Security researchers have uncovered more evidence that the North Korean Lazarus group is responsible for the software supply chain attack on 3CX, a voice and video calling desktop client used by major multinational companies. Tools and code samples match previous Lazarus hacks.
Hackers have used a modular toolkit called "AlienFox'" to compromise email and web hosting services at 18 companies. Distributed mainly by Telegram, the toolkit scripts are readily available in open sources such as GitHub, leading to constant adaptation and variation in the wild.
The parent company of subprime lender TitleMax says hackers made off the Social Security numbers and financial account information of up to nearly 5 million individuals. The company notified the FBI and "believes the incident has been contained." Hackers stole information over an 11 day period.
The U.S. Consumer Financial Protection Bureau is mulling over whether to reimburse consumers for online scams and fraud, but this regulatory change could lead to an increase in first-party fraud, cautioned Karen Boyer, senior vice president of financial crimes at M&T Bank.
A hacking group with apparent ties to Russia or Belarus has been using "simple yet effective attack techniques and tools" to gain access to multiple governments' email systems as part of apparent cyberespionage operations in support of Russia's invasion of Ukraine, researchers warn.
Credential harvesting attackers are taking advantage of a distributed file protocol to distribute customized phishing links. Because the system, the InterPlanetary File System, is designed to be resilient against content takedowns, scammers are using it to deliver phishing emails at scale.
A hacking incident at Australian non-bank lender Latitude Financial affected a far greater number of individuals than initially disclosed, the company said Monday. It now estimates that its mid-March cybersecurity incident affected 14 million people although it has just over 2.8 million customers.
Stung by the FBI's infiltration and takedown of the Hive ransomware group, other ransomware operators have been retooling their approaches to make their attacks more effective and operations tougher to disrupt, says Yelisey Bohuslavskiy, chief research officer at threat intelligence firm Red Sense.
Indian police busted six members of an alleged criminal gang that sold the personal data of 168 million Indian citizens, including defense personnel and government employees. Cyberabad Metropolitan Police Commissioner Stephen Raveendra called the operation a national security risk.
So far, the Clop ransomware group campaign using a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT, has compromised networks used by 130 different organizations. The gang has so far taken responsibility for over 50 hacks.
The alleged administrator of criminal online forum BreachForums may have thought he took steps to hide his real identity, but instead he left a trail of digital breadcrumbs that led to his arrest and prosecution, shows information unsealed in federal court.
In the latest weekly update, ISMG editors discuss how Russia's invasion of Ukraine upended the cybercrime ecosystem, a lawsuit against a U.S. cardiovascular clinic that seeks a long list of security improvements, and the latest endpoint protection technology trends in the Gartner Magic Quadrant.
Threats that traditionally menaced other industries - including synthetic accounts and abuse of IT product platforms - are emerging worries for the healthcare sector, warns an industry report. Other experts also predict a similar evolution among criminal activities affecting the healthcare sector.
EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.