The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
Fraudulent emails portrayed as coming from the Financial Industry Regulatory Authority, a not-for-profit organization that oversees brokerage firms and exchange markets in the U.S., are asking member firms to provide information or face penalties, FINRA warns.
The U.K. National Cyber Security Center has introduced a button that can be added to Microsoft Office 365 business accounts so users can directly report phishing emails to the center's Suspicious Email Reporting Service via Outlook. It has also introduced a tool for reporting scam websites.
T-Mobile USA says it is investigating a claim that as many as 100 million accounts may have been compromised in a data breach. The person who claims responsibility for the alleged breach says T-Mobile misconfigured a Gateway GPRS Support Node.
Joshua Brown, who recently took over as global CISO for H&R Block, has started tackling issues ranging from creating metrics for the security team to deploying "zero trust." Brown is striving to create an inclusive team to reflect the firm's values.
The London High Court has ordered the cryptocurrency exchange Binance to attempt to identify and freeze accounts belonging to the attackers who allegedly stole about $2.6 million from U.K.-based Fetch.ai.
Gökhan Yalçın, CISO of Turkey's Yapı Kredi Bank, says integral training for his role has included not just learning how to defend bank networks but also stints working for security vendors as a consultant supporting different sectors, which helped sharpen both his technical and nontechnical skills.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
A yearlong phishing campaign used various techniques to help evade security tools while attempting to harvest the credentials of Office 365 users, according to Microsoft researchers. In some cases, the attackers even used Morse code to help avoid detection.
Ukrainian police have shuttered several allegedly illegal cryptocurrency exchanges throughout the country that were processing about $1.1 million in virtual currencies each month. Officials say the exchange allegedly appeared to facilitate money laundering and had connections to Russia.
The hacker behind the $612 million breach of the blockchain-based Poly Network system has reportedly returned all stolen assets. Security experts have highlighted a critical vulnerability and a need for further DeFi security regulations.
Cybercriminals have developed a blockchain analytics tool on the darknet that could help a gang launder illegally obtained bitcoin, and they are actively marketing it, according to the cryptocurrency analytics firm Elliptic. The tool, however, is rated as not entirely effective.
Security researchers are tracking several ransomware gangs that are attempting to exploit a series of bugs in Microsoft Windows collectively called "PrintNightmare." Meanwhile, Microsoft has published an out-of-band alert about another zero-day flaw related to the PrintNightmare vulnerabilities.
A recently uncovered cryptomining scheme used malicious Docker images to hijack organizations’ computing resources to mine cryptocurrency, according to the cybersecurity firm Aqua Security.
Nat Smith, senior director security analyst at Gartner, describes what factors potential buyers should consider when vendors pitch artificial intelligence-enabled security solutions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.