How much do you know about the supply chain that takes a vulnerability and turns it into an exploit?
In this new report, Tenable Research explores the lifecycle of exploits - from discovery to utilization in a breach. Their analysis of cybercrime economics will help you better protect your organization.
Read the...
Australian shipping giant Toll Group has vowed to again not pay a ransom after suffering its second ransomware attack of the year. In the latest incident, however, the company warns that attackers also stole corporate data - and it may get leaked.
The operators behind the Zeus Sphinx malware have added new features and functionality to the Trojan, and more cybercriminals have deployed it within phishing campaigns that use the COVID-19 crisis as a lure, according to IBM X-Force. The Trojan has become more efficient at stealing banking data.
After suffering a ransomware attack last October that left several systems inaccessible, mailing equipment manufacturer Pitney Bowes reports that it recently blocked another ransomware attack before any data was encrypted and says there's "no evidence of further unauthorized access to our IT systems."
The surge in e-commerce as a result of the COVID-19 pandemic means more payment card transactions - and more card fraud, says Jordan McKee of 451 Research, who discusses the latest trends.
Anubis, one of the most potent Android botnets, apparently is getting a refresh a year after its source code was leaked, security researchers say. The changes could help fraudsters more closely monitor activity on hacked devices.
After offering three large databases of compromised user data for sale on the darknet last week, a hacking group known as Shiny Hunters now is trying to sell four additional databases of information apparently gathered from data breaches, security researchers say.
Hackers are attempting to sell a fresh trove of approximately 26 million user records apparently obtained from three data breaches, according to researchers at the security firm ZeroFox.
Cybercriminals are hiding malicious JavaScript skimmers in the "favicon" icons of several ecommerce websites in an effort to steal payment card data from customers, researchers at Malwarebytes say.
Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks.
Five suspected members of the InfinityBlack hacking group have been arrested, and authorities in Europe say they've seized two databases with more than 170 million entries, including combinations of stolen usernames and passwords.
Several malicious spam campaigns using COVID-19 as a lure are attempting to install the Remcos remote access Trojan on victims' devices, according to Microsoft.
The Financial Industry Regulatory Authority, a private organization that helps self-regulate brokerage firms and exchange markets in the U.S., warns that a "widespread, ongoing" phishing campaign is targeting its members.
Security and risk experts from Forrester and Neustar advise on what you need to know about today's cyberthreats, including website vulnerabilities, APIs, third-party party scripts, nefarious bots and DDoS attacks.
Gamers are poring over a massive leak of Nintendo data, including source code for older gaming systems, prototypes of games and extensive software and hardware documentation. The data likely dates from a 2018 network intrusion at Nintendo.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.