Cybercrime | News, how-tos, features, reviews, and videos
Security experts warn of surge in malware targeting credentials stored in password vaults and managers as adversarial focus and tactics shift. ‘Like hitting the jackpot.’
The attacker deployed a variant of the PlugX cyberespionage toolset previously associated with Chinese APT groups against a small company that they then infected with the RA World ransomware and extorted for money.
The Cyber Monitoring Centre (CMC) aims to establish a ‘consistent and objective framework’ to provide clarity to enterprise insurance buyers.
Attackers from the Lazarus group used social engineering tactics to impersonate recruiters and gain access to systems in a well-coordinated campaign over several months.
The popular programming language has added a way to check for malware-laded packages.
A social engineering tactic that has been observed for several years has been seen once again exploiting employees by bombing them with spam email then posing as tech support on Teams.
The Salt Typhoon intrusion gives China a chance to exfiltrate massive amounts of data from most organizations, especially voice calls that can be stored for later use in deepfake campaigns.
IT teams should revisit PowerShell restrictions as an increasingly used click-and-fix technique has users self-serving fake system issues by invoking malicious PowerShell scripts themselves, reducing suspicion.
Microsoft’s Digital Defense Report offers new insights into a rising trend that sees lines blurring between cyberespionage and cybercriminal activity.
Increased pressures are putting CISOs in the hot seat, but should they bear all the blame when the inevitable comes?