Security researchers observed a new variant of XLoader masquerading as Android security apps and an iOS configuration profile to target mobile users.
Unauthorized individuals compromised and potentially exposed more than 350,000 Oregonians' protected health information (PHI) in a HIPAA breach.
A massive brute-force attack campaign used both legacy protocols and credential dumps to compromise cloud user accounts, according to security researchers.
Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.
Security researchers observed a Turkish-speaking group of cybercriminals using an Instagram hack to extort money, nude photos and other information from social media influencers.
Danna Pelleg's childhood curiosity, early technology education and compulsion to fight the bad guys led her to a career as a fraud specialist and security operations team lead at IBM Trusteer.
A new reverse proxy tool called Modlishka can easily automate phishing attacks and bypass two-factor authentication (2FA) — and it's available for download on GitHub.
A new phishing kit uses a custom web font to implement a substitution cipher in its campaign to target customers of a major U.S. bank.
A new phone-based phishing scam reveals how fraudsters are devising more sophisticated schemes to prey on Apple device users.
Microsoft Windows Defender Research discovered an attack campaign that utilized spear phishing emails impersonating U.S. Department of State employees to gain remote access to victims' machines.