A music streaming blockchain service patched a bug on a smart contract that had gone undetected since 2020. An attacker used it to steal $AUDIO crypto tokens worth nearly $6 million and sold them for more than $1 million. The vulnerability wasn't detected by multiple smart contracts security audits.
Nascent startups have ditched the "growth at all costs" mantra of 2021 to hold onto enough cash to weather the macroeconomic storm expected later this year. Gone are the days of security vendors promising to double annual sales while burning cash even faster than they bring in new business.
Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.
Getting cybersecurity right means CISOs need peer relationships with other operations executives. CISOs need board access and a handle on the company business, writes Ian Keller, director of security at a telecom company. "And then you'll wake up and realize this is not as simple as it sounds."
The U.S. Department of Justice unsealed its first insider trading case involving cryptocurrency markets, marking an escalation of traditional oversight. The case comes as a federal jury convicted a New York man for defrauding investors who bought into his supposed cryptocurrency.
Halborn raised $90 million to expand its audit and penetration testing services and more effectively safeguard the crypto industry. The proceeds will bolster its protection for cryptocurrency lending protocols and better defend the money flowing into and out of the cryptocurrency ecosystem.
Premint NFT platform users became victims last weejend of one of the biggest NFT attacks ever. The company says an open-source vulnerability led to the compromise of its website, resulting in its users losing about $500,000 worth of blockchain assets.
The evidence is in the news: Threat actors are taking constant advantage of weakly secured applications. Dan Shugrue of Digital.ai discusses how to secure applications from the start by creating a new blueprint for developing secure software.
The company ePlus has purchased Future Com to strengthen its security operations strategy and support of managed services. The deal will allow ePlus to help customers evolve their security operations teams from correlating and analyzing logs to delivering advanced capabilities like threat hunting.
A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.
Bishop Fox has closed a $75 million funding round to strengthen its visibility and continuous testing capabilities across all service offerings. The company will go from having just its attack surface testing on the Cosmos platform to all service offerings, including app pen testing and red teaming.
Ransomware attacks and data breaches: One thing both have in common is the challenge of attempting to accurately understand their true scale and impact. Too often, data breach notifications lack useful details, while ransomware attacks and ransom payments go unreported.
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
Rui Ribeiro, the founder and CEO of Jscrambler, a company that monitors and obfuscates JavaScript code, discusses the proliferation of web applications that use third-party code, the liability risks that often exist, and how Jscramber's products can increase the security of all application code.
Thieves behind a phishing campaign targeting investors into a cryptocurrency exchange got away with at least $8 million. The attack took advantage of human credibility, not a cybersecurity exploit in the Uniswap protocol, experts say. The stolen funds are being laundered in a cryptocurrency mixer.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
