Cryptocurrency exchange Coinbase briefly halted its services Feb. 11 after a security researcher uncovered a critical vulnerability affecting its Retail Advanced Trading platform, allowing malicious users to sell BTC without owning any. The researcher who found the flaw got a $250,000 bug bounty.
On this week's "Sound Off," attorney Lisa Sotto demonstrates how Colonial Pipeline did "a lot right" in its response to the DarkSide ransomware attack that led the firm to shut down operations for nearly a week last May. She shares best practices for enterprises to improve incident response plans.
The Conti ransomware group has a new trick up its sleeve: hiring "multiple elite developers and managers" to essentially acquire the venerable TrickBot malware operation, which it has been using for the past year to better distribute its ransomware, says threat intelligence firm Advanced Intelligence.
In 2019, 23 cities across Texas were struck by one of the largest ransomware attacks ever in the U.S. The attack, which involved the REvil ransomware, started with a compromised managed service provider. While the cities recovered quickly, the MSP sustained irreparable damage.
After Russian President Putin's doubled down on the claim that Ukraine has always been a part of Russia, federal and state-level agencies prepare for cyberattacks that could be on the horizon if the situation escalates. CISA and other agencies recommend keeping rapid communication systems in place.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
The accelerated consumption of digitized services has not only changed the banking landscape - it has affected anti-money laundering risks and defenses. David Stewart and Paul Franks of SAS weigh in on emerging risks, defenses and shifts in the AML compliance landscape.
The Department of Justice has named Eun Young Choi as its first National Cryptocurrency Enforcement Team's director, and the FBI formed the Virtual Asset Exploitation Unit to assist with blockchain analysis for theft and extortion crimes that have connections to crypto.
Botnet attacks have affected multiple organizations recently, resulting in web scraping as well as theft of financial information. They include a massive bot attack to scrape data from a job listing site and a TrickBot malware attack targeting 60 high-profile companies.
Are data breaches getting worse? So far for 2021, the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased both in the U.S. and globally.
In the latest weekly update, four ISMG editors discuss how ransomware attacks got worse in 2021, the backlash from privacy experts sparked by the IRS' decision - now changed - to use facial recognition technology on American taxpayers, and why cybersecurity fosters competitive advantage.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
The U.S.-China Economic and Security Review Commission on Thursday held a daylong hearing on cybersecurity threats posed by Xi Jinping-led China, including the nation's expansive cyberespionage and disinformation capabilities, along with its technical prowess in cyberwarfare.
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which - since at least 2017 - has consistently used more than a dozen remote access Trojans to control compromised machines, according to a report from Proofpoint.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.