Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.
Microsoft and CrowdStrike once again dominate Gartner's Magic Quadrant for Endpoint Protection. Cybereason has risen to the leaders quadrant and Trellix has fallen to a niche player. The endpoint protection market has rapidly matured in recent years - 50% of organizations have already adopted EDR.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 10 and 16: a ChipMixer takedown, Euler Finance and Poolz Finance hacks, bugs on 280 blockchains, Dero coin, and a report from the Financial Action Task Force on ransomware financing.
U.S. and German police seized darknet cryptocurrency anonymizing service ChipMixer, which federal prosecutors say cybercriminals used to launder $3 billion including proceeds from ransomware extortion and North Korean cryptocurrency hacking. Among its alleged customers: LockBit and the Russian GRU.
Threat actors who mine digital assets using other people's infrastructure have found a lucrative new cryptocurrency to motivate their hacking: the privacy-focused currency named Dero. CrowdStrike says it discovered a first - a Dero cryptojacking operation operating on a Kubernetes cluster.
Cybersecurity researchers say they are almost certain they have spotted traces of the advanced persistent threat group Dark Pink, which recently emerged, now apparently attacking victims with a newly improved obfuscation routine to evade anti-malware measures.
Hackers are draining millions of dollars from decentralized finance protocol Euler Finance in an ongoing attack. The theft of crypto funds worth $197 million marks the largest exploit in 2023 so far. Euler Finance said it is aware of the incident.
One top venture capitalist says the second-largest bank failure in U.S. history will make it harder for security startups to get loans and credit lines. For decades, SVB was one of the few institutions willing to extend money to early-stage firms that got the cold shoulder from traditional banks.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. Between March 3 and March 9, Tender.fi paid a white hat reward to a thief, a Uranium Finance hacker began to launder stolen funds, Algodex revealed security breaches and BitKeep was working to reimburse hack victims.
The economic downturn has laid bare just how much of a disaster special purpose acquisition companies have been for the cyber industry. Despite this, confidential computing security vendor Hub decided to try its luck with a SPAC. So far, Hub's time on the Nasdaq Stock Exchange hasn't gone well.
Arctic Wolf has expanded its security operations platform into threat intelligence, incident response and cyber insurance, says CEO Nick Schneider. The company has focused on putting businesses in the best possible position to answer questions from insurance carriers following a security incident.
When WTW’s ICT business began to investigate Software Composition Analysis (SCA) tools in 2018, its challenges revolved around open-source licensing for its enterprise products designed for the insurance industry. “Copyleft” licenses represented an area of particular concern for WTW’s legal teams.
After...
Open source components play a huge part in the products, software, and applications that organizations create, by providing the core code for their output. It’s a trend that continues to grow, as the use of these components escalates. Consequently, the issues of open source licenses and compliance simply can’t be...
As a foundational element of the digital world, applications are increasingly targeted by threat actors. To adapt to the constantly evolving threat landscape of today’s digital world, IT and security leaders need to build a modern AppSec strategy designed to support demanding development cycles while also ensuring...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.