A newly revealed flaw in the Linux kernel dubbed "Dirty Pipe" could potentially allow attackers to take complete control over a device, read private messages and gain admin-level privileges. The Linux Foundation has patched the flaw.
South Korean consumer electronics giant Samsung Electronics has confirmed that it has suffered a breach that includes source code being stolen. Ransomware gang Lapsus$ has leaked a massive collection of confidential data from Samsung just a day after leaking credentials of 71,000 Nvidia employees.
Four ISMG editors discuss the accelerating invasion of Ukraine by Russia and its potential impact on the cybersecurity industry; whether hacktivists are the new resistance fighters and the dangers that might trigger; and how a data leak may help researchers track and fight the Conti ransomware gang.
U.S. officials say that while it would be nearly impossible for Russia to "flip the switch" and convert to cryptocurrency to stabilize its sanctioned economy, they caution that Russian elites and entities may yet try to skirt the measures by transferring and obfuscating funds across the blockchain.
Russia's National Coordination Center for Computer Incidents has published a list of 17,576 IP addresses and 166 domains that it says are targeting the country's information resources via distributed denial-of-service attacks. It also published a 20-point list of remediation measures.
Ransomware gang Lapsus$ has leaked credentials of 71,000 Nvidia employees on a Telegram page, Information Security Media Group has found. The data was stolen in a breach, data breach notification service Have I Been Pwned confirms.
A phishing campaign, likely carried out by a state-sponsored threat actor, is targeting European government personnel who are aiding Ukrainian refugees, Proofpoint says. The TTPs in the campaign resemble those of Ghostwriter, a group that was the subject of a Ukrainian CERT warning on Feb. 25.
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
Key financial members of the U.S. Senate on Wednesday sent a letter to Treasury Secretary Janet Yellen regarding potential sanctions evasions and the department's ability to police crypto assets, as adversarial countries have previously leveraged them to fund weapons programs and for cash infusion.
A newly released conversation between two members of the Conti ransomware gang reveals concern about the war in Ukraine and its potential to disrupt their lucrative extortion racket. The conversation took place just a day before a massive data leak exposed the gang's inner workings.
Security experts, legislators and researchers are worried about fraud and money laundering related to cryptocurrency platforms during the Russia-Ukraine crisis. Researchers are already observing a spike in phishing attacks and other threat vectors targeting digital wallets.
Amid escalating violence in Ukraine and sanctions meant to hobble Moscow, the Senate has passed a landmark cybersecurity package that bundles three substantial measures - mandatory incident reporting for critical infrastructure, an update to federal IT security strategy, and FedRAMP authorization.
Global Insurance broker Aon has disclosed to the U.S. Securities and Exchange Commission that the company suffered a cyber incident that affected a limited number of systems. The incident was discovered on Feb. 25, and there is no indication of a breach of any corporate or customer information.
Ukrainian online newspaper Pravda has published what it says are details on 120,000 Russian soldiers, citing Ukraine's Center for Defense Strategies as the source. But chatter seen by Information Security Media Group on Telegram suggests that the source of the dataset is the hacker group ENIGMA.
Expel is out with its new forward-looking report, "Great eXpeltations," and ransomware and cryptojacking are among the topics covered. Jon Hencinski of Expel and Michael Darling of Venable share insights on attack trends and how to defend against them.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.