French IT services firm Inetum Group has confirmed that it was the subject of a ransomware attack last week that disrupted certain operations. The group has ruled out, however, that the incident has any links to the Log4j vulnerability.
Organizations lack a basic understanding of "the landscape of security vulnerabilities," says U.K.-based cybersecurity expert John Walker. He discusses the state of cybersecurity today - including why he prefers the term "verified trust" to Zero Trust - and offers predictions for 2022.
Where the fraud market is headed in 2022, and which fraud prevention strategies will give enterprises the most bang for their buck? Three experts - Featurespace's PJ Rohall, Accenture's Sophia Carlton, and American Bankers Association's Ian Mitchell - detail what to expect next.
As Russia masses troops on its border with Ukraine, the White House says Russian disinformation campaigns have been aimed at destabilizing Ukraine's government, while experts have seen a surge in "cyber intrusions" against infrastructure, banking and government targets in advance of a potential invasion.
Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP, joins three ISMG editors to discuss important cybersecurity and privacy issues, including how U.S. enterprises are harmonizing three disparate privacy laws, and ransomware preparedness.
The latest edition of the ISMG Security Report features an analysis of the most recent developments in the Log4j security flaw crisis, ransomware-era incident response essentials and what to expect from cybersecurity in 2022.
The Department of Justice says it's thwarted a Sony Group insider who allegedly embezzled $154 million, converted the proceeds to bitcoin, and demanded a ransom payment to return the money. Authorities say the former Sony employee has been criminally charged in Japan.
Everyone knows the OWASP Top 10 lists of application security and API risks. But what about #11 and beyond - aren't those key priorities, too? Matt Tesauro of Noname Security talks about "Beyond the Top 10" and relates it back to mitigating the Log4j zero-day vulnerability.
What does the C-suite want to know about ransomware preparedness and response strategies? CEO of (ISC)² Clar Rosso shares findings from the company's new report that provides insights into the minds of C-suite executives and how they perceive their organizations’ readiness for ransomware attacks.
A federal grand jury has handed down a superseding indictment expanding the charges filed against Joe Sullivan, the former CSO of Uber, for his allegedly covering up a 2016 data breach at the ride-sharing service from authorities and paying "hush money" to two hackers. Sullivan denies the charges.
CISA, the FBI, the NSA and several of their international law enforcement partners have issued a joint advisory on the known vulnerabilities in the Apache Log4j software library urging "any organization using products with Log4j to mitigate and patch immediately."
An authentication bypass vulnerability in Zoho's widely used unified endpoint management tool, ManageEngine Desktop Central, is being used by advanced persistent threat actors to gain remote access permissions, the FBI says.
Synthetic ID fraud has grown in popularity, with U.S. companies reporting losses of $20 billion in 2021 compared to $6 billion in 2016. Cybersecurity experts discuss with ISMG why this type of fraud has gained traction, how fraudsters use it, mitigation steps, and what we can expect in 2022.
A week after announcing a new bug bounty program called "Hack DHS," U.S. Department of Homeland Security Secretary Alejandro Mayorkas announced that DHS is expanding the scope of the program to include finding and patching Log4j-related vulnerabilities in the systems.
Sainsbury's, the U.K.’s second-largest chain of supermarkets, confirms that it suffered an outage in its payroll system caused by a cyberattack affecting its cloud-based payroll service supplier - the U.S.-based multinational firm Ultimate Kronos Group, which was hit by a cyberattack last week.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.