From the RSA Conference in San Francisco, four ISMG editors discussed highlights from the first day including the keynote on global threats by U.S. Secretary of State Antony Blinken, enterprise risk management concerns and the role of the board, and the latest technology innovations.
Geopolitical events increasingly pose risks to organizations' cybersecurity posture, the current and former leaders of the U.S. Cybersecurity and Infrastructure Security Agency - Jen Easterly and Chris Krebs - warned at this year's RSA Conference in San Francisco.
The digital payment landscape is undergoing transformative growth, with cybersecurity at its core. Dharshan Shanthamurthy, CEO at SISA, discussed the urgency of addressing cybersecurity in an industry that is not only lucrative for businesses but also for motivated criminal gangs.
Sensitive information of thousands of U.K. defense personnel was exposed to hackers after a threat actor with suspected ties to the Chinese government compromised the networks of a defense contractor. The data may not have been stolen, a government official said.
Members of the Iranian state hacking group APT42 have been observed posing as journalists from credible news outlets and well-known research institutions as part of a global effort to harvest credentials and hack into victim cloud networks, according to a Mandiant report published Wednesday.
The German and Czech governments on Friday disclosed that Russian military intelligence hackers targeted political parties and critical infrastructure as part of an espionage campaign that began last year. "The EU will not tolerate such malicious behavior," the European Union said in a statement.
U.S. and international cyber authorities issued a warning Wednesday that pro-Russian hacktivists are increasingly targeting small-scale operational technology systems throughout North America and Europe that have been left vulnerable to attacks due to internet-exposed industrial control systems.
Russian nation-state hackers who compromised Microsoft's source code repository gained read-only access but not the ability to change code, top company officials reportedly told a German parliamentary committee on Wednesday. Microsoft is being criticized for high-profile security failures.
Probable nation-state hackers targeted Cisco firewall appliances in a campaign dating to late 2023, the networking giant disclosed Wednesday while releasing three patches, two of them rated critical. Cisco doesn't connect the hackers with a specific country. It dubs the campaign "Arcane Door."
Ukraine's Computer Emergency Response Team is warning of a rise in Russian cyberattacks targeting the country’s energy sector, with nearly 20 identified attacks on Ukrainian energy facilities in March, ahead of a potential large-scale offensive expected later this spring.
Russian military intelligence hackers are using an 18 month-old vulnerability in the Windows print spooler utility to deploy a custom tool that elevates privileges and steals credentials. Microsoft says it's seen post-compromise activities against Ukrainian, European and North American governments.
The U.S. federal government instigated a full court press against four alleged Iranian state hackers, unsealing a multi-count criminal indictment, slapping the men with Treasury sanctions and offering a reward of up to $10 million for their capture.
State-sponsored hackers have responded to improved network scanning by shifting their focus to edge devices characterized by patchy endpoint detection and proprietary software that hinders forensic analysis, warns Mandiant. "Attackers are focusing more on evasion," it says in a report.
Ukraine's Computer Emergency Response Team is warning in an April report that a Russian hacking group known as UAC-0184 is using open-source malware to target Ukrainian soldiers on popular messaging apps such as Signal, as concerns grow over the Kremlin’s advanced hacking capabilities.
A new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot stands out for its approach to camouflaging its malicious intent.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.