The United States is further fortifying its critical infrastructure security with a new Cybersecurity and Infrastructure Security Agency program that enhances the cyber resilience of participating partners leveraging the agency's advanced threat detection and monitoring capabilities.
The BlackCat RaaS group is developing a threat activity cluster using chosen keywords on webpages of legitimate organizations to deploy malicious malware. Trend Micro researchers discovered cybercriminals using malvertising to deploy malware using cloned webpages of WinSCP and SpyBoy.
"Exposure management has become top of mind for most CISOs" due to three factors: the uncertain geopolitical landscape, the proliferation of the cloud and an increased focus on regulations and compliance, according to Sarah Ashburn, Chief Revenue Officer at Censys.
Attackers targeting the supply chain are "quite predictable in their movements; they want to persist their access, so they're looking for credentials," said Mackenzie Jackson, developer advocate at GitGuardian, who recommends deploying honeytokens to track the predictability of criminals' actions.
With the growth of generative AI services, organizations want better control of the data going in and coming out of AI. Talon CEO Ofer Ben-Noon discussed how his firm has built a DLP compliance model around generative AI services that blocks healthcare information or SWIFT data shared with ChatGPT.
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links.
The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a third-party supplier and contains only certain initial configuration files. It said customer information and operations were not affected.
The U.S. Department of Health and Human Services has notified Congress that the information of at least 100,000 individuals has been compromised in hacking incidents at HHS contractors involving exploitation of a flaw in managed file transfer software MOVEit from Progress Software.
Cloudflare and Check Point joined Proofpoint and Microsoft atop Forrester's email security rankings, while Trend Micro, Barracuda Networks and Mimecast tumbled from the leaders category. A number of security vendors have gotten into email protection in recent years by acquiring CAPES startups.
The United Kingdom's national cybersecurity agency on Friday marked the 20th anniversary of its response to the first-ever cyberattack against the government by disclosing how government agencies responded. The incident paved way for the launch of the National Cyber Security Center in 2016.
The European Commission is set to finalize its digital wallet initiative after the proposal achieved political consensus on the core elements concerning its implementation. The latest digital monetary initiative comes as Europe rolls out plans for a digital euro.
In the latest weekly update, ISMG editors discuss the potential fallout from an SEC investigation of SolarWinds and its CFO and CISO, why the number of individuals affected by Clop's campaign against MOVEit is on the rise, and highlights from InfoSecurity Europe.
While financial fraud has been prevalent for years, businesses still struggle to find it among large pools of data. In this second installment on accounting fraud, a panel of experts discussed the challenges including a lack of resources, skills and tools to identify fraud.
This week, the U.S. sanctioned Russians running influence campaigns, the owner of the Monopoly darknet drug market was charged, CISA ordered federal agencies to patch flaws before July 13, Suncor Energy suffered a cyberattack and Petro-Canada gas stations were affected.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.