Two years after it was last seen in February 2018, a new version of the ZLoader banking malware has resurfaced, with cybercriminals distributing the malware through email campaigns, according to security firm Proofpoint.
Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices. Attackers can turn NetSupport into a remote access Trojan, or RAT.
Some fraudsters waging phishing campaigns are using fake websites hosted on Google's Firebase Storage service in an attempt to harvest credentials, according to Trustwave, which notes the phishing emails contain links to the service to make them look more credible.
Apple and Google have released new APIs designed to support contact-tracing apps being developed by governments to help combat the COVID-19 pandemic. Already at least three U.S. states and 22 countries have expressed interest in using the APIs to build their apps.
Bank of America disclosed this week that some customers' data may have been exposed during the uploading of loan applications related to the Paycheck Protection Program - a U.S. government initiative created to provide business loans during the COVID-19 pandemic.
The massive shift to remote working as a result of the COVID-19 pandemic means more organizations are adopting the "zero trust" model, taking such steps as implementing proper access controls, monitoring user behavior and building data governance policies.
Attacks targeting cloud-based data nearly doubled in 2019 as companies shifted more of their valuable information off-premises and misconfigurations and other issues made it more vulnerable, according to the 2020 Verizon Data Breach Investigations Report. Observers expect the trend to continue this year.
The U.S. Treasury's Financial Crimes Enforcement Network is alerting financial institutions about surging COVID-19 themed scams and other "illicit activities," ranging from fraud involving the sale of fake cures, tests and vaccines to price gouging for supplies.
Business and security leaders accept that a hybrid workforce is the new norm - some staff members based in a central office and many others permanently working at home. But what new cybersecurity demands does this strategy present short-term and into 2021? Our expert panel shares insights.
European budget airline EasyJet says it suffered a data breach that exposed 9 million customers' personal details. While no passport details were exposed, the company's ongoing investigation has also found that attackers "accessed" a small number - just 2,208 - of customers' payment card details.
As COVID-19 rages and technology firms race to develop contact-tracing apps and other digital tools to help contain the spread, congressional Democrats have followed Republicans in introducing privacy legislation aimed at protecting consumer data collected during public health emergencies.
More ransomware-wielding gangs are not just crypto-locking victims' systems, but also stealing and threatening to leak data unless they get their demanded bitcoin ransom payoff. A growing number of security experts believe the strategy is leading more victims to pay.
Organizations must carefully re-examine their security procedures to make sure they're adequate for the new work-from-home environment during the COVID-19 crisis, says Shelton Newsham, a British law enforcement official who specializes in cybersecurity. He reviews key questions to ask.
Australia's Parliament passed a new law on Thursday to deal with a range of legal and privacy concerns arising from its quickly developed contact-tracing app, COVIDSafe. Misusing data and other offenses could garner a five-year prison sentence.