The latest edition of the ISMG Security Report analyzes how the U.S. government is offering a reward of up to $5 million for information to help it disrupt the illicit flow of funds to North Korea. The report also examines approaches to enhance banks' cyber defenses and U.S. regulatory trends.
The U.S. government is offering up to $5 million for information that helps disrupt the illicit flow of funds to North Korea, including via cryptocurrency exchange hacks and ransomware. The expanded reward comes as the FBI has attributed a $620 million cryptocurrency heist to North Korean hackers.
Microsoft says it has seized control of 65 domains that the ZLoader gang has been using to grow, control and communicate with its botnet. ZLoader, a descendant of the ubiquitous Zeus banking malware, is run by a global, internet-based, organized crime gang operating malware as a service.
The Dutch Data Protection Authority has imposed penalties of 3.7 million euros ($4 million) and 565,000 euros ($600,000) on the Dutch Tax and Customs Administration and the Ministry of Foreign Affairs, respectively, for violating the General Data Protection Regulation.
Last week, the U.S. Department of Justice said that law enforcement authorities had made "one of the largest cryptocurrency forfeiture actions ever filed by the United States," confiscating about $34 million worth of cryptocurrency "tied to illegal dark web activity." Here's how they made it happen.
A yearlong joint operation by law enforcement agencies across several countries led to the shuttering of darknet marketplace RaidForums and the seizure of three domains hosting the website. Its 21-year-old alleged founder and two unidentified co-conspirators have also been arrested.
Acting Comptroller of the Currency Michael J. Hsu says there are compelling arguments for a centralized U.S. stablecoin, but there are also high risks associated with it. Some security experts question whether the technology has advanced enough and consider stablecoin risks.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.
The Justice Department has announced that it has successfully disrupted "Cyclops Blink," a botnet controlled by the Russia-linked threat actor Sandworm, aka Voodoo Bear. The court-authorized operation was conducted in March and removed the botnet from thousands of infected devices worldwide.
Europol on Tuesday announced the arrest of more than 100 individuals who were detained for their suspected roles in an international call center scam. The suspects arrested are believed to have turned an illegal profit of over 3 million euros per month with this scam.
The U.S. FCC's Public Safety and Homeland Security Bureau voted unanimously to ban Kaspersky Lab, China Telecom (Americas) Corp., and China Mobile International USA Inc., saying they pose a national security threat. And bug bounty platform HackerOne also suspended Kaspersky.
An Estonian national accused of causing more than $53 million in ransomware losses has been sentenced to U.S. federal prison for furthering and facilitating computer intrusions, the movement of fraudulently obtained goods and funds, and the monetization of stolen financial account information.
As President Joe Biden visits Europe this week, the U.S. and the European Commission announced they have agreed in principle to a new Trans-Atlantic Data Privacy Framework. Officials say it will foster cross-border data flows and address concerns raised by the EU Court of Justice in 2020.
The U.S. Department of Justice has indicted a 23-year-old Russian national for operating a cybercriminal marketplace that sold thousands of stolen login credentials, PII and authentication tools, according to U.S. Attorney Brit Featherston of the Eastern District of Texas.