Industrious attackers are using cutting-edge deepfake and AI technologies to blend impersonation and social engineering attacks. Robust processes that include checks and balances and improved proving awareness of staff and customers are the keys to preventing them.
Cybereason is carrying out its third round of layoffs in 21 months, and dozens of senior employees are expected to be let go. Among the exiting employees is Zohar Alon, the longtime Dome9 Security leader who joined Cybereason just 11 months ago as president of product and research and development.
A new analysis has unearthed that cryptocurrency scammers siphoned off a staggering $43.6 million in 2022. Those who enjoy forensics should have a field day in this domain. From ethical hacking to penetration testing and incident response, there are tons of well-paying opportunities.
Is Moscow using the Russian-speaking LockBit ransomware group as a tool to disrupt critical infrastructure and democracy in the West? While no publicly available evidence reveals direct ties, what are the chances that the prolific, trash-talking group has escaped authorities' attention - or demands?
Has the U.S. created the wrong war machine? Developing and deploying advanced military technologies involves balancing the desire to improve national security with the need to navigate the ethical, strategic and existential challenges these technologies present.
Once the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.
Blue Monday arrived late this year for the LockBit ransomware-as-a-service group, after an international coalition of law enforcement agencies seized swaths of its infrastructure. Security experts said even if the down-at-the-heels group reboots, the disruption already stands as a big win.
The AI industry is exploding with demand for talent that can navigate the maze of machine learning, data analytics and neural networks. But what does this mean for the average IT person looking for a job? Steve King of CyberEd.io discusses finding work in the AI field.
Protecting our identities is extremely important. An identity fabric is a robust identity control framework, but before you can roll one out, you need to understand all aspects of the IAM life cycle, assess all the areas of risk and make sure that remediation controls are in place.
The number of victims who opt to pay a ransom appears to have declined to a record low. During the last three months of 2023, an average of 29% of organizations hit by ransomware paid a ransom - a notable shift from what ransomware watchers saw in recent years.
Does a day ever go by without a fresh set of data breach notifications? Some organizations' breach notifications at least signal respect for the recipient. But others play it shadier, by resorting to marketing spin, minimizing the blame, and in some cases, even indulging in corporate cheerleading.
Robert Blumofe, executive vice president and CTO at Akamai, expects social engineering, phishing, extortion and AI-driven attacks to dominate the threat landscape. He advised enterprises to use FIDO2-based MFA, zero trust, microsegmentation and API security to reduce risks.
In the latest weekly update, ISMG editors discussed how the surge in API usage poses challenges for organizations, why good governance is so crucial to solving API issues and how The New York Times' legal action against OpenAI and Microsoft highlights copyright concerns.
As the use of application programming interfaces to connect software components continues to surge, many organizations lack visibility into precisely how many APIs they're operating, if those APIs are secured or who's meant to have access to them, researchers warn.
Forrester analyst Sandy Carielli highlights key API security aspects in Forrester's report titled The Eight Components of API Security," which covers governance, discovery, testing, authentication and protection from API breaches as many organizations are grappling with the maturity of these areas.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.