In the latest weekly update, four ISMG editors discuss how ransomware attacks got worse in 2021, the backlash from privacy experts sparked by the IRS' decision - now changed - to use facial recognition technology on American taxpayers, and why cybersecurity fosters competitive advantage.
What security functions should be kept in house, and which ones should be outsourced? The sands are shifting: the days of a fully in-house security operations center are probably gone now, says Elrich Engel, CISO and director of data and architecture at AMP, an Australian financial services company.
Unknown hackers have stolen about $1.9 million from South Korean cryptocurrency platform KLAYswap using a Border Gateway Protocol hack in the server infrastructure of one of its suppliers even though service implementers have known about BGP hijack attacks for decades and mitigations for them exist.
An advanced persistent threat group with ties to Iran has updated its arsenal to include a newly developed backdoor called Marlin to attack organizations in the Middle East, according to researchers at cybersecurity firm ESET.
A consolidated legal case that includes allegations of embezzlement, trade secret theft and intimidation offers an inside look at a complicated and messy alleged insider breach reported last year by a Texas-based accountable care organization.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
GiveSendGo, a Christian crowdfunding website that had become the go-to platform for donors supporting the Canadian "Freedom Convoy" protests, went offline on Monday following a reported cyberattack in which donor information was allegedly leaked.
The January cyberattack on the International Committee of the Red Cross, which compromised the data of more than 515,000 highly vulnerable people, was specifically targeted at the organization, using code designed for execution on the ICRC servers, according to Director General Robert Mardini.
Reports say that Ukraine's defense ministry and two banks have fallen victim to a cyberattack on Tuesday. This follows what appeared to be mild escalation in the Russia-Ukraine conflict over the weekend, in which top U.S. officials warned that Russia could invade the former Soviet state this week.
The Office of the Privacy Commissioner for Personal Data in Hong Kong has begun an investigation into a data leak reported by Harbour Plaza Hotel Management on Feb. 9. The report says it appears that approximately 1.2 million customers of the Harbour Plaza hotel chain seem to have been affected.
By almost every measure, ransomware continues to get worse, not least in the average amount criminals receive when a victim chooses to pay a ransom. So say new reports assessing the volume and severity of ransomware attacks, the flow of cryptocurrency, attackers' target selection and more.
"All too often we hear that our industrial control systems have no security. That's not true," says Kevin Jones, group CISO of Airbus. In fact, he states, "some of these systems have been designed with security encapsulating them and security around them." He discusses enhancing cyber resilience.
On this week's "Sound Off," we ask John Kindervag, the founder of Zero Trust, for his reaction to the recently released Office of Management and Budget federal strategy to move the U.S. government toward a mature Zero Trust architecture.
People think cloud is a silver bullet, but it’s not. It's not even copper. And people think cloud it easy and someone else’s problem. But it's not. The cloud is nothing more than a highly resilient, outsourced data center with a lot of bells and whistles.
A serious cyberattack hit Slovenia's largest media firm, Pro Plus, last week, affecting the broadcasting services and website operations of the country's top private TV channel, Pop TV. The company says it is working with the Slovenian CERT to investigate the breach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.