Researchers revealed that the attack was likely conducted by the Evil Corp cybercrime gang, who routinely perform attacks under different ransomware names, such as Hades, to evade US sanctions.

Academics from two UK universities revealed the technique, in which attackers could bypass an Apple iPhone’s lock screen to access payment services and make contactless transactions.

In May, the FBI said that it had found threat actors to be impersonating Truist, the sixth-largest U.S. bank holding company. That spear-phishing campaign attempted to infect victims with RAT malware.

A CNP transaction occurs when a sale is made without the customer physically presenting their credit card to the merchant, and when it turns out to be fraudulent, the liability lies with the merchant.

Akamai Technologies has acquired Guardicore to enhance the content delivery network (CDN’s) cybersecurity portfolio. Akamai will pay roughly $600 million to acquire all outstanding Guardicore equity.

Private proof-of-vaccination app Portpass exposed personal information, including the driver’s licenses, of what could be as many as hundreds of thousands of users by leaving its website unsecured.

Tracked as CVE-2021-26084 (CVSS score: 9.8), it is an OGNL injection vulnerability that could be exploited to achieve arbitrary code execution on a Confluence Server or Data Center instance.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for hardening the security of virtual private network (VPN) solutions.

According to Unit 42, 63% of third-party code templates used in building cloud infrastructure contained insecure configurations. 96% of third-party container apps contain known vulnerabilities.