Cisco says it fell victim to a successful hack attack and data breach in May. While an attacker wielding Yanluowang ransomware claimed to have exfiltrated data and crypto-locked systems, Cisco says nothing sensitive was stolen and no systems were infected by ransomware.
ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.
With attack surface sprawl and growing numbers of vulnerabilities to address, security and IT teams are increasingly challenged to meet remediation targets. To overcome this problem, teams need an automated way of identifying and correlating the highest risk vulnerabilities with the right remediation steps.
For...
With attack surface sprawl and growing numbers of vulnerabilities to address, security and IT teams are increasingly challenged to meet remediation targets. To overcome this problem, teams need an automated way of identifying and correlating the highest risk vulnerabilities with the right remediation steps.
For...
Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through its bug bounty program in January.
As ransomware attacks continue to pummel organizations, Rapid7 Chief Scientist Raj Samani says victims must identify how the attacker broke in and if they've given themselves persistent ways to regain access. Otherwise, he says, "They'll hit you again and again."
Researchers from cybersecurity firm Mandiant say they've discovered a network of inauthentic news sites transmitting Chinese propaganda apparently all under the control of Shanghai Haixun Technology Co., a Chinese PR firm that advertises "positive energy packages."
The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
The basic foundation of designing a reliable and dynamic cyber resilience program is to have an elaborate incident response plan that can take into account different cyberthreat scenarios and outcomes, says Singapore-based Christophe Barel, who is managing director for Asia-Pacific at FS-ISAC.
Ransomware operators, crypto miners and initial access brokers are increasingly targeting the same networks for compromise, creating a new set of challenges for defenders. Sophos has brought together three teams of cybersecurity experts to help businesses defend against changing threats.
A cybersecurity incident at popular Indian online travel website Cleartrip may have put at risk customer PII, including names, email addresses and phone numbers. Cleartrip is part of Walmart-controlled e-commerce firm Flipkart. "Appropriate legal action and recourse are being evaluated," it says
The Identity Theft Resource Center's data breach report for the first half of 2022 says approximately 40% of data breach notices do not list the root cause of the compromise. "Unknown" is the top cause of data breaches for the first time since the ITRC began tracking their causes.
The cybercriminals behind BlackCat ransomware have upgraded their arsenal by adding Brute Ratel, a pen-testing tool with remote access features that are used by attackers. The group targets large corporations in different industry segments across the U.S., Europe and Asia.
Threat actors carried out smishing attacks on nearly 10,000 Australian students enrolled at Deakin University and downloaded PII of about 47,000 students. Hackers compromised an employee's credentials to access the university's third-party SMS solutions provider to execute the attack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.