Four editors at ISMG discuss important cybersecurity issues, including law enforcement agencies' crackdown on ransomware operations, how banks are building their technology stacks to counter card fraud and whether the "work from anywhere" model is beneficial for employees in the long term.
The latest edition of the ISMG Security Report features an analysis of the progress made by law enforcement agencies in the effort to crack down on ransomware. Also featured: Evil Corp banking malware still active; XDR market trends.
A penetration testing company discovered a critical zero-day vulnerability in Palo Alto Networks' GlobalProtect VPN product but did not inform the company until about 11 months later. The situation stirred debate over whether that posed unnecessary risks.
The U.S. has joined an 80-nation agreement that sets collective goals for cyberspace, with a particular focus on internet integrity, electoral security, intellectual property theft, use of malign hacking tools and more. Vice President Kamala Harris confirmed U.S. entry into the multistate pact.
Vulnerabilities in Apple Pay, Samsung Pay and Google Pay allow attackers to make unlimited purchases using stolen smartphones enabled with express transport schemes, according to a research report from Positive Technologies. These findings were presented at Black Hat Europe this week.
CyberEdBoad excutive member Alan Ng of China Taiping Insurance, Singapore, explains the enterprise risk management strategy for the pandemic era and how the Distributed, Immutable and Ephemeral triad works with the Confidentiality, Integrity and Availability triad to make organizations more secure.
U.S. SEC Commissioner Caroline Crenshaw urges DeFi developers to approach the financial regulator in an effort to bring projects in line with existing securities laws. Though praising the DeFi's innovative nature, the commissioner says it lacks transparency and is hindered by on-chain pseudonymity.
APT group Lyceum has targeted ISPs and telecommunication operators in Israel, Morocco, Tunisia and Saudi Arabia, as well as a Ministry of Foreign Affairs in an African country, according to Accenture’s Cyber Threat Intelligence group and Prevailion’s Adversarial Counterintelligence Team.
A new espionage campaign has allowed an unidentified threat actor to access data, including communications and services, on thousands of devices belonging to South Koreans, reports Aazim Yaswant, an Android malware analyst at mobile security company Zimperium.
A criminal hack attack has disrupted healthcare in Canada's easternmost province and resulted in the theft of patient information and personal details for healthcare employees. The province of Newfoundland and Labrador disclosed the apparent ransomware attack on Oct. 30, and has yet to restore all systems.
Before cybercriminals shifted heavily into ransomware, there was banking malware: sophisticated programs designed collect login credentials and intervene in transactions. A campaign using the Dridex banking Trojan has appeared in Mexico, says Metabase Q, a security company.
The U.S. Department of the Treasury has blacklisted cryptocurrency exchange Chatex, along with a network of entities the department says support it, for allegedly facilitating ransomware-related financial transactions. This action effectively bars Americans from doing business with the company.
A new initial access broker, Zebra2104, has been providing entry points to ransomware groups such as MountLocker and Phobos, as well as espionage-related advanced persistent threat group StrongPity, according to a new report. This process saves other threat actors time, effort and expense.
The calculus facing cybercrime practitioners is simple: Can they stay out of jail long enough to enjoy their ill-gotten gains? A push by the U.S. government and allies aims to blunt the ongoing ransomware scourge. But will practitioners quit the cybercrime life?
Congress has passed the $1.2 trillion physical infrastructure bill, which will inject $1.9 billion in new cybersecurity funding for the federal government. The bill, long held up in Congress, passed the House on Friday and moves to the desk of President Joe Biden, who plans to sign the measure into law.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.