More than $30 million may have been stolen by French-speaking cybercrime operation Opera1er, also known as NXSMS, Desktop-Group, and Common Raven, from cyberattacks against banks, financial services organizations, mobile banking services, and telecommunications companies between 2019 and 2021, SecurityWeek reports.
BleepingComputer reports that the Emotet malware operation has launched new email campaigns spamming email addresses around the world, indicating the botnet's reemergence following a nearly five-month hiatus.
Popular international law firms including Deloitte, Monlex International, Dentons, and Sullivan & Cromwell have been impersonated by business email compromise group Crimson Kingsnake in "blind BEC attacks," which were initially detected in March, reports BleepingComputer.
In its fifth annual Psychology of Passwords survey, LastPass found that although 65% of the 3,750 respondents had some form of cybersecurity education, 62% almost always or mostly use the same or variation of a password.
The analysts at Cofense recently undertook a five-week experiment to see if they could gain insight into how scammers use gift cards in business email compromise attacks (BEC).
Lookout reported that 50% of the phishing attacks aimed at the mobile devices of federal, state and local government workers in 2021 sought to steal credentials — up from 30% a year ago.
Bad actors were able to raise eyebrows in security circles after accessing some of the code Dropbox stores in GitHub by bypassing multi-factor authentication (MFA).
Major U.S. home goods retailer Bed, Bath & Beyond has been impacted by a data breach stemming from a phishing attack against an employee, reports TechCrunch.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
