A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," says former National Security Agency deputy commander Tim Kosiba, CEO of security firm bracket f.
Obsidian Security has closed a Series C funding round to prevent session hijacking on more platforms and increase the number of SaaS applications being defended. Obsidian wants to go from protecting 25 major SaaS applications today to safeguarding hundreds of SaaS applications in a year or two.
Ronin Network, which powers the popular NFT game Axie Infinity, announced it had been the victim of a security breach that amounted to about $615 million in stolen funds. The company tweeted that the attacker's wallet had been connected to Binance and that an investigation is currently underway.
Researchers discovered a new social engineering-heavy malware campaign focused on defrauding employees in West Africa's banking sector. Although this campaign is not exactly new, it shows a detailed account of what social engineering looks like, according to cybersecurity veteran Tari Schreider.
Microsoft says it has seized control of 65 domains that the ZLoader gang has been using to grow, control and communicate with its botnet. ZLoader, a descendant of the ubiquitous Zeus banking malware, is run by a global, internet-based, organized crime gang operating malware as a service.
U.S. government agencies, including the Department of Energy, CISA, the NSA and the FBI issued a joint cybersecurity advisory about advanced persistent threat actors using new tools and malwares to target industrial control systems and supervisory control and data acquisition devices.
Accenture's new ransomware report reveals key challenges in executing an effective communications plan. Robert Boyce, managing director of global cyber response, discusses why existing recovery strategies aren't enough and offers practical steps for managing a ransomware response.
The latest edition of the ISMG Security Report analyzes the latest cyberthreats to the energy sector as Russia's invasion of Ukraine continues. It also examines best practices for Customer Identity and Access Management and how healthcare institutions can sharpen their defense strategies.
A week after Microsoft announced the Windows Autopatch feature and declared that, come July, the tradition of Patch Tuesday will end, it's Patch Tuesday again, and the company has issued more than 100 security fixes for software that resolve critical issues, including two zero-day vulnerabilities.
A yearlong joint operation by law enforcement agencies across several countries led to the shuttering of darknet marketplace RaidForums and the seizure of three domains hosting the website. Its 21-year-old alleged founder and two unidentified co-conspirators have also been arrested.
KKR plans to buy Barracuda Networks to support growth in managed detection and response, extended detection and response, and secure access service edge. KKR plans to provide resources and expertise to fuel Barracuda's growth past the $500 million sales figure it hit under Thoma Bravo's ownership.
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and Eset, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
Japanese multinational conglomerate Panasonic has been breached for the second time within six months. The company says its Canadian operation recently discovered that it was a victim of a targeted cybersecurity attack affecting some of its systems, processes and networks.
Starting in July, the second Tuesday of every month will "just be another Tuesday," Microsoft says. After releasing patches for vulnerabilities in its software every second Tuesday of every month since 2016, Microsoft says it is now set to roll out automatic updates. Some security experts weigh in.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.