(ISC)² released results of an online poll about the Log4j vulnerability and the human impact of the efforts to remediate it. CISO Jon France shares findings from the survey, revealing the severity and long-term consequences of the Log4j attack for security teams and the organizations they protect.
Prospects of Russia reviving its economy via cryptocurrency remain limited, officials have said, but the U.S. Treasury Department is reportedly warning that it has detected a rise in the use of digital assets for illicit transactions, including after Feb. 24, when the war began.
In the coming weeks, U.S. President Joe Biden will announce a new executive order to prevent and detect identity theft involving public benefits. Jeremy Grant, coordinator of the Better Identity Coalition, discusses the challenges ahead for the government in combating criminal and identity fraud.
The ransomware-as-a-service operation AvosLocker has been amassing "victims across multiple critical infrastructure sectors in the United States," the FBI warns in a new alert that includes known indicators of compromise and tactics employed the group and essential defenses for all organizations.
Researchers have uncovered a full-time initial access broker group that serves both Conti and Diavol ransomware groups. Google's Threat Analysis Group - TAG - observed this financially motivated threat actor, dubbed Exotic Lily, exploiting a zero-day in Microsoft MSHTML tracked as CVE-2021-40444.
SentinelOne plans to buy security firm Attivo Networks, and the acquisition is scheduled to close sometime this summer. Some cybersecurity analysts and experts speak with Information Security Media Group about the gains and possible pitfalls of this $615.5 million deal.
As the Ukrainian military resists Russian advances toward its major population centers, its IT security teams are contending with record cyber incidents - although the same is true of their eastern neighbors, with Russia reporting "unprecedented" cyberattacks on its networks.
In the latest weekly update, four editors at ISMG discuss how Russia's invasion of Ukraine complicates cybercrime ransomware payments, a former U.S. Treasury senior adviser's take on Biden's cryptocurrency executive order, and important points regarding the upcoming identity theft executive order.
If Russia uses hack attacks to support its invasion, would Western governments want to immediately attribute those attacks or disruptions? Enter a Thursday alert from the U.S. government warning that it is "aware of possible threats to U.S. and international satellite communication networks."
Two trends that have only grown over the past two years: Hybrid workforce and adoption of the zero trust architecture. Peter Newton of Fortinet shares how zero trust network access is now key to helping ensure security with workers now balancing on-premise and remote work.
Cyber insurance: It's both more necessary than ever and harder to acquire. Erin Meyers of Bitdefender talks about the new marketplace and how deploying MDR and XDR can help enterprises be better prepared and more attractive to prospective cyber insurers.
U.S. lawmakers on Thursday again discussed illicit finance with regard to cryptocurrencies - in light of recent warnings that the Russian government may increasingly rely on digital currencies to stabilize its sanctioned economy. And Sen. Elizabeth Warren introduced a sanctions-related bill.
A security researcher found two critical vulnerabilities and one high-severity vulnerability in two separate Veeam products that may allow attackers to perform remote code execution and allow local privilege execution on victims' systems, respectively. Veeam has issued patches for all three bugs.
Cybersecurity company NortonLifeLock's $8.6 billion plan to purchase rival Avast has hit a snag. On Thursday, the U.K.'s regulatory body expressed anti-competition concerns about the proposed deal. The Competition and Markets Authority has given the firms five days to provide a "clear-cut solution."
The current and former owners of CafePress, a site for selling customizable merchandise, have agreed to a draft Federal Trade Commission settlement tied to multiple security shortcomings that failed to prevent or detect a 2019 data breach that exposed 22 million users' account details.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.