The Ukrainian Cyber Police dismantled yet another large-scale bot farm spreading Russian propaganda over social media. Cyber police seized nearly 150,000 SIM cards of different mobile operators used in the campaign to create fake social media profiles.
Top U.S. and Australian cybersecurity agencies strongly urged users to patch a critical zero-day flaw in Citrix ADC and Gateway appliances being exploited by unnamed threat actors in the wild. The bug, which is tracked as CVE-2023-3519, gives unauthenticated attackers RCE privileges.
The U.S. government has added two more commercial spyware vendors - Cytrox and Intellexa - to its list of organizations that face restrictions if they attempt to procure American goods or services, owing to the firms' "threatening the privacy and security of individuals and organizations worldwide."
In the post-digital transformation world - and in advance of the coming of quantum computing - it's time to future-proof cybersecurity by nurturing a culture of security. Dean Coclin of DigiCert discusses how banking institutions can embrace this change.
In this interview with Information Security Media Group,...
Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.
It's becoming more critical than ever for hospitals to have vigorous programs that continuously evaluate and address the security risks posed by third-party vendors, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Cryptocurrency hackers are shifting their focus from bitcoin to other tokens and newer blockchain services such as cross-chain bridges for illicit activity. Why is the oldest crypto token so unappealing to hackers these days, and what do other options offer? Ari Redbord of TRM Labs explained.
President Xi Jinping directed state agencies to strengthen the government’s control over the internet and information technology sector, potentially discouraging investment in the country. Among the obstacles is a new Counter-Espionage Law focused on investigating foreign companies.
Federal regulators and medical device maker Becton, Dickinson and Co. are warning about eight vulnerabilities that could allow an attacker to compromise BD's medication infusion product suite, potentially putting data and device integrity at risk if exploited.
Suspected Chinese hackers gained access to senior U.S. officials' emails by exploiting a zero-day vulnerability in Microsoft's cloud environment. While Microsoft said customers couldn't have prevented the attack, the U.S. government says logging was key to spotting it.
In the latest weekly update, ISMG editors discuss the complex task of phasing out magnetic stripe payment cards and why the United States lags behind, the great debate over best of breed vs. a single platform vendor approach, and AI insights from Palo Alto CIO Meerah Rajavel.
Life sciences firms, including pharmaceutical companies, are facing growing challenges in securing complex sets of sensitive data, including genomic information, said H-ISAC's Phil Englert, one of many high-profile speakers who will discuss industry trends at ISMG's upcoming Healthcare Summit 2023.
Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access Trojans. Ukrainian authorities say the adversary is focusing on information stealing and remote control of targeted systems.
Researchers are warning of an uptick in attacks using a series of malicious Microsoft Office documents designed to drop LokiBot, an information stealer capable of sweeping up credentials. LokiBot has been active since 2015 and specializes in information stealing through malicious email attachments.
Russian hacking group Armageddon has upgraded its skills to simultaneously target several thousand Ukrainian government information systems. CERT-UA said the hackers infected Microsoft Office Word to generate 80 to 120 malicious documents within a compromised system to multiply the infection.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.