The U.S. Department of Commerce has added four foreign companies to its Entity List for allegedly engaging in activities "contrary to the national security or foreign policy interests of the U.S." Two Israeli companies - NSO Group and Candiru - were cited for allegedly supplying spyware to foreign governments to...
The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday issued a new directive - BOD 22-01 - requiring federal civilian agencies to patch vulnerabilities known to be actively exploited in the wild.
Ransomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground says, citing an announcement made by the gang on a Russian underground site.
The Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stock exchanges, to be aware of ransomware actors using their undisclosed merger and acquisition data for extortion.
Facebook plans to shut down its facial recognition system, saying the regulatory landscape is unclear and citing ongoing concerns about the effects on society of using such systems. The company plans to delete more than 1 billion facial profiles.
A new report from the U.S. Treasury Department urges Congress to "act promptly" to issue legislation that brings additional oversight to stablecoins, or crypto tokens pegged to fiat currencies. Federal officials say regulation should match that of traditional financial institutions - as a way to mitigate investor,...
While ransomware remains many criminals' weapon of choice for reliably shaking down victims, the ransomware-attacker landscape itself continues to evolve in numerous ways, with a constant influx of fresh players, regular rebranding, as well as the challenge of cashing in cryptocurrency while staying anonymous.
Wireless device makers in the European Union market will soon have to adhere to a new set of cybersecurity guidelines at the design and production stages of manufacturing, according to the European Commission. The guidelines target devices such as mobile phones, tablets and other products.
Two researchers from the University of Cambridge have discovered a vulnerability that affects most computer code compilers and many software development environments, according to a new research paper. The bug could cause a SolarWinds-like open-source supply chain attack scenario, they say.
Multiple cybercriminal groups appear to be targeting relatively new entrants in the space with phishing attacks. In what cybersecurity analysts at Group-IB call a "cannibalistic approach," these gangs are impersonating underground card shops to dupe the newbies for monetary gain.
CISA Director Jen Easterly and congressional leader John Katko, R-N.Y., agree that officials must take precautionary steps to identify "systemically important critical infrastructure" to reduce risks of pervasive supply chain cyberattacks.
The Conti cybercrime gang, known for ransomware attacks, has reportedly leaked details of world leaders, actors and business tycoons after a strike at jeweler Graff. The organization is working with law enforcement and has informed the U.K.'s Information Commissioner’s Office about the incident.
How is the ransomware ecosystem set to evolve? Since some operations overreached - notably with DarkSide's hit on Colonial Pipeline - "what we're seeing … is that there is going to be a power balance shift," says McAfee's John Fokker, with more affiliates, not gang leaders, calling the shots.
Roya Gordon of Accenture Security describes how rather than hunting for zero-day vulnerabilities, attackers are exploiting N-Day - or known - vulnerabilities. She also discusses how to better synthesize and act on threat intelligence.
The cyber actors suspected of being behind the deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary agencies from eight countries. The actors are believed to have affected more than 1,800 victims.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.