Cybersecurity truism: Focusing on the basics helps defenders arrest many of today's top attacks, as well as tomorrow's. While IT defenders have been repeating that mantra for years, experts say it also applies to operational technology environments, including ICS and SCADA systems.
According to a new survey from ISC2, the nonprofit member organization that promotes cybersecurity education, 82% of cybersecurity professionals say AI will improve their job efficiency by helping them conduct analysis, automate tasks, perform monitoring, predict vulnerabilities and block threats.
About 20% of new companies created in the U.K. every day - or some 800 firms - are scams. These fake businesses are being created from an ocean of stolen high-quality data related to real people, making it hard to spot the fraudsters, said Graham Barrow, director of "The Dark Money Files" podcast.
Knowing how competent we are and how we stack up against peers gives us the ability to decide when we can proceed based on our own experience and when we need to seek advice. But psychological research says we are lousy at evaluating our own capabilities and frequently overestimate our skills.
In the latest weekly update, ISMG editors discussed the convergence of the NOC and SOC functions, Scottish Police efforts to address the escalating challenge of cybercrime in Scotland, and why OpenAI is pushing to dismiss certain aspects of The New York Times lawsuit.
The Change Healthcare mega hack has taken nearly 120 of the company's IT products and services offline since Feb. 21, and that cyber disruption is having serious, widespread impact on the entire healthcare industry including major players, said attorney Sara Goldstein of the law firm BakerHostetler.
North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.
Ransomware group Rhysida is offering to sell "exclusive data" stolen from a Chicago children's hospital for $3.4 million on the dark web, while the hospital is still struggling to recover its IT systems, including its electronic health records and patient portal, one month after the attack.
This week, progress was made in the FTX case, a hacker testified in the Bitcoin Fog case, an Axie Infinity co-founder and a MicroStrategy account were hacked, the KyberSwap hacker moved funds, the EU has a new AMLA office, and Aleo was breached.
The U.S. presidential election is still eight months away, but the FBI is already seeing its share of cyberattacks, nation-state threats and AI-generated deepfakes. According to FBI Agent Robert K. Tripp, "We're no longer considering threats as a what-if situation; it's happening now."
This week, the Biden administration urged software developers to adopt memory-safe programming languages and moved to restrict Chinese connected cars, a pharma giant was breached, researchers found malicious repos in GitHub, the Phobos RaaS group is targeting the U.S., and Zyxel patched devices.
Is Moscow using the Russian-speaking LockBit ransomware group as a tool to disrupt critical infrastructure and democracy in the West? While no publicly available evidence reveals direct ties, what are the chances that the prolific, trash-talking group has escaped authorities' attention - or demands?
Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.
First-party fraudsters have shifted their focus from credit card fraud to deposit scams. In this evolving threat environment, financial institutions face new challenges from the increased use of synthetic identities and the difficulties in classifying first-party fraud, said BioCatch's Seth Ruden.
BlackCat claimed on its dark web site that it is behind the biggest healthcare hack so far the year - exfiltrating 6 terabytes of "highly selective data" relating to "all" Change Healthcare clients, including Tricare, Medicare, CVS Caremark, MetLife and more.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.