Security experts say that ransomware victims too often treat the malware infection as an isolated event, when they should instead assume that attackers remain in their network until proven otherwise. Here are eight tips for dealing with ransomware and other intrusions and making a full recovery.
Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud. Dave says the incident traces to credentials stolen from Waydev, a third-party service provider.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
If the first rule of combating attempted election interference by nation-states is to watch for when it's happening, where does that leave Britain? A scathing report from Parliament's Intelligence and Security Committee concludes that national security was likely trumped by Russian money.
Several prominent business executives and politicians, including Joe Biden, Elon Musk and Bill Gates, had their Twitter accounts hijacked in what appears to be a cryptocurrency scam, according to news reports. Some security experts believe that two-factor authentication protections failed.
Auction website LiveAuctioneers has acknowledged that it sustained a data breach in June. The announcement came after threat intelligence firm CloudSEK reported that it discovered about 3.4 million LiveAutioneers customers' records had been posted for sale on a darknet forum.
Connected devices for consumers don't come with service-level agreements agreements. The travails of Petnet, the maker of an automatic, cloud-enabled pet feeder that has now gone offline offer a tale of caution that points to the need for stronger consumer protection for cloud-enabled devices.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We are addressing problems too far downstream," he says.