Malicious actors often devise ingenuous ways to infiltrate networks. Michael Sikorski, CTO and vice president of engineering of Unit 42 at Palo Alto Networks, shed light on an unconventional tactic deployed by Russian hackers: the Trojanization of legitimate advertisements.
Government-backed North Korean hackers are posting convincing U.S. military job recruitment documents to lure Korean-speaking victims into downloading malware staged from legitimate but compromised South Korean websites, according to security researchers.
Despite the significant advances technology has made over the past few years, email remains one of the best tools for cybercriminals. Training is just one piece of the puzzle. The best defense against today's cybercrime landscape is a multilayered security strategy.
Spanish law enforcement officers scored several recent wins against cybercriminals this month. Police nabbed a Ukrainian hacker on the run for 10 years, arrested a fraudster known to have run a smishing campaign that amassed 1.2 million euros, and broke up a phishing nexus - all in two weeks.
Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.
The scary fact is that human error is a contributing factor in more than 90% of breaches, and even the world’s most successful organizations have significant weaknesses in their cybersecurity defenses. With so many technical controls in place hackers are still getting through to your end users, making them your last...
Threat actors are exploiting the ongoing economic downturn by using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters. Researchers advise companies to be wary of attachments and URLs.
With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.
Crypto exchange firm Coinbase has confirmed that an SMS phishing campaign aimed at stealing employee credentials resulted in a minor data breach. The company estimates the latest campaign is part of the phishing campaign that successfully compromised Twilio and Cloudflare last year.
In this audiocast with Information Security Media Group, Joe Garber explains why a single authentication platform is the best way to gain a holistic view across information silos, enabling automation of key actions.
57% of consumers would stop spending money with their favourite brand if they fell victim to a phishing
attack while 70% agrees it is the brand’s responsibility to protect itself from email impersonation and from fake versions of its website respectively.
Download this casestudy to learn how to protect your...
Check fraud, first-party fraud and AI-related fraud will increase on a massive scale in 2023, thanks in large part to growing insider threats and the global economic slowdown. Frank McKenna, chief fraud strategist at Point Predictive, explains how banks can prepare to tackle these types of scams.
Everyone knows why criminals rob banks. But since most robbers are operating remotely, which tactics are cybercriminals actually employing and how often are they successful? Too often, it seems, thanks to phishing attacks, money laundering, ATM skimmers, malware and more.
During account registration, the authenticator generates a credential and passes the corresponding public key to the website for association with the user account.
But how do we know that it’s really our user that holds the credential and not an imposter? For instance, someone who stole the authenticator device....
Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.