Researchers have warned that the Keeper threat group is deploying Magecart code to launch increasingly sophisticated attacks against eCommerce sites across the world. The group was formed three years ago and has since compromised more than 570 sites ranging in nature from liquor stores to Apple product resellers. Now, researchers

According to researchers at email prevention company Agari, a new group of threat actors believed to be from Russia has elevated Business Email Compromise scams to a new level. Whereas most BEC attacks are from Nigerian actors who target companies of any size, this new Russian group named Cosmic Lynx

US prosecutors have indicted a prolific hacker allegedly behind a criminal enterprise that was selling backdoor access to hundreds of global organizations. The criminal operated under the name “fxmsp” and is a 37-year-old Kazakhstan citizen named Andrey Turchin. On Tuesday, the indictment was unsealed in the Western District of Washington.

Last week, government agencies released a warning about a high-threat vulnerability in a line of BIG-IP products sold by the company F5. The agencies advised security professionals to implement a released patch to protect devices from the exploit, which could allow attackers to fully take control of the networking equipment,

Security company Proofpoint has disclosed two new Microsoft exploits that have been coded into Purple Fox, which is an exploit kit that has evolved drastically over the past year. The new updates show that cybercriminals are investing in infection tools and putting time and energy into increasing their capabilities to

According to researchers at Kaspersky, 14.8 percent of Android users who were targeted with mobile malware or adware last year were left with permanent and undeletable files. This is called a system partition infection, and the undeletable files can range from trojans that can install and run apps without the

EDP Renewables North America (EDPR NA) confirmed that they had suffered a ransomware attack affecting its parent corporation’s systems. EDPR NA currently boasts 11,500 employees and delivers energy to over 11 million people, making it the world’s 4th largest producer of wind energy. EDP NA’s parent corporation is the Portuguese

V Shred, a US-based fitness company, suffered from a massive data breach due to a misconfigured Amazon database that left sensitive personal data and revealing photos of 100,000 customers open to the public. The S3 bucket contained over 1.3 million individual files, according to vpnMentor who discovered the leak on

According to researchers at Check Point security, remote code execution and information disclosure vulnerabilities in Apache Guacamole, an HTML5 web application, can pose a significant threat to users. Researchers found that the flaws can be leveraged by threat actors targeting enterprises. Apache Guacamole is used on a broad range of

Research released earlier today connects North Korean nation-state hacking group Lazarus to a campaign that lasted over a year and targeted payment card information of customers of large US and European based retailers. The group allegedly used legitimate websites to exfiltrate stolen credit card data from the companies, known as