In the latest weekly update, four ISMG editors discuss how ransomware attacks got worse in 2021, the backlash from privacy experts sparked by the IRS' decision - now changed - to use facial recognition technology on American taxpayers, and why cybersecurity fosters competitive advantage.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
The U.S.-China Economic and Security Review Commission on Thursday held a daylong hearing on cybersecurity threats posed by Xi Jinping-led China, including the nation's expansive cyberespionage and disinformation capabilities, along with its technical prowess in cyberwarfare.
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which - since at least 2017 - has consistently used more than a dozen remote access Trojans to control compromised machines, according to a report from Proofpoint.
The latest edition of the ISMG Security Report features an analysis of takedowns of multiple Russian-language cybercrime markets and communities by Russian authorities. It also describes the role of cryptocurrencies in the banking sector and how the identity market will evolve in 2022.
Unknown hackers have stolen about $1.9 million from South Korean cryptocurrency platform KLAYswap using a Border Gateway Protocol hack in the server infrastructure of one of its suppliers even though service implementers have known about BGP hijack attacks for decades and mitigations for them exist.
In a preliminary report, the European Data Protection Supervisor has urged EU officials to ban the use and deployment of military-grade surveillance products, citing recent findings around the NSO Group's flagship spyware tool, Pegasus.
A consolidated legal case that includes allegations of embezzlement, trade secret theft and intimidation offers an inside look at a complicated and messy alleged insider breach reported last year by a Texas-based accountable care organization.
CISA, FBI and NSA issued a joint advisory on Wednesday pointing to Russian state-sponsored activity against defense contractors. Officials say they have tracked threat actors compromising cleared defense contractors supporting several branches of the U.S. military and the intelligence community.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
GiveSendGo, a Christian crowdfunding website that had become the go-to platform for donors supporting the Canadian "Freedom Convoy" protests, went offline on Monday following a reported cyberattack in which donor information was allegedly leaked.
The January cyberattack on the International Committee of the Red Cross, which compromised the data of more than 515,000 highly vulnerable people, was specifically targeted at the organization, using code designed for execution on the ICRC servers, according to Director General Robert Mardini.
SecurityScorecard provides analysis of organizational cyber hygiene through a rating system, while LIFARS, a digital forensics firm, has offered witness testimony for major federal cybercrime cases involving nation-state threat actors. CEOs for both firms tell ISMG why their merger is significant.
Reports say that Ukraine's defense ministry and two banks have fallen victim to a cyberattack on Tuesday. This follows what appeared to be mild escalation in the Russia-Ukraine conflict over the weekend, in which top U.S. officials warned that Russia could invade the former Soviet state this week.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.