The Commercial Bank of Ceylon has apparently been hacked, and its data has been dumped online by the Bozkurtlar hacking group that has leaked data from seven other banks in the Middle East and South Asia since April 26.
Mozilla wants the U.S. government to provide it with information about a possible unpatched vulnerability in its Firefox browser, which was used by the FBI as part of a large child pornography investigation.
The theft of $81 million from Bangladesh Bank was "part of a wider and highly adaptive campaign targeting banks," SWIFT warns its 11,000 customers. Investigators say signs point to the same attackers having hacked Sony Pictures Entertainment in 2014.
There are two elements of a ransomware attack - the infection and then the action that takes place on infected devices. And both elements are evolving, says Ben Johnson of Carbon Black. He shares insight on how to improve ransomware defenses.
Many financial institutions struggle with implementing effective multifactor authentication solutions. They may lack confidence in new methods or grapple with the difficulty of integrating newer technologies with legacy investments. So, what technologies and processes need to be in place to ensure MFA's adoption...
America's cyber infrastructure is under constant attack, and damage to it could have significant consequences. But the presidential candidates haven't had much to say about the issue. At ISMG's Fraud and Breach Prevention Summit, a panel of experts will address how the next president should tackle cybersecurity.
Restaurant chain Wendy's says fewer than 300 of its 5,500 locations were affected by a fall 2015 malware attack that infected a POS system not used at its other locations. The breach highlights why all franchisees under a corporate brand should use the same well-tested POS system, says Gartner's Avivah Litan.
The same Turkish hacking group that recently leaked data from Qatar National Bank and UAE's InvestBank apparently has leaked data that appears to belong to five banks in Nepal and Bangladesh. But are the leaks the result of new breaches?
It's one thing to talk or even plan about "What happens if we are breached?" It's quite another to undertake a true breach exercise. What are the critical elements of such a drill? Author Regina Phelps shares advice from her new book.
The Defense Advanced Research Projects Agency has awarded Georgia Tech a $2.9 million grant to develop a process for quickly identifying and then defending against low-volume DDoS attacks, which are far more common than high-volume attacks but can be just as disruptive.
Australian entrepreneur Craig Wright boasted that he was the secret bitcoin creator known only as "Satoshi Nakamoto." But his claim has been dismantled by security experts, leading one to call Wright "the world's first cryptographically provable con artist."
The FTC and FCC have launched security investigations of mobile device makers and wireless carriers, citing growing concerns over vulnerabilities that threaten "the security and integrity" of these products and services. The regulators are examining how security patches are distributed.
With today's multi-layered attack surface, traditional vulnerability management no longer suffices. Security leaders must embrace a new strategy to help identify and secure true assets at risk. Gautam Aggarwal of Bay Dynamics explains how.
The emerging threats posed by cybercrime and evolving banking services, including mobile banking, will be among the focal points of a keynote address by the Information Security Forum's Steve Durbin at ISMG's Fraud & Breach Prevention Summit in Washington May 17-18.