The imperative for CISOs during the COVID-19 pandemic is to do more with less. While disruptive attacks - as well as privacy concerns - keep rising, budgets are down. As organizations rapidly adopt new technologies, however, EY's Kris Lovejoy says CISOs must seize the opportunity to streamline.
The U.S. Cybersecurity and Infrastructure Security Agency and the FBI have issued an alert providing details on the activities of a North Korean hacking group dubbed Kimsuky. The group, which has primarily focused on South Korean targets, has also conducted espionage campaigns in the U.S. and Japan.
Some 21 malicious Android apps containing intrusive adware were discovered on the Google Play Store, but most have now been removed, according to a new report from the security firm Avast.
A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices. The IoT Security Foundation and Oxford Information Labs say the platform could help vendors comply with new IoT regulations and standards.
French IT services firm Sopra Steria is confirming that its internal infrastructure sustained a Ryuk ransomware attack that has disrupted its operations, with a full recovery expected to take weeks.
Implementation of 3D Secure 2.0, a protocol designed to be an additional security layer for online credit and debit card transactions, by banks and merchants alike can play a critical role in reducing "authorized payment fraud," two security experts say.
A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab.
Security researchers at Imperva have uncovered a botnet that attacks vulnerabilities in websites' underlying content management systems and then uses these compromised servers to mine for cryptocurrency or send spam to more victims.
"Cybercrime is an evolution, not a revolution," says Europol's Philipp Amann, who oversees the EU law enforcement intelligence agency's annual study of the latest cyber-enabled crime trends. Ransomware, social engineering and the criminal abuse of cryptocurrency and encryption are some of the top threats.
The Treasury Department has issued sanctions against a Russian research institute that U.S. officials now claim helped deploy Triton, destructive malware designed to damage industrial control systems. The announcement follows other economic penalties levied against Iran in the same week.
The European Union has issued sanctions against two Russian nationals alleged to have hacked Germany's lower house of parliament, or Bundestag, in 2015. EU officials say both men work for the Russian military intelligence unit GRU.
U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September and exfiltrated data. So far, however, the attackers do not appear to have attempted to otherwise interfere with or disrupt those networks.
Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials.
The operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also assist in picking specific targets, according to Sophos.
The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.