Image What's happened? Researchers at Abnormal have discovered the latest evolution in call-back phishing campaigns. Call-back phishing? Traditional phishing emails might contain a malicious link or attachment, and lure recipients into clicking on them via social engineering techniques. Call-back phishing dupes unsuspecting...

Image A malicious hacking group, thought to have been operating since at least 2013, may have suffered a significant blow after the arrest of a suspected leading member by Spanish police late last week. Spain's National Police arrested a Venezuelan man in Alicante on Thursday, in the belief that he is connected to the Kelvin Security...

Image What's going on? A cybercriminal group calling itself BlackSuit has claimed responsibility for a series of ransomware attacks, including breaches at schools in central Georgia. And earlier in the year, a zoo in Tampa Bay was targeted by the same hacking gang. Meanwhile, liberal arts college DePauw University in Indiana says...

Image Once again, companies are being warned to be wary of past employees who may turn rogue. 28-year-old Andrew Mahn, of Derry, New Hampshire, has pleaded guilty to charges that he illegally hacked the network of his former company, telecoms firm Motorola after he successfully tricked current staff into handing over their login...

Image US authorities have seized almost $9 million worth of cryptocurrency linked to a gang engaged in cryptocurrency investment fraud and romance scams. The US Department of Justice has announced that the seized funds are connected to cryptocurrency wallet addresses alleged to be associated with a "pig butchering" gang that has...

Image What's the deal with CherryBlos? CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos. Wait. I've heard of hackers stealing photos before, but what do you mean by malware stealing cryptocurrency via my photos? How does it do that? Well...

Image It doesn't matter if you have a smartphone, a tablet, a laptop, or a desktop computer. Whatever your computing device of choice, you don't want it impacted by malware. And although many of us are familiar with the concept of protecting our PCs and laptops with security software that aims to identify attacks in real-time, it's...

Image Job hunters should be on their guard. Researchers at security firm WithSecure have described how fake job opportunities are being posted on LinkedIn with the intent of spreading malware. A Vietnamese cybercrime gang is being blamed for a malware campaign that has seen bogus adverts posted on LinkedIn, pretending to be related...

Image A former US Navy IT manager has been sentenced to five years and five months in prison after illegally hacking a database containing personally identifiable information (PII) and selling it on the dark web. 32-year-old Marquis Cooper, of Selma, California, was a chief petty officer in the US Navy's Seventh Fleet when he opened...

Image Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning, which was issued by the FBI yesterday and is directed towards...

Image A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many...

Image It's nothing new for cybercriminals to use sneaky HTML tricks in their attempt to infect computers or dupe unsuspecting recipients into clicking on phishing links. Spammers have been using a wide variety of tricks for years in an attempt to get their marketing messages past anti-spam filters and in front of human eyeballs. It...

Image What's happened? The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Snatch? As in the movie from twenty odd years ago? I'm not sure I've heard of Snatch before... Maybe you haven't. They don't have...

Image What's happened? CISA, the United States's Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part of a zero-click attack to install spyware from the notorious NSO Group. A "zero-click attack"? That's an attack that doesn't require...

Image A Texas court has heard how last month a gang of men used a Raspberry Pi device to steal thousands of dollars from ATMs. According to local media reports, three men were arrested in Lubbock, Texas, after attempting to steal "large sums of US currency" from ATMs. The men - 38-year-old Abel Valdes, 41-year-old Yordanesz Sanchez,...

Image In an era of escalating financial crimes, the spotlight shines brightly on the rising concerns in the realm of cybersecurity. According to a recent survey, a staggering 68% of UK risk experts anticipate a surge in financial crime risks over the next year. These apprehensions echo globally, with 69% of executives and risk...

Image Security researchers have identified that a widespread LinkedIn malicious hacking campaign has seen many users locked out of their accounts worldwide. Some users who have had their access to their LinkedIn accounts blocked by the cybercriminals changing their passwords have been pressured into paying a ransom, according to a...

Image What is Rhysida? Rhysida is a Windows-based ransomware operation that has come to prominence since May 2023, after being linked to a series of high profile cyber attacks in Western Europe, North and South America, and Australia. The group appears to have links to the notorious Vice Society ransomware gang. What kind of...

Image Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. The analysis, by Comparitech, looked at 478 confirmed ransomware attacks on manufacturing companies between 2018 and July 2023, in an attempt to determine their true cost. Whereas many...

Image New rules requiring publicly-listed firms to disclose serious cybersecurity incidents within four days have been adopted by the US Securities and Exchange Commission (SEC). The tough new rules, although undoubtedly well-intentioned, are likely to leave some firms angry that they are being "micromanaged" and - it is argued -...