A new extortion scam uses the threat of reputational damage to persuade website owners to pay a ransom fee.
Researchers discovered a phishing scam that leverages a fake list of undelivered emails to trick users into clicking and offering up their login credentials.
Security researchers observed a new variant of XLoader masquerading as Android security apps and an iOS configuration profile to target mobile users.
Unauthorized individuals compromised and potentially exposed more than 350,000 Oregonians' protected health information (PHI) in a HIPAA breach.
A massive brute-force attack campaign used both legacy protocols and credential dumps to compromise cloud user accounts, according to security researchers.
Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.
Security researchers observed a Turkish-speaking group of cybercriminals using an Instagram hack to extort money, nude photos and other information from social media influencers.
Danna Pelleg's childhood curiosity, early technology education and compulsion to fight the bad guys led her to a career as a fraud specialist and security operations team lead at IBM Trusteer.
A new reverse proxy tool called Modlishka can easily automate phishing attacks and bypass two-factor authentication (2FA) — and it's available for download on GitHub.
A new phishing kit uses a custom web font to implement a substitution cipher in its campaign to target customers of a major U.S. bank.