Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
Attackers continue to employ commercial penetration testing tools as well as "living off the land" tactics - using legitimate tools or functionality already present in a network - to exploit victims. Accordingly, organizations must monitor for both, to better identify potential intrusions.
Deepayan Chanda discusses the four principles of cybersecurity - reliability, accuracy, architecture and resiliency - that he believes cover most of the aspects of how CISOs can maintain the level of cybersecurity that their organzations need to sustain attacks.
A dual U.S.-Canadian national has been sentenced to more than 11 years in federal prison for conspiring to launder tens of millions of dollars in wire and bank fraud schemes, according to the U.S. DOJ. Officials say the activity included cash-out scams for North Korean cybercriminals.
Bitdefender has conducted a forensic analysis of a new backdoor, dubbed Sardonic, used by the threat group Fin8 in recent attacks against two financial organizations.
Mastercard says that starting in 2024, banks and other institutions that issue its credit and debit cards will no longer need to include a magnetic stripe on the back, and that by 2033, m
agnetic stripes will be extinct. Given magnetic stripes' many security downsides, what's taken so long?
Coordinated police operations across seven European countries resulted in the arrest of two Belarusian hackers by Polish authorities for allegedly committing black box attacks against ATMs. Such attacks cause an ATM cash dispenser to dispense cash on demand.
The new BlackMatter ransomware operation claimed to have incorporated "the best features of DarkSide, REvil and LockBit." Now, a security expert who obtained a BlackMatter decryptor reports that code similarities suggest "that we are dealing with a Darkside rebrand here."
A high-ranking member of the FIN7 payment card theft group has been sentenced to seven years in federal prison. Andrii Kolpako worked as a "pen tester" for the organization, prosecutors say.
Some 26 million passwords were exposed in a 1.2 terabyte batch of data found by NordLocker, a security company. It's workaday botnet data, but it highlights a hostile malware landscape, particularly for people still inclined to download pirated software.
If you're a Russian cybercrime gang feeling the heat after being sanctioned by the U.S. government, why not rebrand? So goes an apparent move by Evil Corp to disguise its WastedLocker ransomware as rival gang Babuk's PayloadBin, so any ransom payers won't think they're violating U.S. sanctions.
A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.