In the latest weekly update, ISMG editors examine policies in the U.S. and Europe that could regulate AI, recent developments within the EU cybersecurity and privacy policy arena, and the disparities between the perspectives of business leaders and cybersecurity leaders on the security landscape.
The government of a Caribbean nation was the target of a cyberespionage campaign that has indicators of Chinese origin. Cybersecurity firm Eset says attackers used a previously undocumented backdoor as well as traditional hacking tools to target an unidentified "governmental entity" in Guyana.
Government-sponsored cyberespionage campaigns and information operations are on the rise - and not just due to efforts by Russia and China, Microsoft warns in its latest Digital Defense Report review of top nation-state and cybercrime attack trends.
Hotel and casino giant MGM Resorts says the recent hack attack against it cost $110 million in lost revenue and mitigation expenses. The publicly traded company expects to recoup losses and costs to date via cyber insurance. MGM Resorts says that its investigation remains ongoing.
Clorox said Wednesday an August cyberattack had caused a drop in the bleach manufacturing giant's sales and profits in the quarter ended Sept. 30. The company said organic sales will drop between 21% and 26% due to widespread disruption, order processing delays and product outages after the hack.
Hackers have weaponized a zero-day in a popular workspace collaboration tool to create administrator accounts and gain unrestricted access to their on-premises instances of the software, Atlassian's Confluence Data Center and Server products, which serves millions of daily active users.
This week, Bitsight found a lot of internet-exposed industrial control systems, Apple issued new patches, Sony confirmed a data breach, Google and Yahoo tackled spam, Qualcomm patched three zero-days, Cisco revealed zero-day exploits in VPN, and the FBI warned of twin attacks.
Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
This week, the FTX hacker moved more than $100 million of funds as the trial of the company's former CEO begins; crypto losses in the third quarter of this year were $685.5 million; and the DOJ said that China uses crypto to hide funds and identities in its illicit drug operations.
What do "bank transfer request.lnk" and "URGENT-Invoice-27-August.docx.lnk" have in common? Both are the names of malicious files being sent as part of a phishing campaign attributed to the Qakbot botnet group that has continued despite law enforcement disrupting Qakbot's operations in late August.
Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S. Department of Justice's case against him.
Revenue cycle management firm Arietis Health is notifying the patients of 55 healthcare practices across several states that their sensitive information has been potentially compromised in a hack of Progress Software's MOVEit file transfer application. What can entities learn from these breaches?
South Korean national intelligence has sounded alarms about North Korean hackers targeting the country's shipbuilding industry to steal naval military secrets. The agency said the hacks are part of North Korean leader Kim Jong Un's strategy to build larger, more advanced warships.
Hacktivists who hit healthcare or otherwise target civilians are violating international humanitarian law, warns the International Committee of the Red Cross. As many self-proclaimed hacktivists appear to be Russian government cutouts, will legal threats make them rethink their life choices?
The credit repair industry plays a pivotal role in propelling the latest synthetic ID tactics, which are being used to commit multiple types of account fraud. Two experts shared their insights on why fraudsters are more likely to abuse deposit bank accounts than credit cards these days.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.