In the latest weekly update, editors at ISMG discuss whether police have seized ransomware group Alphv/BlackCat's data leak site, how fraudsters are adapting their tactics and techniques to exploit advancements in technology, and which cryptocurrency stories shaped the industry this year.
The departments of Commerce, State and Justice are among the 20 agencies identified in a Government Accountability Office report as having failed to meet key cyberthreat incident response deadlines outlined in the 2021 cybersecurity executive order.
Criminal use of social engineering at scale continues to surge, as AI-driven automation and easy access to stolen personal information enables attackers to create ever-more sophisticated and tough-to-detect assaults, says Sharon Conheady of First Defense Information Security.
As Russia's all-out invasion of Ukraine continues, Moscow's strategy for targeting Ukrainian allies centers on "painting the picture of incompetent governments that can't protect from the Russian might" via misinformation and disinformation campaigns, said Ian Thornton-Trump, CISO of Cyjax.
Our email authentication experts will be on hand to provide their insight and a demonstration of how exactly Proofpoint Email Fraud Defense can help identify and close requirement gaps.
As a legacy protocol, DICOM lacks proper security measures, and as the healthcare industry modernizes and moves to the cloud, there is a significant risk of patient data exposure, said Sina Yazdanmehr, a senior IT security consultant at Aplite.
A U.S. federal court at the behest of Microsoft seized multiple domains used by a Vietnamese cybercrime group that created 750 million fraudulent Microsoft accounts while raking in millions of dollars in illicit revenue. Storm-1152 also sold services to bypass CAPTCHA.
This week: 2023 hacking statistics, order for ex-Binance chief to stay in U.S., a $25M crypto AI scam indictment, a $2.7M OKX hack, a Bitcoin security flaw in the NVD, a Uranium hacker's laundering scheme, NDAA rejection of crypto provisions, and Poloniex on regulator radar.
This week, French police arrested an alleged Hive "banker," Amazon cracked down on a refund fraud ring, Ukraine military intelligence said it hacked the Russian tax system, the U.K. Ministry of Defense was fined and Kraft Heinz said it is doing fine after an alleged ransomware attack.
A recently spotted hacking group with a penchant for using open-source tools has been using a less-than-novel tactic: exploiting SQL injection flaws. So warn researchers who recently detected attacks by the group, which has the codename GambleForce and appears to focus on gambling and retail firms.
Ukraine's domestic security agency on Wednesday fingered Russian military hackers as being responsible for hacking Kyivstar, in a statement acknowledging damage to the telecom operator's digital infrastructure. Ukraine's top telecom operator was the target of a Tuesday cyberattack.
The Cybersecurity and Infrastructure Security Agency released an advisory Wednesday warning that a Russian military intelligence unit has been actively exploiting a widely used software product since September as part of an effort to gain long-term access to compromised systems.
Hackers are exploiting OAuth applications to compromise user accounts, manipulate and confer elevated privileges, and set up cryptomining operations, which has cost some organizations up to $1.5 million in losses, according to Microsoft's Threat Intelligence team.
Russia and China are expert at picking the "most difficult nexuses" in society - such as free speech protections in the United States - and using them against us, said Jeff Moss, creator of the Black Hat conference, as he outlined near-term geopolitical challenges facing cybersecurity defenders.
Major government agencies in the United States intend to apply artificial intelligence, but the majority of planned use cases are still at the planning stage, a congressional watchdog said. Missing from those efforts is governmentwide guidance on the acquisition and use of AI technologies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.