DropBox is the latest company to have employees fall for phishing emails tricking them into supplying login credentials and a one time password to threat actors. Hackers got away with copies of 130 code repositories. The company says it's speeding up an internal transition to Web Authentication.
The United Kingdom's National Cyber Security Centre is scanning the British internet for vulnerabilities. "We're not trying to find vulnerabilities in the U.K. for some other, nefarious purpose," says the center, a part of signals intelligence agency Government Communications Headquarters.
A startup that was reportedly almost acquired by Palo Alto Networks for $600 million has instead raised $100 million to forge ahead on its own. App security vendor Apiiro plans to use the proceeds to strengthen its ability to analyze code and developer activities across the software supply chain.
A U.S. senator is suggesting adding cybersecurity standards to the list of federal prerequisites for medical practice participation in Medicare. Cybersecurity is a patient safety issue, says Mark Warner (D-Va.). He today released a slew of proposals for augmenting healthcare cybersecurity.
Human Security has gone back to the M&A well once again, scooping up a Baltimore startup to prevent adversaries from surreptitiously embedding malware into digital advertisements. The acquisition of Clean.io will help Human take on malvertising, which has become a prolific way to spread botnets.
Operational technology will gain more malicious attention from state-backed hackers, warns the European Union Agency for Cybersecurity. Geopolitics is driving changes in the threat landscape and the agency predicts retaliatory attacks for Western support of Kyiv.
A French-speaking gang codenamed "Opera1er" has been tied to the theft of at least $11 million from dozens of victims - mainly banks in Africa - and remains "active and dangerous," cybersecurity researchers warn, as they release indicators of compromise to help potential victims protect themselves.
The latest edition of the ISMG Security Report discusses how Australian health insurer Medibank is deliberating on whether to pay a ransom to extortionists, analyzes the growing number of layoffs in the security vendor space, and shares a tribute to threat intelligence researcher Vitali Kremez.
Tributes are being paid to Vitali Kremez, who has died at the age of 34 in a suspected scuba-diving accident. The renowned threat intelligence expert, born in Belarus, had long tracked Russian cybercrime syndicates and was part of an ad hoc group established to counter ransomware and help victims.
A Japanese hospital in Osaka stopped offering anything but emergency care after hackers launched a Monday morning ransomware attack on the electronic medical records system. Hospital officials say the prospects of system recovery are not good.
Federal regulators have issued new guidance explaining how they will consider the "recognized security practices" of healthcare entities and their business associates during HIPAA enforcement activities, such as breach investigations and security audits.
Cookie and cracker giant Mondelez International settled litigation launched in 2018 against Zurich Insurance after the underwriter denied a claim for property damages stemming from the NotPetya malware wave. Similar litigation initiated by pharmaceutical giant Merck against its insurers continues.
All employees should consider upholding the security of the organization part of their job regardless of their official role at the company, says Equifax Business Information Security Officer Michael Owens. But creating an organization-wide cybersecurity culture is easier said than done.
CISOs must focus on the business value they're providing, not the technical details of their work, when interacting with the C-suite and board. Don’t focus too narrowly on security risks and technical requirements and miss what the business wants to achieve, says David Nolan, CISO, The Aaron’s Co.
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.