How can automation help to reduce money laundering fraud? Larry Gordon and Kathleen Gowin of the consultancy Endurance Advisory Partners describe how predictive KYC can help mitigate risks.
Four editors at Information Security Media Group discuss important cybersecurity issues, including President Biden’s latest cybersecurity proposals and large vendor-related breaches in healthcare.
The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.
The Lazarus Group, a North Korean-linked APT group, has recently deployed a previously undocumented backdoor called "Vyveva" to target a freight logistics company in South Africa, according to ESET.
The latest edition of the ISMG Security Report features an analysis of why transparent communication in the aftermath of a data breach pays off. Also featured: Mastercard on digital identity issues; building a more diverse and inclusive cybersecurity workforce.
Loving your pet and creating tough-to-crack passwords should remain two distinctly separate activities. Unfortunately, Britain's National Cyber Security Center reports that more than 1 in 6 Brits admit to using the name of a pet as their password. And the problem is global.
For the second time in two years, the contents of the darknet payment card marketplace Swarmshop have been removed and posted to a competing underground forum, Group-IB reports. The content includes data on more than 600,000 payment cards as well as administrator, seller and buyer information.
Researchers at the security firm Intel 471 report cybercriminal gangs are using a newly uncovered malicious document builder called "EtterSilent" to create differentiated, hard-to-discover, malicious documents that can be deployed in phishing attacks.
The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.
Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.
At least 14 lawsuits seeking class-action status have been filed against Accellion in the wake of breaches of the vendor's 20-year-old File Transfer Appliance. A motion to consolidate the cases has also been filed.
The now-defunct Ziggy ransomware gang is reportedly offering to return the ransoms it collected, but some security experts question whether the offer is legitimate or a publicity stunt.
Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.
A Russian-speaking cybercriminal recently sold on a darknet forum thousands of stolen payment and gift cards that researchers at Gemini Advisory believe were taken from the now-defunct online gift card exchange Cardpool.com.
How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.