The purpose of the phishing campaigns is to collect personal data that could be used for identity theft or usernames and passwords that could be used for credential stuffing attacks.
In Q2, there was an alarming, rapid increase of new phishing and fraudulent sites being created, detecting 1.7 million phishing and scam websites – a 13.3% increase from Q1 2020, according to Bolster.
There is an entire industry now dedicated to selling ransomware as a service, which lowers the barrier for criminals to enter, and means more attackers are getting into this very profitable business.
Three healthcare providers in Florida, Georgia, and New York are notifying patients that their protected health information may have been exposed in recent cyber-attacks involving ransoms.
Treasury is signaling that organizations that pay ransomware could be at risk of prosecution for running afoul of US laws if the person or organization they’re paying is on a sanctions list.
The obfuscation technique used by TrickBot takes advantage of the way the Windows command line interpreter, cmd [.] exe, reads and interprets data that is typed on the command line.
VMware on Monday published an advisory to inform users that it’s working on patching a critical command injection vulnerability affecting Workspace ONE Access and some related components.
Big banks and other financial firms predict the cost of warding off cybercriminals will keep climbing in 2021 as they work to secure digital financial services popularized by the pandemic.
The experts discovered that the 2FA implementation of cPanel & WebHost Manager (WHM) software was vulnerable to brute-force attacks that allowed attackers to guess URL parameters and bypass 2FA.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) today posted an advisory to warn shoppers of online scams ahead of the holidays.