Video game developer Ubisoft has confirmed that a cybersecurity incident caused temporary disruption to some of its games, systems and services, and the ransomware gang Lapsus$, which was behind the breaches at Samsung and Nvidia, is implying that it may have been responsible.
What are the ethics of paying ransom to cybercriminals who might be working as a proxy cyber force in support of Russia's invasion of Ukraine? Realistically, whether or not to pay often comes down to a business decision. But Russia's invasion further complicates the optics for ransomware victims.
The U.S. OMB recently released its latest deliverable as part of President Biden's cybersecurity executive order. Former federal CISO Grant Schneider discusses this guidance and shares best practices for agencies and organizations to improve the security of their software supply chain.
A panel of experts at PaloAlto's SASE Day says business agility, the single console of security control and visibility, the exponential cost of securing every endpoint, and the single technology architecture that helps expand and scale the business are the drivers for SASE adoption.
Which adversaries' attack techniques do enterprises need to prioritize? This question was the basis of a research project conducted in part by MITRE and partners such as Fortinet's FortiGuard Labs. Fortinet's Douglas Jose Pereira dos Santos discusses the value of high-resolution threat intelligence.
Cybersecurity in Russia right now is complicated, owing to reprisals over its Ukraine invasion, leading to Russia launching its own root certificate to keep sites online; facing down "Russians only" RURansom wiper malware; and Avast being the latest business to suspend all operations in the country.
Ari Redbord of TRM Labs joins editors at ISMG to discuss President Biden's executive order on digital assets, the role of cryptocurrency in the Ukraine-Russia war and nuances for ransomware victims who consider paying a ransom, and trends in regulatory guidance and leadership for digital currency.
With Ukraine having called on the world to join its "IT Army" and help it hack Russia and ally Belarus, what could possibly go wrong? For starters, launching distributed denial-of-service attacks - at least from outside Ukraine - remains illegal and risks triggering an escalation by Moscow.
U.S. President Joe Biden this week issued a cryptocurrency executive order that addresses consumer protection, national security and financial stability. Ari Redbord, former senior adviser at the U.S. Treasury, calls this order "a clarion call" for crypto regulation and shares his initial reaction.
The ISMG Security Report features an analysis of the U.S. government's request for billions of dollars in tech aid to curb the global impact of the Kremlin's campaign in Ukraine. It also examines Biden's cryptocurrency executive order and why breached organizations often don't share full details.
As expected, President Joe Biden on Wednesday signed an executive order on cryptocurrency that tackles consumer protection, financial stability, national security and climate risks. The administration calls it the first whole-of-government strategy to rein in cryptocurrencies.
In an excerpt from his book "CRISC Certified in Risk and Information Systems Control All-In-One Exam Guide," Peter Gregory discusses choosing the fifth option in risk management, which is ignoring the risk. He warns of the problems that choice can cause.
President Joe Biden is expected to outline a whole-of-government approach to reining in cryptocurrencies, which have been criticized for lax cybersecurity measures. Media reports say the administration will announce an executive order on crypto this week, to align the U.S. with global allies.
Federal authorities are warning about seven vulnerabilities affecting a software agent used to remotely manage an array of medical devices and other connected gear. If exploited, the vulnerabilities could enable hackers to gain full control of the affected devices or alter their configurations.
As Western cybersecurity officials warn that Russia's Ukraine invasion poses an elevated cybersecurity risk to all, kudos to Cloudflare, CrowdStrike and Ping Identity for offering free endpoint security and other defenses to the healthcare sector and power sectors, for at least four months.