With the U.S. midterm elections approaching fast, Microsoft says it's seized six domain names tied to "Fancy Bear," a hacking team widely believed to be part of Russia's military intelligence agency, amplifying concerns that Moscow's election interference efforts continue.
Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?
A federal judge in California has given final approval to a $115 million settlement involving health insurer Anthem over its 2015 data breach. The settlement is the largest ever reached in a data-breach related class action suit, but most victims will see no money.
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
An Australian teenager was such a fan of Apple that he hacked into the technology giant's mainframe, according to media reports. The teen has pleaded guilty to stealing 90 GB of sensitive information. But Apple says no customers' personally identifiable information was exposed.
U.S. President Donald Trump signed a presidential order on Wednesday that revokes a set of Obama-era guidelines for offensive cyber operations, The Wall Street Journal reports. The policy change may satisfy critics who contend the U.S. should be able to move faster, but it raises risks of escalating cyber conflict.
Malware detection needs to shift to detecting anomalous behavior, rather than depending on signature-based detection technologies to deal with such threats as sandbox-evading malware, says Verizon's Ashish Thapar.
A phishing attack on Wednesday fueled by the Necurs botnet targeted at least 2,700 banking institutions of various sizes in the U.S. and around the world, explains Aaron Higbee of Cofense, which detected the attack.
A cryptocurrency investor is suing AT&T for $240 million, alleging he lost $24 million in virtual currency after the carrier failed to stop two separate attacks where his phone number was commandeered by attackers. The incident highlights the dangers of using a phone number as an authentication channel.
The FBI warns that cybercriminals are planning a large-scale operation aimed at emptying ATMs, a type of attack that has caused swift and costly losses for financial institutions. The attack may utilize data from a breach of an unknown card issuer, the FBI says.
Cybercriminals in Brazil have capitalized on older vulnerabilities in D-Link routers for financially motivated phishing attacks. The attackers changed DNS settings to use their own malicious DNS server, allowing for seamless shifts to phishing sites.