The credit repair industry plays a pivotal role in propelling the latest synthetic ID tactics, which are being used to commit multiple types of account fraud. Two experts shared their insights on why fraudsters are more likely to abuse deposit bank accounts than credit cards these days.
Security researchers linked a surveillance toolkit called LightSpy to Chinese threat group APT41, which has a history of using surveillance malware on iOS and Android devices. The group used spam messages to convince users download a malicious WeChat application.
Palo Alto Networks remains a leader in Forrester's zero trust platform rankings while Microsoft and Check Point entered the leaders category for the first time. Vendors in the zero trust platform space ditched point products and pursued organic investments or M&A to create a broader offering.
Ransomware hackers are using a critical flaw in a DevOps tool days developer JetBrains issued a critical security update to patch its TeamCity build management and continuous integration server. Servers such as TeamCity are high-value targets since they manage source code, keys and secrets.
French lawmakers on Wednesday will mull limits on virtual private networks as part of an anti-cybercrime measure that would also require web browsers to notify users when they access websites listed on a government blacklist. The bill, widely known as SREN, passed the French Senate in June.
Ransomware-as-a-service gang Alphv/BlackCat claims to have stolen 6 terabytes of data on 2.5 million patients in a recent attack on Michigan-based McLaren Health Care, which operates 13 hospitals and a network of cancer centers. The incident is part of the group's rash of recent attacks.
In the past year alone, investigators have received a staggering 30 million reports of online child sexual exploitation globally. It's time to harness emerging technologies such as AI and create new legal frameworks to fight against these criminal acts, said Guillermo Galarza of the ICMEC.
The head of a key European Parliament committee said he's concerned about media reports suggesting that a proposal mandating that instant messenger apps scan for CSAM was crafted under the influence of an American tech foundation and a nonprofit with ties the British and U.S. government.
The private equity arm of former Secretary of Homeland Security Michael Chertoff's advisory firm agreed to purchase MDR vendor Trustwave for $205 million. The deal will allow Singtel to refocus its business in APAC and boost shareholder value by optimizing resource allocation.
Large enterprises, including government and educational organizations, are being warned to immediately update their WS_FTP Server, built by Progress Software, to fix serious flaws being actively exploited by attackers. Secure file transfer software remains a top target, especially for extortionists.
Detecting, prioritizing and remediating open source software supply chain vulnerabilities can be challenging. CISOs can build robust strategies by having near real-time visibility of all their hybrid assets and performing remediation engineering at scale, said Qualys' Debashish Jyotiprakash.
An August cyberattack on a national hospital chain may make medical care in underserved areas of Connecticut even harder to obtain now that a would-be buyer said it's having second thoughts about going through with the deal. The Rhysida group claimed responsibility for an attack on Prospect Medical.
Researchers discovered an undocumented backdoor being used by the North Korean Lazarus Group to target a Spanish aerospace company. The attacker masqueraded as a Meta recruiter and tricked the victim into downloading and executing malicious files on a company device.
CrowdStrike has joined forces with Amazon Web Services to familiarize itself with more Israeli cyber startups earlier in their development life cycle. The Cybersecurity Startup Accelerator will provide EMEA-based companies with mentorship, technical expertise and partnership opportunities.
Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero-day in the company's MOVEit file transfer software in a hacking campaign affecting tens of millions.