Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
APT-C-23, a politically motivated, Hamas-linked threat actor, is using fake Facebook profiles to trick high-ranking Israeli officials into downloading previously undocumented Trojanized Android and PC direct message applications that grant them access to the victims' devices.
A week after the Spring4shell vulnerability was first detected, security companies Microsoft, Check Point and Akamai have identified exploitation attempts, and Trend Micro has confirmed the first successful attempt - the Mirai botnet leveraging CVE-2022-22965 for its malicious operations.
David Pollino, former CISO of PNC Bank, joins two editors at ISMG to discuss what organizations can do to harden their cybersecurity defenses, how we need to think about our adversaries differently in today's threat landscape and how the "Great Resignation" is affecting cybersecurity.
A $960,000 NFT rug pull scam has affected at least 1,191 people who bought the tokens, a blockchain investigator and researcher who tweets as @zachxbt tells ISMG. Michael Fasanello, a private sector compliance professional specializing in anti-money laundering, also verifies the scam.
The Food and Drug Administration on Thursday issued revamped draft guidance providing updated and detailed recommendations for how medical device makers should address cybersecurity risk in the premarket of their products, especially as the threat landscape continues to evolve.
Investment platform Cash App, a subsidiary of U.S.-based payments company Block, says it has been breached. The incident happened last year when a former employee downloaded reports containing Cash App U.S. customer information, including full names, brokerage account numbers and portfolio values.
CrowdStrike, Microsoft and Trend Micro sit atop the Forrester Wave for endpoint detection and response as vendors grapple with business data increasingly moving to the cloud. This has forced EDR providers to build out full-fledged Extended Detection and Response platforms that protect cloud data.
In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.
The Justice Department has announced that it has successfully disrupted "Cyclops Blink," a botnet controlled by the Russia-linked threat actor Sandworm, aka Voodoo Bear. The court-authorized operation was conducted in March and removed the botnet from thousands of infected devices worldwide.
New BeyondTrust CEO Janine Seebeck plans to help privileged users protect themselves by applying machine learning to detect patterns in the data generated across BeyondTrust's 20,000 customers. She starts as BeyondTrust's CEO July 1 and replaces Matt Dircks, who has led the company since 2014.
Financial institutions must be aware of artificial intelligence being used by criminals against them, says John Buzzard, lead analyst, fraud and security, Javelin Strategy & Research. He discusses the findings of Javelin's latest identity fraud report.
The U.S. Treasury Department has sanctioned Russian darknet marketplace Hydra and cryptocurrency exchange Garantex. The German Bundeskriminalamt shut down Hydra on Tuesday, and Garantex allegedly was involved in ransomware and cybercriminal activities targeting U.S. citizens and other entities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.