The credit repair industry plays a pivotal role in propelling the latest synthetic ID tactics, which are being used to commit multiple types of account fraud. Two experts shared their insights on why fraudsters are more likely to abuse deposit bank accounts than credit cards these days.
Security researchers linked a surveillance toolkit called LightSpy to Chinese threat group APT41, which has a history of using surveillance malware on iOS and Android devices. The group used spam messages to convince users download a malicious WeChat application.
Palo Alto Networks remains a leader in Forrester's zero trust platform rankings while Microsoft and Check Point entered the leaders category for the first time. Vendors in the zero trust platform space ditched point products and pursued organic investments or M&A to create a broader offering.
Ransomware hackers are using a critical flaw in a DevOps tool days developer JetBrains issued a critical security update to patch its TeamCity build management and continuous integration server. Servers such as TeamCity are high-value targets since they manage source code, keys and secrets.
French lawmakers on Wednesday will mull limits on virtual private networks as part of an anti-cybercrime measure that would also require web browsers to notify users when they access websites listed on a government blacklist. The bill, widely known as SREN, passed the French Senate in June.
Ransomware-as-a-service gang Alphv/BlackCat claims to have stolen 6 terabytes of data on 2.5 million patients in a recent attack on Michigan-based McLaren Health Care, which operates 13 hospitals and a network of cancer centers. The incident is part of the group's rash of recent attacks.
The head of a key European Parliament committee said he's concerned about media reports suggesting that a proposal mandating that instant messenger apps scan for CSAM was crafted under the influence of an American tech foundation and a nonprofit with ties the British and U.S. government.
The private equity arm of former Secretary of Homeland Security Michael Chertoff's advisory firm agreed to purchase MDR vendor Trustwave for $205 million. The deal will allow Singtel to refocus its business in APAC and boost shareholder value by optimizing resource allocation.
Large enterprises, including government and educational organizations, are being warned to immediately update their WS_FTP Server, built by Progress Software, to fix serious flaws being actively exploited by attackers. Secure file transfer software remains a top target, especially for extortionists.
An August cyberattack on a national hospital chain may make medical care in underserved areas of Connecticut even harder to obtain now that a would-be buyer said it's having second thoughts about going through with the deal. The Rhysida group claimed responsibility for an attack on Prospect Medical.
Researchers discovered an undocumented backdoor being used by the North Korean Lazarus Group to target a Spanish aerospace company. The attacker masqueraded as a Meta recruiter and tricked the victim into downloading and executing malicious files on a company device.
CrowdStrike has joined forces with Amazon Web Services to familiarize itself with more Israeli cyber startups earlier in their development life cycle. The Cybersecurity Startup Accelerator will provide EMEA-based companies with mentorship, technical expertise and partnership opportunities.
Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero-day in the company's MOVEit file transfer software in a hacking campaign affecting tens of millions.
The NSA has set up a new organization to oversee artificial intelligence in national security systems. Dubbed the AI Security Center, the unit will consolidate the agency's AI activities and support the government's effort to "maintain its competitive edge in AI," said Army Gen. Paul Nakasone.
In our latest weekly update, ISMG editors discuss key takeaways from a forum on developing a strategy for OT security, guidance issued by the U.S. Food and Drug Administration on cybersecurity in medical devices, and how the acquisition of Splunk by Cisco might affect the cybersecurity industry.