Emerging threats

Also known as “executive phishing,” whaling attacks are something high-level executives and digital citizens alike should be aware of. Consider this your go-to guide about what is whaling, plus whaling protection tips.

A distributed denial-of-service attack is one of the most powerful weapons on the internet. A DDoS attack is a cyberattack on a server, service, website, or network that floods it with Internet traffic. The aim is to overwhelm the website or service with more traffic than the server or network can accommodate.

What are data loss prevention tools you can use to protect your network? Read further to educate yourself on some DLP best practices and level up your cybersecurity as a whole.

An overview of what is a smurf attack, the parts that play into smurfing, how it results in DDoS attacks, plus pointers for smurf attack prevention

What are data loss prevention tools you can use to protect your network? Read further to educate yourself on some DLP best practices and level up your cybersecurity as a whole.

VPNFilter malware targets over 500,000 routers. Here's how to help protect yourself.

Data breaches, ransomware attacks, cryptojacking, threats to your connected devices all contribute to new rounds of cyber security facts, figures, and statistics. Do you find it hard to keep up? Let’s cherry-pick 10 cyber safety facts to help give you the big picture.

Holiday cybercrime statistics are hard to break out, but it’s fair to say some cybercrimes are known to appear around holidays. Here’s what you need to know.

Learn what to do after 5 types of data breaches. Find out how to help protect yourself against possible identity theft.

A guide covering just what is credential stuffing, how credential stuffing attacks occur, and methods for protecting your computer’s operating systems.

An overview of GPS spoofing, meaning when technology or a person alters data so that a device appears in a different location or time zone, and how to avoid it.

Hacktivism is a new type of activism. Here’s an overview of the concept, as well as hacktivism groups that have made headlines through their attacks.

Consider this your ultimate guide to watering hole attacks, including what is a watering hole attack, real-life examples, and watering hole prevention tips.

Cybercrimes cost the world $6 trillion a year by 2021, according to cybersecurity ventures. Large data breaches and cyberthreats from foreign locales such as China and Russia threaten elections. Experts worry that 5G technology will create additional cybersecurity challenges for businesses.

Firewalls can help keep your network, computer, and data safe and secure. Here’s how.

An overview of what is a smurf attack, the parts that play into smurfing, how it results in DDoS attacks, plus pointers for smurf attack prevention

T-Mobile has confirmed unauthorized access to its data and is investigating the extent of the incident, after reports that sensitive data of 100 million T-Mobile USA customers is for sale on the web.

Social engineering is the act of tricking someone into divulging information or taking action, usually through technology. A typical hacker might look for a software vulnerability, but a social engineer could pose as a technical support person.

The dark web is often used by cybercriminals. But it’s also visited by journalists, law enforcement agencies and others.

As more and more people lean towards reading in a digital format, here are a few things to keep in mind when reading ebooks. Never download pirated ebooks and always buy books and digital content from legitimate retailers. Some ebooks may contain malicious software that can install malware, spyware, and viruses in your computer.

Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data.

Cybercriminals use sophisticated tactics to commit crimes. It takes a village to catch a cybercriminal since the method of how they commit these crimes is so complicated. Law enforcement usually has to coordinate with government agencies, international partners, and private corporations.

Deepfake videos could have serious implications during the 2020 election season. Learn why.

Hackers have figured out a way to hijack cell phones and steal the valuable information contained in them. Find out how criminals go after emails, photographs and payment apps to commit larger crimes like blackmail, fraud and theft. Learn how to keep your identity safe.

You can’t prevent a cyberattack or a data breach, but there are steps you can take to help prepare for and react to one.

Your personal information might be for sale on the dark web. A dark web scan can help you find out if your information has been exposed.

Twitter bots are automated Twitter accounts controlled by bot software. Learn what they do.

Adware, or advertising supported software, displays unwanted advertisements on your computer

Smishing is a form of phishing that involves a text message or phone number. It's becoming an emerging and growing threat in the world of online security. Read on to find out what it is and how you can protect yourself against it.

Until your Wi-Fi enabled devices have a security patch for the KRACK vulnerability here are some steps to take to help secure your devices.

Cybercriminals can take control of your email accounts, using them to send out fraudulent messages to your contacts or to steal any personal or financial information you’ve sent in past email messages. You can take steps to protect your personal email accounts and their passwords.

Many major companies have been the focus of DoS attacks. A DoS attack can be easily engineered from nearly any location. Attackers include hackers, profit-motivated cybercriminals, and nation states.

A zero-day vulnerability is a software security flaw that is known to the software vendor but doesn’t have a patch in place to fix the flaw. If left unaddressed, vulnerabilities create security holes that cybercriminals can exploit. To keep your computer and data safe, it’s smart to take proactive and reactive security measures.

Hackers are generally categorized by the type of metaphorical “hat” they don: “white hat”, “grey hat” and “black hat.” The terms come from old spaghetti westerns, where the bad guy wears a black cowboy hat. White hat hackers employ the same methods of hacking as black hats, with one exception - they do it with permission from the owner of the system first.

Learn how to help protect yourself in the event of a data security incident.

If you decide to work remote, it’s important to keep cyber safety in mind. That means protecting your devices and data, just like you would in the workplace.

Last year, the Norton team brought you a new look into cybercrime via the documentary In Search Of The Most Dangerous Town On The Internet. Through...

Here’s a look at the challenges facing social media platforms and how you can steer clear of disinformation this election season.

Hackers have stolen the personal information of about 57 million customers and drivers, according to a report by Bloomberg News. Uber discovered the data breach in late 2016, and then waited to disclose the news almost a year later. The stolen information included the names and driver’s license numbers of around 600,000 drivers in the United States.

Sophisticated cybercriminals have devised a way to steal email credentials that bypasses two-factor authentication security and doesnt rely on otherwise easy-to-spot phishing methods. Heres what you...

Did you know that your ISP can see what you do while you’re online? From making purchases to looking up medical conditions, your actions create a digital trail of data that can paint a very detailed picture of you.

Hackers attack Orbitz. 880,000 credit card or payment card information accessed in data breach. Find out what to do next.

Selecting the right antivirus software for your devices is one of the most important things you can do for your digital safety. Know what to look for before you choose an antivirus.

Hot on the heels of another large data breach, Sonic, America’s Drive-In, appears to be the latest victim of a potential data breach. This could mean almost 5 million customers may end up with their credit card information traded in the underground economy.

Recently, there have been reports about state sponsored, targeted attacks moving into the router and IoT security space. Read more to see how this affects you.

On Tuesday October 14th, a new vulnerability was discovered in Microsoft Windows Operating Systems, affecting all supported versions of Windows, from Windows Vista Service Pack 2 up to Windows 8.1. According to the security firm, iSIGHT, this vulnerability has been exploited by a cyberespionage group known as Sandworm, to deliver malware to targeted organizations.

Petya ransomware is spreading using the EternalBlue exploit similar to the WannaCry attack. Here's what to do when it comes to ransomware.

As a Norton customer, you are always entitled to download the latest version of your Norton product for free during your service period. Existing customers are...

You may have noticed growing reports in the media about the dangers of using USB memory sticks. A malicious USB device can install malware such as backdoor Trojans, information stealers and much more.

More than 120 million U.S. households had information exposed in a data leak, potentially raising the risk of identity theft for the impacted American families.

The Norton Cyber Security Insights Report sets out to understand how consumers are personally impacted by cybercrime and puts a human face on the headlines dominating the news.

Cyber criminals are not run-of-the-mill street hooligans. Assailants of online crimes are educated, tech-savvy, sophisticated individuals who dont care if you prefer PC to Mac or vice versa. There...

Since our personal safety takes precedence over everything, it’s safe to say that our digital security is a close second. This brings us to one the biggest challenges of Internet security – free vs paid internet security.

Many companies were unprepared to have employees work from home due to the coronavirus outbreak. These security steps can help.

The security hole in Internet Explorer could allow an attacker to take over a computer. Once the attacker has gained control, they can potentially install programs, view, change, or delete data and more.

A group of hackers known as Team GhostShell, claims to have hacked a multitude of organizations, including financial institutions, government agencies, political groups, law enforcement entities, and universities.

Since the large-scale August 19th data breach revealing millions of user profiles and email addresses from the Ashley Madison online dating site, we have found and blocked a surge in email spam activity related to the Ashley Madison data breach.

Today we are proud to announce the launch of the second installment in our documentary series The

A new zero-day vulnerability has been discovered in Adobe Flash. Security researcher Kafeine reports that this vulnerability is currently being exploited in the wild.

Hundreds of malicious apps are showing up on the Google Play Store, disguised as legitimate applications.

Spectre Next Generation — reportedly a new set of vulnerabilities in computer processors — could put your data at risk.

Two vulnerabilities, which are security holes in software, in Mac OS X operating systems affecting OS X versions Mavericks 10.9.5 up to Yosemite 10.10.5 have been confirmed.

Last week, the cyber attack against the hackers-for-hire firm Hacking Team, led to a theft of 400gb of data that exposed two Adobe Flash Player vulnerabilities.

Cybercriminals have reportedly stolen over 225,000 Apple ID account credentials from jailbroken iOS devices, using a type of malware called, “Keyraider”. The criminals have been using the stolen credentials to make in-app purchases with user accounts.

Android smartphone users should be aware of a dangerous new type of malware that spreads via spam SMS or MMS messages that link to a malicious app file.

NortonLifeLock has recently identified thousands of websites that have been compromised with malicious code, which is used to redirect users to a compromised website.

Working from home may mean relying on video-conferencing to do your job. But your connection may not be private or secure.

Deepfakes are designed to deceive viewers with manipulated, fake video and voice. Learn why they’re threatening and how you can spot them.

This year, Norton visited DefCon 24, a hacking conference held in Las Vegas. Established in 1993, this conference is designed to bring together people from all realms of the...

A new variant of Android ransomware has been discovered, which is displayed on the lockscreen’s user interface (UI). This threat, Android.Lockdroid.E, creates a lockscreen that appears more sophisticated and official by displaying fraudulent legal notices coupled with personal information gathered from the device.

An unusual strain of ransomware has shown up on the scene, and it isn’t playing nicely at all. Dubbed “Jigsaw,” the ransomware was created in early March and made its way to the black market a week later, selling for around $140 USD. So far, it seems that there has been minimal sales of the malware. Luckily, it is not widespread yet.

Here’s a sample of common election scams and advice for outwitting the scammers behind them.

In today’s connected world, cybercrime is a reality we all face. Therefore, you must choose trustworthy companies to handle your information

Answers to questions about working from home, helping to monitor kids’ online activity, and protecting against scams in the COVID-19 era.

The 2020 U.S. elections face major cybersecurity threats. Learn what they are and what the U.S. is doing to protect elections from hacking.

A look at 2019 data breaches so far, arranged by business sector, plus actions you can take help protect against identity theft.

Data leak exposes millions of bank loan and mortgage documents. Here’s what you need to know.

If you download FaceApp, you can “age” your face — but possibly give up your privacy. Learn more.

Biometric data breach: Could cybercriminals use your biometric data to commit identity theft or other crimes?

DoorDash disclosed a data breach affecting 4.9 million people. Drivers, restaurants, and customers could be affected.

If you don’t date your checks by using the full four-digit year in 2020, you could increase your chance of becoming a victim of check fraud.

More than 267 million Facebook users had their personal data exposed in an online database. Here’s what you need to know.

A Microsoft security breach exposed 250 million customer records on a database without password protection. Learn more.

The personal info of more than 10.6 million guests who stayed at MGM Resorts was exposed in a data breach and posted on a hacking forum.

The personal information of up to 5.2 million guests was accessed, including names, mail and email addresses, and phone numbers.

Ransomware attacks targeting governments are rising, including everything from city agencies to school districts to police departments.

As U.S. businesses start to reopen, employees and employer can team up to help keep company data safe

Twitter hit with hack involving high-profile accounts of billionaires, celebrities, and politicians, in cryptocurrency scam. Learn what happened.

Massive data breach at large hotel brand affects up to 500 million guests, potentially exposing them to identity theft and other crimes.

Every February, users both single and coupled tend to increase their downloads of Valentines Day-centric apps.

Hackers can set their sights on Ring and other home security cameras, and that has made some customers feel less than secure.

The threat group dubbed “Magecart” has been targeting the payment information entered into forms on various websites.

Everything you need to know about Facebook’s 50 million compromised accounts.

Your vote counts. Before casting your ballot, take a look at these 7 tips for election security.

The NSA and Microsoft advisories to patch Windows 10 systems are urgent. NSA has never before made such a public disclosure.

Formjacking is when cybercriminals inject malicious JavaScript code to hack a website and take over the functionality of the site's form page to collect sensitive user information.

Tablets and smartphones can be vulnerable to online threats and need security software

A U.S. judge sentences a Canadian man to five years in prison for his role in the 2014 Yahoo data breach.

MyHeritage DNA testing and family tree website investigating email and password breach, resetting all user passwords.

Several malicious apps have been downloaded from the Google Play Store millions of times, disguised as legitimate versions of the popular messaging platform “WhatsApp.”

A bug discovered in the Firefox web browser could allow attackers to gain access to files stored on a computer through malicious code injected into the browser’s built-in PDF viewer.

Equifax has announced that cybercriminals have exploited a vulnerability in their website, allowing them to gain access to certain files. The data breach appears to have taken place from mid-May through July 2017.

Attackers are setting their sights on stealing users Netflix credentials in order to sell them on the black market, providing access to the streaming service for less expensive prices.

Since streaming video content has become mostly commonplace, cybercriminals have taken notice, and are spreading spyware and malware on many social media platforms via comments

A vulnerability in Apple’s AirDrop feature has been discovered by Australian security researcher Mark Dowd. AirDrop is an “over-the-air” file sharing service that uses Bluetooth and WiFi, and is built into iOS and Mac OS X products.

Tax season is a ripe time for phishing and spreading malware; without fail, tax-related online scams remain a most popular type of phishing scam each and every year. Through our threat intelligence network, we have identified four types of tax scams that individuals and businesses should be wary of as they’re preparing to file their taxes in 2016.

iOS apps popular mainly in China have been infected with a piece of malware that can steal your data, and even get you to reveal things like usernames and passwords via phishing.

Last weekend several mainstream websites, fell victim to a massive malvertising campaign. The tainted ads in these websites may have directed thousands of unsuspecting users to a landing page hosting the notorious Angler Exploit Kit, a kit that stealthily installs crypto-ransomware and other malware on computers.

Earlier this week, white hat hacker Chris Vickery announced that he was able to gain access to over 13 million MacKeeper user accounts. A vulnerability was exploited in the company’s servers, which exposed the usernames, email addresses and other personal information of 13 million customers.

Youve heard of malware, ransomware, botnets, and the like. What you dont hear about is the technology behind these threats. These threats all have to come from somewhere, theyre not just out there...

Cyber espionage, also known as cyber spying, is grabbing a lot of headlines lately. The most recent incident affects Apple’s iOS. Researchers at Citizen Lab Have discovered that a highly sophisticated cyber espionage group has deployed a very rare, advanced form of spyware, which can break an iPhone wide open.