Switzerland's federal government reports that multiple federal agencies' public-facing sites were temporarily disrupted by distributed denial-of-service attacks perpetrated by a self-proclaimed Russian hacktivist group "as a means of gaining media attention for their cause."
Estimates of the number of devices affected by a duo of zero-days in a popular corporate VPN made by software developer Ivanti have skyrocketed from fewer than 10 to over 1,700. The flaws affect the firm's Connect Secure VPN appliance, formerly known as Pulse Secure, and Ivanti Policy Secure.
A Chinese state hacking group is attacking superseded Cisco routers to target government entities in the United States, the United Kingdom and Australia. Beijing cyberespionage hackers dubbed "Volt Typhoon" are using vulnerabilities that were first disclosed in early 2019.
Hackers possibly connected to the Chinese government since December have exploited two zero-days in a VPN from software developer Ivanti that is widely used by governments and corporations, and a patch won't be available until later this month.
Merck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin.
Criminals have built highly successful business models by hacking into a wide range of organizations at will. University professor John Walker warned that the world is witnessing the unintended consequences of our collective inability to secure assets - kinetic threats to global stability.
Iranian hackers targeted the Albanian Parliament using the No-Justice Wiper and other commonly used tools. Albania had severed diplomatic ties with Iran following a July cyberattack that disrupted the country's online governmental services portal.
A proposed settlement has been reached between Merck & Co. and several insurers that were appealing a 2023 court decision saying the insurance companies could not invoke "hostile warlike action" exclusions in refusing to pay drugmakers' claims filed after the 2017 NotPetya cyberattack.
In the latest weekly update, four ISMG editors discussed the number of ransomware victims who are paying a ransom to cybercriminals, the need for greater cyber resilience during wartime, and the critical role of human risk management in organizational cybersecurity in the era of remote work.
Ukraine's security intelligence chief said Russian hackers had been responsible for severing internet access and mobile communications from telecom operator Kyivstar in December, after compromising the firm's network months ago. He said the "disastrous" cyberattack had wiped "almost everything."
From artificial intelligence and smartphones to electric vehicles and data centers, semiconductors are critical in powering and advancing today’s technologies. For years, the People’s Republic of China (PRC) has played a significant role in the global semiconductor industry as both a major consumer and producer....
An economic security program enhances an organization's security and competitiveness by safeguarding its economic interests from state-sponsored actors. Economic security is a critical component within an organization's overarching security strategy, leveraging data analysis, subject-matter expertise, and various...
The People’s Republic of China (PRC) is employing a talent superpower strategy designed to incentivize academics, researchers, and scientists to go abroad, deepen their expertise, and return to the PRC to advance its strategic interests. In recent years, these state-sponsored talent programs have drawn increased...
The Russian military hacked into surveillance cameras to spy on Ukrainian air defenses and Kyiv's critical infrastructure during the missile and drone strikes on the capital city Tuesday. Ukraine has blocked and dismantled the cameras, and it urged users to stop sharing security camera feeds online.
The European Central Bank beginning this month will conduct cyber stress tests on banks to determine their resilience against cyberattacks. The agency is requiring 109 banks in Europe to perform vulnerability assessments and incident response evaluations by mid-2024.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.