A Colorado-based pathology laboratory is notifying more than 1.8 million patients that their sensitive information was compromised in an April hack, one of the largest breaches reported by a medical testing lab to U.S. federal regulators to date. Ransomware gang Medusa is blamed for the attack.
Hackers can use OpenAI's real-time voice API to carry out for less than a dollar deepfake scams involving voice impersonations of government officials or bank employees to swindle victims, said researchers at the University of Illinois Urbana-Champaign.
Despite heavy security investments, banks still struggle with basic security issues such as default passwords, vendor vulnerabilities and social engineering scams. Scott Weinberg, CEO of Neovera, shares a new report that shows banks of all sizes still grapple with these common risks.
A critical vulnerability in Open Policy Agent could expose NTLM credentials from Windows systems, potentially affecting millions of users. Researchers at Tenable warn that attackers could exploit the flaw through social engineering. Users must update to version v0.68.0 immediately to mitigate risks.
A recent incident shed light on a chilling new tactic: North Korean operatives posing as IT professionals to infiltrate organizations all over the world. And this one hit a little too close to home. KnowBe4 is pulling back the curtain on this event to help you protect your organization from this new and growing,...
Cybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.
Sri Lankan authorities have arrested more than 200 Chinese nationals who they say overstayed their visitor visas and engaged in large-scale financial scam operations targeting victims across Asia. The Chinese Embassy in Colombo says it supports the law enforcement crackdown.
Human Security's recent $50 million growth funding, led by WestCap, will drive the development of click-fraud defense and enhance advertising integrity solutions. CEO Stu Solomon aims to leverage the funding for scaling the engineering and data science teams, addressing emerging fraud threats.
The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation have issued new guidance to help U.S. political campaigns defend against increasing cyber threats from Iran, recommending stronger multifactor authentication, phishing-resistant protocols and vigilance against social...
Ransomware attacks are declining across many sectors - but not in healthcare, where an ongoing surge is reaching a four-year high in incidents, according to new research from security firm Sophos, which surveyed 5,000 IT leaders across 15 sectors and 14 countries between January and February.
A North Korean cyberespionage group is posing as job recruiters and targeting aerospace and energy sector employees with lucrative job offers, according to Mandiant. The hackers use email and WhatsApp messages to lure victims into clicking a link that deploys backdoor malware onto their devices.
By 2027, cybercrime is expected to cost the world a staggering $23.8 trillion per year. With so much money to be made, it’s no surprise that the creativity behind today’s cyber-attacks is seemingly endless.
We’ve collected some of the most insidious email attacks out there right now. What’s alarming is that...
In the digital era, Microsoft 365 is an essential tool for getting work done. Unfortunately, its popularity has made it a prime target for cyber criminals. Every year, people-centric Microsoft 365 attacks cost organisations millions of dollars and cause frustration for security teams and users alike. This e-book...
This State of Phish Report gives in-depth regional summaries to explore how local nuances affect user behaviour when it comes to cybersecurity awareness and the importance of phishing protection.
A few APJ highlights in this Report are:
Only 28% of users in South Korea consider security to be their responsibility,...
Cybercriminals are exploiting emergency data requests to obtain sensitive personal information from service providers and social media companies, says Jacob Larsen, team lead of security testing and assurance at CyberCX. This flaw in verification protocols puts user privacy at risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.