October 14, 2024 at 01:35PM Forty new variants of the TrickMo Android banking trojan have emerged, designed to steal PINs and sensitive data through deceptive screens and various phishing tactics. Linked to 16 droppers and 22 command and control infrastructures, it has impacted at least 13,000 victims, primarily in Canada, UAE, Turkey, and Germany. ### … Read more
September 23, 2024 at 01:30PM An American collaborator helped fake North Korean IT workers secure jobs at US companies, generating $7 million in revenue over three years. The scheme impacted 300 companies, with one facilitator compromising over 60 identities. This operation aims to fund North Korea’s nuclear and ballistic missile programs while using sophisticated evasion … Read more
September 19, 2024 at 02:45PM Microsoft has reported that the ransomware affiliate Vanilla Tempest is now targeting U.S. healthcare organizations, using the INC ransomware. Vanilla Tempest gained network access by deploying malware and backdooring systems, leading to disruptions in IT and phone systems and causing loss of patient information. Vanilla Tempest has a history of … Read more
August 7, 2024 at 11:35AM Cynomi’s eBook “What does it take to be a full-fledged Virtual CISO?” details how service providers can expand vCISO services economically. The role of Chief Information Security Officer (CISO) is crucial in the current cyber threat landscape, but there’s a shortage of skilled CISOs, leading to the increased demand for … Read more
August 7, 2024 at 10:08AM API security is a critical concern as companies face evolving and increasingly dangerous threats. The rapid proliferation of poorly secured APIs makes organizations vulnerable to significant breaches. To address this, companies must catalog their APIs, adopt a zero-trust approach, and implement robust security measures, as well as prioritize ongoing monitoring … Read more
August 5, 2024 at 09:07AM Cybersecurity regulations vary by region, allowing cybercriminals to exploit gaps in governance. To bridge these gaps, global collaboration is necessary. North America has improved security culture, but major cyberattacks still occur. South America’s varying development levels present challenges. Africa faces rapid technology adoption and increasing cybercrime. Europe and Oceania are … Read more
August 1, 2024 at 03:39PM The Black Basta ransomware group has evolved its tactics by using custom tools and new initial access techniques after the takedown of the Qakbot botnet. This shift has enabled the group to continue flourishing in cybercriminal operations, with the development of custom malware like SilentNight, Cogscan, and Knotrock, posing a … Read more
July 30, 2024 at 09:59AM HealthEquity, a Utah-based HSA provider, experienced a data breach impacting 4.5 million US customers. The breach, attributed to a hack of a third-party data repository, saw the theft of various personally identifiable information. The company took immediate action upon discovery and is now notifying affected parties while enhancing security measures. … Read more
July 26, 2024 at 02:53PM Debt collection agency FBCS has expanded the number of people affected by a February data breach to 4.2 million in the US. The breached data includes personal info such as SSN, account details, and more. New notifications have been sent out, warning of increased phishing risks, and offering free credit … Read more
July 24, 2024 at 01:07AM KnowBe4, a security awareness and training provider, inadvertently hired a fake North Korean IT worker for a software engineering role. Even after thorough background checks, the new hire used a fake identity and attempted to load malware onto his company-provided computer. KnowBe4’s security software detected the malware, and the FBI … Read more