Ransomware actor Conti, which has been targeting Costa Rican government entities since April 2022, has claimed on its leak site Conti News that it has "insiders" in the country's government, and they are working toward the compromise of "other systems."
U.S. authorities have charged a cardiologist based in Venezuela with developing and selling multiple strains of ransomware, including Jigsaw and Thanos, as well as recruiting affiliates to use the crypto-locking malware against victims in return for a cut of any ransoms paid.
In the latest "Proof of Concept," Lisa Sotto, Jeremy Grant and ISMG editors discuss the significance of Apple, Google and Microsoft supporting the FIDO protocol's passwordless sign-in standard, progress made on Biden's cybersecurity executive order and updates on U.S. cybersecurity and privacy laws.
Italian police reportedly thwarted attempts to disrupt online voting for the music competition Eurovision, allegedly perpetrated by a hacking group called Killnet in retaliation for Russia not being allowed to compete at this year's festival, due to its invasion of Ukraine.
If you were a nation with legions of hackers at your disposal, seeking to sidestep crippling international sanctions, would you look to ransomware to fund your regime? That question is posed by new research that finds state-sponsored North Korean hackers haven't stopped their ransomware experiments.
A post-exploitation framework dubbed IceApple has been targeting global organizations that use Internet Information Services - Microsoft's extensible web server software - and Microsoft Exchange servers since at least 2021, says Falcon OverWatch, the proactive threat hunting team at CrowdStrike.
In the latest update, four editors at Information Security Media Group discuss the intriguing insights exposed by the leak of ransomware gang Conti's internal communications, the U.S. Treasury's first-ever sanctions on a cryptocurrency mixer and the latest cyber activity in Russia's hybrid war.
As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high. The memo for CISOs is clear: Remain prepared.
Pre-pandemic, escalating mobile banking adoption rate was primarily fueled by smartphone penetration, with over 4 billion people using smartphones. However, the disruption emerging from the onset of COVID-19 has been a major driver of mobile banking, fast-tracking the trend of mobile-first banking among younger...
Most consumers are now thrust into using online and mobile banking more often, FIs need to stay alert as digital acceleration elevates vulnerabilities for fraud, money laundering, and other illicit activity.
Download this report produced by Aite Group to learn how a digital-first strategy is imperative for...
Financial criminals are constantly adapting and evolving their tactics to get ahead of financial institutions (FIs). Keeping pace with these criminals is a challenge in of itself, and when you couple that with the need to comply to ever-changing regulations?
Download this eBook to learn how a cloud-based, AI-first...
Between the ever-changing fraud landscape, and the surge in digital banking (which is here to stay), small to mid-sized banks and credit unions are already at a crossroads for financial crime risk management.
To make matters even more challenging, conventional fraud and AML tools are generating an overwhelming...
Never have global financial institutions
faced such adversaries. The cybercriminal gangs now wield tools that
used to be the province of nation-states, and the nation-states now
engage in activities that once were owned by cybercrime. Scams
and schemes including account
takeover, denial of service and ransomware...
In the latest "Troublemaker CISO" post, security director Ian Keller discusses the issue of supply chain security and whether you should disclose information about your supply chain to companies as part of the effort to secure it. His conclusion: Build your defenses and trust no one.
According to Sophos, the average cost of rectifying a ransomware attack in the financial services industry was US$2.10 million, considering ransom paid, downtime, people time, device cost, network cost, lost opportunity, and other factors.
Download this article to learn more about how the ransomware risk for...