Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
ScarCruft, a Korean-speaking APT group that has been targeting organizations mainly in Southeast Asia over the past three years, is developing new malware that targets Bluetooth-enabled devices, according to Kaspersky Lab.
Facebook is warning users of its WhatsApp messaging app to update immediately to fix a flaw that is being used to remotely install Pegasus surveillance software from Israel's NSO Group. WhatsApp says a "select number" of targets were hit by the attacks, which it has blamed on "an advanced cyber actor."
Security awareness training helps educate organizations and prepare its people to defend against today's most threatening cyberattacks. But, sometimes well-intentioned strategies can have unintended consequences. Leveraging a "one-size-fits-all" solution may work for maintaining compliance, but what happens when a...
The modern data centre is increasingly a heterogeneous mix of environments and technologies that combine physical servers, virtual machines and containers in on-premises facilities, private clouds and public cloud IaaS providers. Organizations are constantly shifting data and workloads among them as traffic levels and...
To advance at the pace of innovation, your enterprise has to embrace the latest security methodologies without adding unnecessary complexity or risk. Learning micro-segmentation best practices will help you choose the right path for security for your business and allow you to successfully implement a project that will...
With IT environments more complex and dynamic than ever, micro-segmentation is the clear choice for isolating communication flows and hardening your security posture. The right provider should help you accurately visualise and map all of your application flows and dependencies and then enable micro-segmentation...
With an ever-growing threat surface, in order to protect our most valuable assets, it is critical that approaches to risk mitigation are both effective and appropriate. This means looking beyond simply the protection of our organisations and towards true cyber resilience.
This session will cover some key...
For the first time, members of the secretive "Five Eyes" intelligence-sharing group will make a joint public appearance to discuss how they collaborate, sharing a stage in Glasgow, Scotland, during the CyberUK conference. The Five Eyes alliance comprises Australia, Canada, New Zealand, the U.K. and U.S.
Security researcher Zammis Clark, who pleaded guilty to hacking Microsoft - with an accomplice - and later Nintendo, as well as stealing data and uploading malware to Microsoft's network, has received a suspended sentence.
A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.
Life after WannaCry and NotPetya: Europol, the EU's law enforcement intelligence agency, wants member states to be able to rapidly respond to the next big cyberattack against Europe. But with warnings of ongoing Russian election interference campaigns, the next big attack may already be underway.
Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
The notorious carder site Joker's Stash is featuring a fresh batch of Pakistani banks' payment card data with an estimated street value of $3.5 million. Nearly all of the 70,000 bank cards are advertised as being from Meezan Bank, the country's largest Islamic bank, Group-IB reports.