Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Attackers used social engineering to access third-party business apps and steal patient information
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers used social engineering to access third-party business apps and steal patient information
Coming in cold with custom Snow malware A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and helpdesk staff impersonation - is also using custom malware in its data-stealing attacks, according to Google's Threat Intelligence Group.…
Social engineering: 'low-cost, hard to patch, and scales well' North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social engineering and a fake Zoom software update to trick people into manually running malware on their own computers, according to Microsoft.…
Attackers using social engineering to exploit business processes, rather than tunnelling in via tech Exclusive When fraudsters go after people's paychecks, "every employee on earth becomes a target," according to Binary Defense security sleuth John Dwyer.…
'The greatest concern is with spear phishing and social engineering' Interview Now that criminals have realized there's no need to train their own LLMs for any nefarious purposes - it's much cheaper and easier to steal credentials and then jailbreak existing ones - the threat of a large-scale supply chain attack using generative AI becomes more real.…
Just one victim milked of nearly a quarter of a billion bucks Two individuals are in cuffs and facing serious charges in connection to a major theft of cryptocurrency worth more than $230 million from a single victim.…
Feds warn of 'highly tailored, difficult-to-detect social engineering campaigns' The FBI has warned that North Korean operatives are plotting "complex and elaborate" social engineering attacks against employees of decentralized finance (DeFi) organizations, as part of ongoing efforts to steal cryptocurrency.…
Anydesk is its access tool of choice A new extortion gang called Mad Liberator uses social engineering and the remote-access tool Anydesk to steal organizations' data and then demand a ransom payment, according to Sophos X-Ops.…
Hacking your way in is so 2022 – logging in is much easier Identity-related threats pose an increasing risk to those protecting networks because attackers – ranging from financially motivated crime gangs and nation-state backed crews – increasingly prefer to log in using stolen credentials instead of exploiting vulnerabilities or social engineering.…
Ongoing investigation found evidence of stolen employee creds and social engineering Nine days after issuing a vaguely worded warning about a possible cyber security incident, web tracking and analytics outfit New Relic has revealed a two-front attack.…
Staff socially engineered into handing over internal system credentials Mailchimp has confirmed a miscreant gained access to one of its internal tools and used it to steal data belonging to 100-plus high-value customers.…