, alternate email addresses and phone numbers.
Trickbot appears to be making a comeback with a fresh campaign that is targeting insurance companies and legal firms in North America, according to an analysis by Menlo Security. Researchers had warned the malware might surface again after a coordinated takedown of the botnet's infrastructure in 2020.
The number of data breaches being reported in the U.S. and elsewhere each year continues to decline. But security experts say this unfortunately can be explained by criminals increasingly focusing on lucrative ransomware and business email compromise scams, which require scant data to be successful.
Microsoft researchers say that a North Korean hacking group that the company calls "Zinc" - which is better known as the Lazarus Group or Hidden Cobra - likely was responsible for targeting vulnerability researchers in an attempt to steal information via a backdoor.
Wireless carrier UScellular is investigating an incident involving hackers tricking employees into downloading malicious software that compromised a customer relationship management platform, exposing personal data.
A targeted phishing campaign is using a fake Microsoft Office 365 update to steal email credentials from business executives, and the credentials are then being offered for sale in underground forums, security firm Trend Micro reports.
North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
Fraudsters are using Google forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to identify targets for a possible follow-up business email compromise attack.
Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails. The schemes include business email compromise scams, messages with malicious attachments and phishing emails designed to harvest credentials.