The latest edition of the ISMG Security Report discusses how Russian-speaking ransomware gangs have their eyes on a new target, offers the latest on Australia's data security reckoning and the government’s response, and outlines emerging trends in customer identity and access management.
Australia's data breach debacle expanded on Thursday. Cyber extortionists who attacked Australian health insurer Medibank provided proof of their hack of medical data. Also, stolen data from Australian wine retailer Vinomofo was put up for sale on a Russian-language forum.
Hacking capabilities once reserved for nation-states are filtering down to the level of crimeware, warns Kaspersky researcher Sergey Lozhkin. Darknet forums are filled with self-taught hackers selling advanced capabilities for a good price, he says.
A European ring of auto thieves used software branded as a diagnostic tool to perform fobless thefts of cars made by two French manufacturers. It looks as if the thieves found a vulnerability in the electronic control unit governing the authorization of new key fobs.
Personal data from MyDeal, a marketplace owned by Australia's Woolworths Group grocery chain, has appeared for sale on a data leak forum. It comes as wine retailer Vinomofo disclosed a breach and as the Optus telecommunications breach continues to fuel data security concerns in Australia.
In the latest "Proof of Concept," Lisa Sotto of Hunton Andrews Kurth LLP and former CISO David Pollino join ISMG editors discuss the first California consumer protection fine issued against retailer Sephora, defending against new ransomware tactics, and mitigating the impact of Zelle scams.
Australian health insurer Medibank Group says it has found no evidence of data compromise following its Wednesday detection of unusual network activity. The company, which serves nearly 4 million Australians, restored access to its policy websites on Friday.
In the latest weekly update, ISMG editors discuss the trending themes from the 2022 ISMG Southeast Summit, plans by cryptocurrency exchange Binance to implement security measures to shore up cross-chain vulnerabilities, and the viability of a proposed data flow agreement between the U.S. and Europe.
Fast-fashion clothing giant Shein has been fined $1.9 million by the New York state attorney general for multiple failings tied to a massive 2018 data breach, including substandard password security as well as failing to alert users or force password resets in a timely manner.
The latest ISMG Security Report examines whether banks should be held liable for the rapidly increasing Zelle fraud problem, explores the latest M&A activity among IAM vendors, and discusses the implications of the new legal framework for personal data transfers between the U.S. and Europe.
Both internal and external fraud are expected to grow as economic conditions worsen. Fraud education expert Andi McNeal shares insights on what anti-fraud practitioners are expecting over the next year, the types of fraud to watch out for and how to mitigate fraud risks.
Business Email Compromise (BEC) losses are up 51% year-over-year according to the FBI Crime Report. Additionally, Ransomware is surging, with more than double the number of incidents reported. It takes a defense-in-depth approach to reduce the risk of these popular threats. By understanding the current threats and...