Security News

The choice of Tampa for his trial was because a known victim of one of his "NetWalker" ransomware attacks is based there. The NetWalker Ransomware was a specific type of malicious software that was used to compromise and restrict access to a victim's computer network in an effort to extort a ransom.

Resecurity, Inc. has identified a spike in phishing content delivered via Azure Front Door, a cloud CDN service provided by Microsoft. According to experts, such tactics confirm how the bad actors are continuously looking to enhance their tactics and procedures to avoid phishing detection using world-known cloud services.

The Dark Web is a small portion of the Internet, but it concentrates many cybercriminals and threat actors who generally exchange ideas, thoughts, tips, tricks and experience through hidden forums. Many of these cybercriminals also sell various goods and services; Privacy Affairs has published a new report about the average prices of those services in 2022.

These days, cybercriminals are living off the cloud, according to Katie Nickels, director of intelligence for Red Canary and a SANS Certified Instructor. "It's not enough to pay attention to the operating systems, the endpoints, said Nickels, speaking on a SANS Institute panel about the most dangerous new attack techniques at RSA Conference."Adversaries, a lot of their intrusions, are using cloud services of different types.

A cybercriminal stole 1 million Facebook account credentials over 4 months. As phishing attacks continue to be a go-to for threat actors, one scam found that a user had stolen a million Facebook account credentials over a span of just four months.

Single factor authentication has been the standard for many years on Internet-facing services, but it clearly lacks security. While 2FA drastically increases the security of Internet services, it can still be bypassed by some methods.

Rather than the typical ransom request for data restoration that has become commonplace, criminals are increasingly expanding their radius. Secondhand victims, including dental practices and insurance providers, could be potential targets based on the data obtained in the primary ransomware attack.

Top executives and their families are increasingly being targeted on their personal devices and home networks, as sophisticated threat actors look for new ways to bypass corporate security and get direct access to highly sensitive data. In this video for Help Net Security, Chris Pierson, CEO at BlackCloak, shares on these issues and emerging areas of risk for executives.

A new report from the FBI raises warnings about a credential theft threat targeting academic partners of identified US colleges and universities. These credential stuffing attacks are particularly concerning, because once an attacker is in possession of one login credential, he might run tools like OpenBullet to automatically check if they are valid for dozens or hundreds of other websites.

Credit card skimming is a technique that consists of using malicious code installed on compromised merchant websites to steal credit card information sent by the website's customers when they complete online payments. Once the attacker has access to the website's content, they need to add malicious code to steal the credit card information provided by the unsuspecting customers.