Four editors at Information Security Media Group analyze private-public partnerships today, preview ISMG's upcoming cybersecurity summit in Africa and discuss the increasing use of intermittent or partial encryption by ransomware gangs as a means to extort money from victims faster.
Uber is probing a hack attack after an intruder appeared to breach multiple internal systems, using the company's Slack messaging app to announce: "I am a hacker and Uber has suffered a data breach." The ride-hailing service has taken multiple systems offline while it investigates.
Dain Drake was CEO of a steel fabrication factory. In June 2019, Drake found himself standing outside a closed adult boutique in Houston at 10:00 a.m. on a Sunday. He called the owner and pleaded for him to come. He needed something inside, which might just save his business - from ransomware.
The Lazarus Group, a North Korean advanced persistent threat gang, recently targeted energy companies in Canada, the U.S. and Japan to establish long-term access into victim networks to conduct espionage operations by deploying custom-built malware implants VSingle, YamaBot and MagicRAT.
Banking regulators are looking for ways to tackle authorized payment scams, such as spreading the risk to other banks. In a new report on how eight countries are handling this fraud, researcher Ken Palla advises banks to focus on reimbursing victims and preventing the theft.
The only surprising aspect of the ransomware attack against Los Angeles Unified School District is that it didn’t happen sooner. The district was warned of cybersecurity weaknesses in the 20 months leading up to its ransomware attack. The Vice Society gang has claimed credit.
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
A U.S. law enforcement investigation involving multiple countries resulted in the shutdown of an online marketplace selling millions of Social Security numbers, payment cards and other credentials. Prosecutors unsealed a complaint against a Moldovan man fingered as the operator.
Whether for profit or in furtherance of Russian geopolitical interests - or both - former members of the Conti ransomware group have been targeting networks operated by the Ukrainian government and businesses, as well as European nonprofit organizations, Google's Threat Analysis Group reports.
Patrons of InterContinental Hotels Group hotels might need to call the front desk rather than book hotel rooms online due to an ongoing cyberattack. Cybersecurity intelligence firm Hudson Rock tells ISMG telemetry indicates multiple employees downloaded malware compromising their credentials.
In today's dynamic threat environment, security teams must adopt a risk-based approach, prioritizing the most important areas of their organization. They also should not be afraid to seek outside help. Murtaza Hafizji of Bugcrowd discusses the merits of crowdsourced security.
It's been over one year since the release of President Biden's cybersecurity executive order, and federal agencies are making measurable progress in adopting zero trust architecture. Dennis Reilly of Gigamon discusses specific progress around visibility and observability in the network pillar.
The operators behind banking Trojan SharkBot are distributing an updated version of the malware on now-deactivated malicious applications on Google Play. Called Mister Phone Cleaner and Kylhavy Mobile Security, the apps have been downloaded 10,000 and 50,000 times, respectively, says Fox-IT.
In the latest "Proof of Concept," experts join ISMG editors to discuss concerns over Twitter's security leading up to the U.S. midterm elections, the move by the U.S. Department of Justice to file its most sensitive court documents on paper, and the recent sanctions against Tornado Cash.
Why is business identity theft increasing, and what are the latest tactics fraudsters are using to scam businesses and gig workers? Eva Velasquez, CEO at the Identity Theft Resource Center, shares her views on how business identity theft has evolved over the years and how to prevent it.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.