Researchers from cybersecurity firm Mandiant say they've discovered a network of inauthentic news sites transmitting Chinese propaganda apparently all under the control of Shanghai Haixun Technology Co., a Chinese PR firm that advertises "positive energy packages."
This edition of the ISMG Security Report analyzes the latest ransomware trends from the European Union Agency for Cybersecurity, findings from the first-ever Cyber Safety Review Board on the Log4j incident, and how security and privacy leaders are harmonizing new U.S. privacy laws.
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
John Kindervag, creator of zero trust and senior vice president at ON2IT, and Grant Schneider, senior director at Venable, join ISMG editors to discuss the latest Log 4j findings, threats posed by a Chinese-made automotive GPS tracker and the challenges of a distributed workforce.
Multiple individuals returned a total of $11.4 million of the $190 million worth of cryptocurrency drained from cross-chain bridge Nomad on Wednesday, blockchain security firm PeckShield tells ISMG. Three cryptocurrency wallets currently hold $95 million of the stolen funds, it says.
In his role as CISO of intelliflo, veteran leader John Rouffas manages cybersecurity, risk and privacy - all in one role. And in doing so, he says, "I like to fly by the seat of my pants a bit." He explains his unique approach to leadership and mentoring.
Hackers are using an unknown exploit to draw down internet-connected wallets on the Solana blockchain. So far, thieves have made off with about $8 million worth of cryptocurrency, predominantly from mobile wallet users of Phantom and Slope. Solana is working to identify the root cause.
Britain's Conservative Party is holding a leadership contest, with the winner set to become the country's next prime minister. But the balloting process has been delayed after the National Cyber Security Center warned that hackers could abuse a process allowing members to change their online vote.
Health insurer Aetna ACE reported to federal regulators a health data breach affecting nearly 326,000 individuals tied to an apparent ransomware incident involving OneTouchPoint, a subcontractor that provides printing and mailing services to one of the insurer's vendors.
Attackers drained crypto assets worth nearly $200 million on Monday from cross-chain bridge Nomad, a "security-first cross-chain messaging protocol." Experts say the attack occurred after Nomad updated its smart contracts and inadvertently made it easy to spoof transactions.
Hackers are turning to cryptojacking to make easy money despite the fall in cryptocurrency valuation, including ransomware cybercriminals attracted by the lower-stakes world of cryptojacking, says threat intelligence firm SonicWall. The financial industry has seen a surge in cryptojacking attacks.
The US Consumer Financial Protection Bureau reportedly plans to release new guidance requiring banks to reimburse consumers for certain money-transfer service scams. Ken Palla, former director at Union Bank, says banks might look to the U.K. for examples of how to stop authorized push payment fraud.
How many organizations fall victim to a ransomware outbreak? How many victims pay a ransom? How many victims see stolen data get leaked? A new study from the EU's cybersecurity agency ENISA offers answers, but carries major caveats due to rampant underreporting of such attacks.
The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
A 2020 breach of US courts' digital docketing system was done by three foreign actors, said Rep. Jerry Nadler, D-N.Y., House Judiciary Committee chairman. Sen. Ron Wyden, a Democratic member of Senate Intelligence, said the U.S, Administrative Office of the Courts is hiding the attack's gravity.