Malware detection needs to shift to detecting anomalous behavior, rather than depending on signature-based detection technologies to deal with such threats as sandbox-evading malware, says Verizon's Ashish Thapar.
A phishing attack on Wednesday fueled by the Necurs botnet targeted at least 2,700 banking institutions of various sizes in the U.S. and around the world, explains Aaron Higbee of Cofense, which detected the attack.
A cryptocurrency investor is suing AT&T for $240 million, alleging he lost $24 million in virtual currency after the carrier failed to stop two separate attacks where his phone number was commandeered by attackers. The incident highlights the dangers of using a phone number as an authentication channel.
The Cobalt cybercrime group is targeting as many banks as possible, which poses risks particularly for smaller, less protected institutions, says Tim Bobak, APAC executive director for Group-IB.
Cybercrime investigators will face increasing difficulties if bad actors begin accepting more privacy-centric cryptocurrencies rather than bitcoin, says Andrei Barysevich of Recorded Future.
Deterring nation-states such as Russia and North Korea from executing cyberattacks will require sanctions and other pressure, says Fergus Hanson of the Australian Strategic Policy Institute.
The FBI warns that cybercriminals are planning a large-scale operation aimed at emptying ATMs, a type of attack that has caused swift and costly losses for financial institutions. The attack may utilize data from a breach of an unknown card issuer, the FBI says.
Cybercriminals in Brazil have capitalized on older vulnerabilities in D-Link routers for financially motivated phishing attacks. The attackers changed DNS settings to use their own malicious DNS server, allowing for seamless shifts to phishing sites.
Many medical device makers appear to building better cybersecurity into their products, but some manufacturers are still avoiding fixing vulnerabilities in legacy devices that pose potential safety risks, says security researcher Billy Rios, who discusses the latest flaws in some Medtronic cardiac devices.
An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.
Check Point says it has found three ways to falsify messages in WhatsApp, which it claims could be employed by scammers and used to spread fake news. WhatsApp acknowledges the findings, but it will not engineer patches.
Much of the attention around Chinese hacking is directed toward advanced threat groups suspected to have links to China's government. But a new report shows that the nation's hacking goes far deeper, and there's a thriving scene that has adapted to an internet heavily controlled by the government.
Espionage: Every nation does it. But for nation-state hacking that targets intellectual property or interference in political affairs, the U.S. has been using criminal indictments against individuals as a diplomatic way of saying: "We see what you're doing, now knock it off." But does it work?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.