Security News

A massive phishing campaign has been targeting Office 365 users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor authentication set up to protect the accounts. The attackers use proxy servers and phishing websites to steal users' password and session cookie.

PCI DSS is a global standard that provides a baseline of technical and operational requirements designed to protect account data. This Help Net Security video introduces the most important PCI DSS 4.0 changes.

Maastricht University, a Dutch university with more than 22,000 students, said last week that it had recovered the ransom paid after a ransomware attack that hit its network in December 2019. One week later, on December 30, the university decided to pay the ransom to have its files decrypted after deciding that rebuilding all infected systems from scratch or creating a decryptor were not viable options.

A massive Rogers outage is causing widespread disruption in Canada due to lack of mobile service, inability to process payment card transactions, and impacting 911 emergency services. According to DownDetector, the outage started at around 5 AM EST, with customers suddenly unable to make phone calls or connect to the Internet.

The Netherlands' Maastricht University has managed to recoup the Bitcoin ransom it paid to ransomware scum in 2019 - and has made a tidy profit on the deal. The University explained that in 2019 it suffered a ransomware attack that prevented staff and students from accessing research data, email, or library resources.

LockBit ransomware gang promises bounty payment for personal data. In a new twist on the ransomware game, the LockBit cybercrime group has launched a bug bounty program promising money to people willing to share sensitive data that can be exploited in ransomware attacks.

A clipper malware is a piece of software that once running on a computer will constantly check the content of the user's clipboard and look for cryptocurrency wallets. This way, if an unsuspecting user uses any interface to send a cryptocurrency payment to a wallet, which is generally done by copying and pasting a legitimate destination wallet, it gets replaced by the fraudulent one.

Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware.

Noting that banking fraud continues to rise, the data-driven research study found a 41% increase in attempted fraud over a similar evaluation conducted the year before by its data scientists. Data scientists and fraud subject matter experts compiled anonymized data secured from a subset of its total monitored transactions, including both online and offline payments channels that covered ACH, wires, checks, card purchases, and P2P transactions.

Two stunning deepfakes that have been broadly covered include a deepfake of Tom Cruise, birthed into the world by Chris Ume and Miles Fisher, and deepfake young Luke Skywalker, created by Shamook and Graham Hamilton, in a recent episode of "The Book of Boba Fett.". Without a similar bone structure and the subject's trademark movements and turns of phrase, even today's most advanced AI would be hard-pressed to make the deepfake perform credibly.