Researchers have attributed six separate phishing campaigns targeting South Koreans in either 2017 or 2018 to a single threat actor called "Group123," including multiple operations designed to infect victims with the remote administration tool ROKRAT.
More than 5.3 million residents of North Carolina were victims of data breaches in 2017 - an escalating trend that has prompted state Attorney General Josh Stein (D) and state Rep. Jason Saine (R) to introduce newly proposed legislation to prevent further incidents and protect the public.
The Inspector General's initial review indicated that the names, Medicaid ID numbers, birth dates, diagnoses, Social Security numbers, addresses, and medical conditions of up to 30,000 recipients "were accessed in part or full."
An analysis of roughly 1,000 do-it-yourself phishing kits found that roughly a quarter of them double-cross the cybercriminals who implement them by secretly transmitting phished information to a third party who is most likely the kit's original developer.
Ever on the lookout for a new avenue of attack, cybercriminals had figured out a method of using Google App Scripts to automatically download malware hosted in Google drive to any computer.
A London court heard a case earlier this month in which one of Australia's richest people tried to recover $1 million scammed from him in a convoluted ruse that combined traditional phishing with the "Catfish" online phenomenon preying on lonely people looking for love.
Ransomware, phishing attacks and data loss are the three biggest issues that concern UK cybersecurity executives.
A large email scam centered on a fake Xero invoice was detected by the firm Mailguard, the second such campaign using the popular cloud-based accounting software this month.
Several new reports have surfaced detailing North Korean state interest in targeting and attacking cryptocurrency exchanges as a means of enriching itself.
Mecklenberg County officials reported additional progress restoring its systems following a ransomware attack earlier this month.
Six private schools have filed claims on their insurance in less than three months, as the result of cyberattacks.
The county spent at least $235,488 on responding and investigating the breach.
The spoofed emails are "virtually unstoppable," said the researcher who discovered the MailSploit vulnerabilities.
Cybercriminals used what was most likely a phishing attack to redirect the direct deposited pay checks of 36 Ann Arundel County school employees stealing about $57,000.
Malwarebytes researchers are warning IT workers seeking love online to beware "CatPhishing" scams which can leave entire companies devastated.
An attack campaign targeting Android users in Austria has been employing a unique trio of techniques to steal their funds: a credentials phishing web page, malicious banking app overlays, and credit card phishing screens.
The altered missive came from Campaign Chairman John Podesta's email. Podesta was netted in a phishing campaign.
Researchers from Palo Alto Networks have uncovered QtBot, an intermediate-stage downloader that helps to deliver the final payload in geography-based Locky-Trickbot malspam campaigns.
Malspam campaigns designed to spread the Ursnif banking trojan have been heavily targeting Japanese banks and payment card providers in 2017, especially since this past September, according to IBM's X-Force research.
The details of a phishing campaign currently being run in Switzerland that uses a tax dodge to entice its victims to open an attached file which will then download the Retefe banking trojan have been released by PhishMe.
A 32-year-old Chicago man is reportedly facing a maximum five years in prison after agreeing to plead guilty to hacking celebrities' Gmail and iCloud accounts in order to obtain their nude photos and videos.
The Department of Homeland Security (DHS) and the FBI issued a joint alert concerning an advanced persistent threat targeting the government and organizations in the energy, nuclear, water and manufacturing sectors.
The U.S. Department of Education issued a belated warning to the nation's school districts concerning cyberattacks that use threats of violence against students in an attempt to extort money from the district.
Microsoft's already battered Office 365 is once again being targeted, this time by KnockKnock, a botnet attack designed to specifically victimize the office productivity software suite.
Domino's Pizza Australia has disclosed that a data breach at one of its third-party suppliers may have resulted in a spam campaign aimed at customers of the restaurant and food delivery chain.
DHS Acting Secretary Elaine Duke, will release a binding order requiring agencies to comply with DMARC plan within 30 days and https within 120 days.