A British financial regulator fined American credit reporting agency Equifax 11 millions pounds ($13.4 million) for its role in one of the world's largest data breaches. Chinese military hackers in 2017 exploited a well-known vulnerability in the company's online dispute portal.
Digital transformation in the cloud is continuous. It comes with an ever-expanding risk landscape that's increasingly challenging. As IT teams seek to meet these challenges, they must focus on scaling their businesses securely while continuing to innovate to improve the customer experience.
It could be weeks or months before outsiders have a clear picture of the cyber dimension of the conflict between Hamas and Israel, a cyber expert said. "As some of these stories come out, as we will start to learn about what was actually targeted," said Rob T. Lee of the SANS Institute.
Ransomware-wielding attackers are targeting unpatched versions of FTP software that is widely used by large enterprises, including government and educational organizations. A researcher released proof-of-concept exploit code for WS_FTP software just one day after Progress Software issued its patch.
To truly be effective, CISOs must understand their organization's focus and culture. "In understanding the organization and its language, you understand what matters, and then by extension that will drive your security strategy and your security focus," said Helen Rabe, CISO at the BBC.
Regulators and prosecutors are signaling an increased interest in charging individuals such as CISOs with violating cybersecurity and privacy rules. Attorney Jonathan Armstrong of Cordery said the imperative for CISOs responding to security incidents is clear: Never go it alone.
The zero-day campaign underpinning the May mass attack on Progress Software's MOVEit file transfer software is now the vulnerability fueling a flotilla of attorneys, the software vendor disclosed in a regulatory filing listing pending litigation and governmental investigations.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joined ISMG editors to discuss: how Hamas is using crypto to finance operations, the latest illicit activities by North Korean actors, and how the trial of FTX's Sam Bankman-Fried could impact the industry.
A top U.S. cybersecurity official said Israel has avoided significant cyberattacks since Hamas' invasion Saturday but said that wouldn't necessarily be America's experience should armed conflict break out with China. "There have not been significant cyberattacks as of right now," said Brandon Wales.
This week: Google began phasing out passwords, Microsoft to bid VBScript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S. voter registration data stolen from the District of Columbia, and Volex reports a hack attack.
This week: A crackdown on Hamas' cryptocurrency accounts, more revelations from the trial of Sam Bankman-Fried, Voyager Capital settles with the U.S. Federal Trade Commission - while former CEO Stephen Ehrlich does not - and Elliptic says hackers have cumulatively laundered $7 billion to date.
Attackers have been actively exploiting vulnerabilities in the HTTP/2 protocol via so-called rapid request attacks, which Amazon Web Services, Cloudflare and Google report have led to record-breaking distributed-denial-of-service attacks. Experts recommend immediate patching or mitigation.
As organizations face the constant threat of ransomware attacks, it's essential to understand the nature of this pervasive threat and how organizations can respond effectively, said Angus Clarke, vice president, BSO, Mastercard. The obvious answer is never pay a ransom - most of the time.
CISOs face significant stress on a regular basis in their critical roles to safeguard organizations against the evolving threat landscape. CISOs must build cybersecurity resilience across the enterprise to protect digital assets and operations, advised CISOs Milos Pesic and Don Gibson.
Amnesty International says the Vietnamese government is likely behind a wave of attempted Predator spyware infections against targets including members of the U.S. Congress and European officials. Central to the campaign was an account on social media network X (formerly Twitter).
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.