With tensions mounting in Ukraine, U.S. cybersecurity officials have grown increasingly concerned over the threat of direct cyberwarfare. As such, the U.S. has dispatched its top cyber official, Deputy National Security Adviser Anne Neuberger, to Europe to discuss the Russian threat.
The European Systemic Risk Board has proposed a new systemic cyber incident coordination framework called EU-SCICF. This framework will be designed to counter any major cross-border cyber incidents in the financial sector space with a coordinated response.
Fraudsters are having a field day as the pandemic persists, with experts warning that scams targeting consumers and businesses remain at record-high levels. To combat such attacks, experts say financial services firms need to bolster their identity controls with tools to more accurately track and counter scams
In just a month, the BlackCat cybercrime group has carried out high-impact ransomware attacks on international organizations and risen to seventh place in Unit 42's ranking of global ransomware groups. A key factor, researchers say: the use of the Rust language for coding its malware.
In 2021, there were 1,862 data compromises - a 68% increase over 2020, according to the Identity Theft Resource Center's Annual Data Breach Report. "In this past year, there were more cyberattack-related data breaches than there were all forms of data breaches in 2020," says ITRC COO James E. Lee.
In the first of a planned series of articles looking at strategies that have helped her and her teams over the years to not just survive a stressful environment, but thrive in it, cybersecurity executive and CyberEdBoard executive member Kerissa Varma offers this: Be a human, not a terminator.
A 29-year-old Canadian man has been sentenced to three years in prison for trading in stolen personal information, which included transactions with an aggressive hacking and extortion group known as The Dark Overlord. Slava Dmitriev sold identity information on the AlphaBay marketplace, prosecutors alleged.
Attack scans and attempts related to the Log4j flaw may have declined, but some security experts believe the attack vectors will continue to pose a problem up to two years. Also, the Ukraine Computer Emergency Response Team reports Log4j could be a possible attack vector in recent cyberattacks.
Fraud teams at many enterprises overlook refund fraud because it is considered part of customer service, says Brett Johnson, a consultant on cybersecurity, cybercrime and ID theft who was a central figure in the cybercrime world for over 20 years. He discusses why they should be addressing it.
A memory corruption vulnerability has been uncovered in Polkit’s pkexec, a SUID root program that is installed by default on every major Linux distribution, allowing any unprivileged user to gain root privileges on the vulnerable host.
Tal Prihar, a former administrator of the DeepDotWeb darknet market search engine, has been sentenced to serve eight years in a U.S. federal prison after pleading guilty to money laundering, tied to his having received more than $8 million in kickbacks from markets to which he referred buyers.
Four ISMG editors discuss: how too many organizations fail to implement basic cybersecurity defenses - such as MFA; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
All organizations in Britain are being urged by the government to immediately bolster their business resilience capabilities due to an increased risk of fallout from cyberattacks targeting Ukraine. In the past, such attacks have amassed victims outside Ukraine, causing billions in commercial damages.
The latest edition of the ISMG Security Report features an analysis of whether a new ransomware operation is a spinoff of the notorious REvil or simply copying the group's moves; how Maersk responded to the NotPetya wiper malware attack; and essential incident response skills.
U.S. Security and Exchange Commission Chair Gary Gensler wants to broaden cybersecurity regulations. Among his concerns are the rising threat of cyberattacks due to the tensions between Russia and Ukraine, and a need to harmonize communications between financial firms and third-party vendors.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.