Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority-rights and education.
Researchers with FortiGuard Labs have uncovered two samples of the Ekans ransomware strain that offer some additional insight into how the crypto-locking malware targets industrial control systems, according to a new report. Ekans, also known as Snake, was first spotted earlier this year.
Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could allow attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.
The operators behind an updated version of the FakeSpy malware are targeting Android devices using SMS phishing messages to spread the info stealer, according to Cybereason. The messages are designed to appear to come from postal and delivery services.
Since the start of the COVID-19 pandemic, the number of brute-force attacks targeting RDP connections has steadily increased, spiking to 100,000 incidents per day in April and May, according to the security firm ESET. These attacks pave the way for launching ransomware attacks and planting cryptominers.
Aleksey Burkov, who operated a site called "Cardplanet" that trafficked in stolen payment card data used to make millions of dollars in fraudulent purchases, has been sentenced to nine years in federal prison. His case also involved high-level negotiations between the U.S., Russia and Israel.
A recently uncovered cryptomining scheme used malicious Docker images to hide cryptocurrency mining code, according to an analysis from Palo Alto Networks' Unit 42.
A man from the state of Washington has been sentenced to 13 months in federal prison for his role in developing the Satori botnet, which was used to conduct several large-scale DDoS attacks. The Justice Department also unsealed indictments naming co-conspirators.
The U.S. Department of Justice unsealed a superseding indictment against WikiLeaks founder Julian Assange that expands the scope of the government's case against him. Federal prosecutors now allege that Assange conspired with the Anonymous and LulzSec groups to obtain classified information to publish.
The Sodinokibi ransomware gang is targeting point-of-sale payment device software after infecting networks with its crypto-locking malware, according to Symantec.
A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos. The analysts also found this campaign is using a previously unknown dropper called IndigoDrop to spread a weaponized version of Cobalt Strike.
Researchers at two security firms are tracking separate phishing campaigns that are targeting customers of Wells Fargo and Bank of America, according to reports. In each case, the fraudsters are attempting to steal users' credentials using various methods and lures.
Google has removed more than 70 malicious Chrome extensions after researchers with security firm Awake Security discovered the extensions could be used to steal users' credentials and security tokens.
Many ethical hackers and other security professionals, such as penetration testers, have weaponized cloud platforms to host online attack infrastructure or have used the platforms to conduct reconnaissance, according security researchers at Texas Tech University.
A cyberespionage campaign that targeted aerospace and defense firms in Europe and the Middle East likely was the work of a hacking group with ties to North Korea, according to security firm ESET. Attackers also attempted a BEC-style scheme.
Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.
