Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Cybersecurity is such a complex field that even the best-trained, best-equipped, and most experienced security managers will sometimes struggle to decide which of several paths to take. Let’s consider uncategorized web traffic, for instance. I define this broadly as traffic involving sites that aren’t yet classified, can’t be classified (because they’re newly created or they […]
Continue ReadingOrganizations worldwide pay ransomware fees instead of implementing solutions to protect themselves. The ransom is just the tip of the iceberg regarding the damage a ransomware attack can wreak. In this Help Net Security video, Gerasim Hovhannisyan, CEO at EasyDMARC, discusses how domain authentication tools such as DKIM, SPF, and DMARC can help mitigate risk […]
Continue ReadingHackers are diversifying attack methods, including a surge in QR code phishing campaigns, according to HP. From February 2022, Microsoft began blocking macros in Office files by default, making it harder for attackers to run malicious code. Data collected by the HP Threat Research team shows that from Q2 2022, attackers have been diversifying their […]
Continue ReadingUnpatched vulnerabilities are responsible for 60% of all data breaches. The Department of Homeland Security has estimated that the proportion of breaches stemming from unpatched flaws may be as high as 85%. Timely patching is an important aspect of managing vulnerabilities but is not always achievable in every circumstance. Indusface’s State of Application Security 2022 […]
Continue ReadingWhile massive public data breaches rightfully raise alarms, the spike in malware designed to exfiltrate data directly from devices and browsers is a key contributor to continued user exposure, according to SpyCloud. The 2023 report identified over 22 million unique devices infected by malware last year. Of the 721.5 million exposed credentials recovered by SpyCloud, […]
Continue ReadingThis week, as part of a global law enforcement operation, federal authorities in Los Angeles successfully confiscated www.worldwiredlabs.com, a domain utilized by cybercriminals to distribute the NetWire remote access trojan (RAT) allowed perpetrators to assume control of infected computers and extract a diverse range of sensitive information from their unsuspecting victims. “A RAT is a […]
Continue ReadingIn 2022, US financial institutions and the credit card sector lost an estimated $4.88 billion to synthetic identities through falsified deposit accounts and unsecured credit cards. That’s because legacy fraud prevention procedures often come up short in the effort to defend against this growing threat. As a result, increasingly sophisticated crime rings are using these […]
Continue ReadingIn a joint effort, the German Regional Police, Ukrainian National Police, Europol, Dutch Police, and FBI joined forces on February 28, 2023, to take down the masterminds behind a notorious criminal organization responsible for unleashing devastating cyberattacks using the DoppelPaymer ransomware. This ransomware appeared in 2019, when cybercriminals started using it to launch attacks against […]
Continue Reading92% of the most popular banking and financial services apps contain easy-to-extract secrets and vulnerabilities that can let attackers steal consumer data and finances, according to Approov. The Approov Mobile Threat Lab downloaded, decoded and scanned the top 200 financial services apps in the U.S., U.K., France and Germany from the Google Play Store, investigating […]
Continue ReadingApps, whether for communication, productivity or gaming, are one of the biggest threats to mobile security, according to McAfee. The end of 2022 saw the release of some game-changing applications such as OpenAI’s ChatGPT chatbot and DALL-E 2 image generator. These tools have provided powerful AI to the masses, which creates exciting opportunities for innovation […]
Continue Reading