As the value of cryptocurrency has plummeted, so too have the number of cryptomining infections being seen in the wild, reports security firm Malwarebytes. Taking its place, however, are criminals wielding advanced malware such as Emotet and Trickbot.
The U.S. Department of Homeland Security says executive branch agencies are being targeted by attacks aimed at modifying Domain Name System records, which are critical for locating websites and services. The warning comes as security companies have noticed a rise in DNS attacks.
France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation. The country's data regulator says Google doesn't inform users in a clear way how their data is being collected and processed for targeted advertising.
Fresh strains of ransomware are being distributed by attackers who gain remote access to organizations' networks to infect them with Phobos, as well as via cracked-software sites that share adware installers inside which STOP ransomware has been hidden.
As part of its ongoing push toward cashless payments, India is taking steps to ramp up the use of contactless payments, which are already becoming more common in Japan, South Korea, Australia, the U.K. and the U.S. What can be done to balance security vs. convenience?
GDPR has been in effect since May 2018, but organizations are still waiting to see what impact it will have on the costs organizations might face from breach cleanup, investigations, sanctions and class action lawsuits, says Ian Thornton-Trump of the financial services firm AMTrust International.
The U.S. Federal Trade Commission is close to concluding its investigation into Facebook over the Cambridge Analytica scandal, the Washington Post reports, noting that the social network may face a record-setting fine, exceeding the $22.5 million fine the FTC in 2012 slammed on Google.
Banks in West Africa have been targeted by at least four hacking campaigns since mid-2017, with online attackers wielding commoditized attack tools and "living off the land" tactics to disguise their efforts, Symantec warns.
Threat intelligence sharing is all about trust, speed and context. And yet many enterprise intel programs lack one or more of those qualities. Jon Clay of Trend Micro discusses what it takes to stand up a customized threat intelligence program.
Cybercrime outfits appeared to take a vacation around the December holidays. But attacks involving Emotet, Hancitor and Trickbot have resurged following their December slowdown, as has the Fallout exploit kit, lately serving GandCrab ransomware.
Facebook has removed hundreds of accounts, alleging that the account creators misrepresented their identity. The social network alleges that some of the accounts were surreptitiously created by employees of the state-owned Sputnik news agency in Moscow, which Sputnik disputes.
Venture capitalists invested $5.3 billion in cybersecurity companies in 2018, about 20 percent more than in 2017 and twice as much as 2016, according to research from Strategic Cyber Ventures. What's ahead for 2019 and beyond?
Leading the latest edition of the ISMG Security Report is an in-depth look at why ransomware remains a pervasive threat and how it's evolving. Also featured: updates on venture capital investments in cybersecurity and a study of vulnerabilities in industrial remotes.
How can healthcare organizations better address the many challenges they face involving the security of legacy medical devices? Device security specialist Ben Ransford offers insights on critical steps that can help reduce the risks.
Airline booking system provider Amadeus - whose system is used by 500 airlines - is investigating a software vulnerability that exposed passenger name records, which is the bundle of personal and travel data that gets collected when booking a flight.