Collaborate Disseminate
Researchers at Cofense say the operators behind the Emotet botnet “have upped their game” for 2022’s tax season.
The post Emotet’s tax-season phishing is back with new tricks appeared first on CyberScoop.
Continue reading Emotet’s tax-season phishing is back with new tricks
The acquisition of Attivo Networks “is a natural platform progression” for SentinelOne, said COO Nicholas Warner.
The post SentinelOne to acquire identity security firm Attivo Networks for $616.5M appeared first on CyberScoop.
Continue reading SentinelOne to acquire identity security firm Attivo Networks for $616.5M
The Federal Office for Information Security, or BSI, did not accuse Kaspersky of any specific violations of customers’ trust.
The post German government issues warning about Kaspersky products appeared first on CyberScoop.
Continue reading German government issues warning about Kaspersky products
Researchers at Avanan have found evidence of a phishing campaign that involves whited-out text intended to trick email security filters.
The post A basic text-color trick can fool phishing filters appeared first on CyberScoop.
Continue reading A basic text-color trick can fool phishing filters
The White House says the executive order “the first ever, whole-of-government approach” to cryptocurrencies and other digital assets.
The post Biden prepares executive order on digital assets, including security measures appeared first on CyberScoop.
Continue reading Biden prepares executive order on digital assets, including security measures
As banks and other financial institutions work to honor the U.S. sanctions against Russia and monitor for efforts to evade them, the feds are warning that ransomware proceeds could be in the mix. The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued guidance this week on the responsibility that private institutions have for detecting “sanctions evasion activity” and reporting it under the Bank Secrecy Act and other laws. The alert comes as federal lawmakers have expressed concern about the use of crypto to evade sanctions, and Bloomberg is reporting that the Biden administration is preparing an executive order on the topic this week. At least one big player in the cryptocurrency industry, the trading platform Coinbase, already has expressed a commitment to supporting sanctions from the U.S. and other nations looking to punish Russia for its invasion of Ukraine. Coinbase said it had blocked 25,000 accounts linked to Russian people […]
The post FinCEN warns ransomware proceeds could be part of Russia sanctions evasion appeared first on CyberScoop.
Continue reading FinCEN warns ransomware proceeds could be part of Russia sanctions evasion
Mandiant, one of the cybersecurity industry’s marquee names in threat intelligence and incident response, is being acquired by Google, the two companies said Tuesday. Google has a “definitive agreement” for an all-cash transaction worth about $5.4 billion, the tech giant said in a news release. Mandiant will join the Google Cloud unit, specifically, with the goal of boosting its security offerings, the companies said. “Cyber security is a mission, and we believe it’s one of the most important of our generation. Google Cloud shares our mission-driven culture to bring security to every organization,” Mandiant CEO Kevin Mandia said in a separate news release. The Google deal isn’t a total surprise, but it wasn’t exactly the acquisition news that many were watching for. Reports in February had said Microsoft was in talks to buy Mandiant. The Google deal represents another high-profile cybersecurity acquisition in an industry already active with such deals. […]
The post Google has ‘definitive agreement’ to buy Mandiant for $5.4B appeared first on CyberScoop.
Continue reading Google has ‘definitive agreement’ to buy Mandiant for $5.4B
The top law enforcement officials from multiple states are alerting people affected by an August 2021 breach at T-Mobile that their personal data might be circulating in cybercrime forums online. “Information stolen in a massive data breach has fallen into the wrong hands and is circulating on the dark web,” New York Attorney General Letitia James said Wednesday in a news release. Officials from California, Florida and several other states issued similar warnings. The T-Mobile breach involved the data of tens of millions of current, former or potential customers who had applied for credit with the wireless company. The stolen data is attractive for identity theft and other financial crimes. The hacker who claimed responsibility for the breach told The Wall Street Journal in August that T-Mobile’s security was “awful.” Law enforcement agencies from multiple states are investigating the breach. In some cases, the hacker accessed people’s names, dates of […]
The post Personal data from T-Mobile breach still spreading on dark web, state governments warn appeared first on CyberScoop.
A backdoor in use as recently as November 2021 is the “most advanced piece of malware” ever seen from China-linked spies, according to researchers at Symantec. The cybersecurity company said Monday that the backdoor, dubbed Daxin, is part of “a long-running espionage campaign against select governments and other critical infrastructure targets,” most of them being of strategic interest to China. The malware “appears to be optimized for use against hardened targets, allowing the attackers to burrow deep into a target’s network and exfiltrate data without raising suspicions,” the researchers said. “This isn’t really comparable to any other strains of China-linked malware in our opinion. It’s on another level,” Dick O’Brien, principal editor for the Symantec Threat Intelligence Team, told CyberScoop. “It would be near the same level as malware we’ve seen attributed to Western powers, but maybe not as well put together.” Symantec, part of Broadcomm Software, said it worked […]
The post ‘Most advanced’ China-linked backdoor ever, Daxin, raises alarms for cyber-espionage investigators appeared first on CyberScoop.
Toyota said Monday that it was suspending operations at all 14 of its plants in Japan after a domestic supplier of parts, Kojima Industries Corp., was hit by a suspected cyberattack. Toyota described it as a “system failure” at Kojima in a short statement posted online. A Kojima spokesperson told ABC News that the company was working to fix the problem, which essentially blocked the company’s computers from communicating with Toyota. “We are not sure yet if it is a cyberattack, but we suspect it might be one,” the spokesperson said. As of Monday morning, U.S. Eastern time, Kojima’s website was unreachable. There was no information available about the suspected attackers or their methods. The incident comes as corporations and governments in Japan, the U.S. and Europe are on guard for potential Russian cyberattacks related to the clampdown on Russia’s financial system in response to its invasion of Ukraine. Reuters […]
The post Suspected cyberattack on parts supplier forces Toyota to shut down Japan plants appeared first on CyberScoop.
Continue reading Suspected cyberattack on parts supplier forces Toyota to shut down Japan plants