The top U.S. cybersecurity agency says it is testing how to scan critical infrastructure organizations to detect vulnerabilities ransomware hackers can exploit in a bid to have the flaws patched before extortionists also discover them. The Ransomware Vulnerability Warning Pilot started on Jan. 30.
Cybersecurity researchers say they are almost certain they have spotted traces of the advanced persistent threat group Dark Pink, which recently emerged, now apparently attacking victims with a newly improved obfuscation routine to evade anti-malware measures.
Hackers disrupted medical care at a major Barcelona hospital, found out the wireless plans of 9 million AT&T users and stole data of almost 140,000 Hatch Bank customers. Patrons of Chick-fil-A got a nasty surprise. Plus, a breach hit Acer and another one affected members of the U.S. Congress.
Play ransomware hackers attempting to extort the San Francisco Bay Area city of Oakland dumped 10 gigabytes of stolen information over the weekend and threatened that more dumps may come. Researchers have spotted similarities between the Play, Hive and Nokoyawa ransomware groups.
The situation at LastPass keeps getting worse: The company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
An assessment of online shopping cart software used by e-commerce sites performed by the German cybersecurity agency found a slew of vulnerabilities, including code so old it's no longer supported as well as vulnerable JavaScript libraries. Germany has one of Europe's largest e-commerce markets.
Russian hackers breached and modified several Ukrainian state websites on Thursday morning using a backdoor planted nearly two years ago. Ukraine identified the hackers as belonging to a group tracked as UAC-0056, also known as SaintBear, UNC2589 and TA471.
A Russian national accused by U.S. federal prosecutors of developing an application for decrypting login credentials pleaded not guilty during a first appearance in Tampa federal court. The man, Dariy Pankov, faces seven criminal counts, including conspiracy, access device fraud and computer fraud.
In this week's roundup of cybersecurity incidents happening around the world, ISMG looks at incidents affecting the maker of the video game Call of Duty, Scandinavian Airlines, renowned fruit and vegetable giant Dole, Australian software maker Atlassian, and Russian broadcast company VGTRK.
In a new report, tech giant Microsoft says distributed denial-of-service attacks became shorter in duration but more potent in 2022. The United States, India and East Asia were the top regions affected by DDoS attacks, and IoT devices continued to be the preferred mode of attack.
In the wake of recent cyberthreats aimed at Australia's critical infrastructure, the country has adopted a new risk management program to strengthen its resilience and security in these key sectors. The new rules will help businesses prepare for, prevent and mitigate emerging threats.
Twitter says it will turn off SMS second-factor authentication for all but paying customers starting March 20 in a decision provoking concerns that many customers will be less secure than before. Twitter says 2.6% of active Twitter accounts have activated second-factor authentication.
Nearly a year after Russia's invasion began, Ukraine's top cybersecurity response center says the number of registered cyber incidents has increased threefold and malware attacks have been the predominant force in the increase. Overall, Ukraine identified 181 million "suspicious" events in 2022.
Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok. The "Kia Challenge" went viral in mid-2022 after users discovered how to steal certain cars using a screwdriver and a male USB Type A connector.
A cryptocurrency service that North Korean hackers used to launder stolen funds and that was sanctioned by the U.S. Department of the Treasury appears to have resumed as "Sinbad." It has laundered almost $100 million in bitcoin from hacks by Lazarus Group, says blockchain analysis firm Elliptic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.