Over the last year, nation-state hackers, including those with links to the Russian government, have shifted from targeting critical infrastructure to focusing on think tanks, human rights groups and nongovernment organizations in an attempt to influence public policy, according to Microsoft.
The COVID-19 pandemic has shifted the dynamic of card fraud in favor of the fraudsters due to the massive increase of online transactions, says Andrei Barysevich of the fraud intelligence company Gemini Advisory. And many fraudsters are using more sophisticated tools, including anti-fingerprinting technology.
McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market. Separately, Ivanti announced that it would buy security firms MobileIron and Pulse Secure.
French shipping firm CMA CGM Group is investigating what it calls a "malware" attack against its systems that has been causing disruptions. The firm is one of the largest container and shipping companies in the world.
A fresh round of Joker malware that targets Android users has been found in Google Play as well as third-party app stores, according to reports from Zscaler and Zimperium. The Joker apps can steal SMS messages, contact lists and device information from infected smartphones.
A federal judge Sunday granted TikTok's request for a temporary injunction to block the Trump administration's order that would have banned the Chinese social media app from the U.S. The order came hours before the ban was scheduled to go into effect.
An internet-connected coffee machine is the latest IoT device to show security problems. The security firm Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water. The only option to stop it? Unplug the machine.
Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks, Microsoft researchers say.
Facebook is again cracking down on fake accounts and pages linked to a Russian IRA troll farm or the country's military intelligence units that were being used for disinformation campaigns. Meanwhile, the FBI issued a fresh warning that threat actors are attempting to target U.S. voting infrastructure.
The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish a White House cybersecurity coordinator role. The position would coordinate the government's response to online attacks and other cybersecurity challenges facing the nation.
A recently uncovered phishing campaign used the European Union's General Data Protection Regulation as a lure to steal login credentials. The campaign enticed victims with subject lines indicating their email security system was not in compliance with the law, according to Area 1 Security.
The latest edition of the ISMG Security Report features an analysis on why criminals continue to use darknet markets, despite the risks. Also featured: Hackers target Virgin Mobile KSA; coping with COVID-19 stress.
Training employees to resist phishing emails is key to preventing compromises. But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships.