Losses to fraud reported by Britain's financial services sector exceeded $1.5 billion in 2022, declining by 8% from 2021, says trade association UK Finance. About 40% of losses tied to authorized push payment fraud, in which victims get tricked into transferring funds to attackers.
Online sports retailer Sports Warehouse has agreed overhaul its security program and pay a $300,000 fine to New York State after hackers stole 20 years' worth of payment card data and customer information the company was storing in plaintext on its e-commerce server.
The U.S. government sanctioned four entities and one individual involved in helping to funnel payments from malicious activities to support the Democratic People's Republic of Korea government's illicit activities such as unlawful weapons of mass destruction and ballistic missile programs.
The BlueNoroff hacker group, which is associated with the North Korean military's Reconnaissance General Bureau, is using RustBucket malware to target macOS systems of users primarily in the United States and Asia - a tactic observed for the first time since the group began its operations.
In the latest weekly update, Venable's Grant Schneider joins ISMG editors to discuss takeaways from the RSA Conference 2023, the state of software supply chain security post-SolarWinds, safeguards to prevent unintended adverse impacts of AI, and whether AI could be used to write and digest SBOMs.
White House cybersecurity priorities: The Biden administration continues to have a "relentless focus" on improving critical infrastructure security, disrupting ransomware and combating the illicit use of cryptocurrency, said Deputy National Security Adviser Anne Neuberger.
Pre-RSA social media gaming predicted it. Many predicted they would loath it. And it happened: Discussions at this year's RSA conference again and again came back to generative artificial intelligence - but with a twist. Even some of the skeptics professed their conversion to the temple of AI.
Changes to FedRAMP regulations will have a major impact on cloud services providers, compliance and cybersecurity controls, said Tony Bai, director, federal practice lead, at A-LIGN. Bai offers insight on navigating the U.S government authorization requirements as well as the StateRAMP program.
Every organization has a role in securing the nation and economy. Enterprises should invest in the right controls, partner with public agencies and prioritize security at the board level, advised Eric Goldstein, executive assistant director for cybersecurity of CISA.
ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of opening-day speakers and hot topics including the emergence of AI, the latest intel on nation-state threats, security product innovation and deals, and ransomware trends. Join us for daily updates from RSA.
Over a five-year span, reported BEC incidents cost global enterprises more than $43 billion in losses. This trend has the attention of the U.S. Secret Service. Agents Kevin Cooke and Abigail Tyrrell discuss why law enforcement partnerships and speed of response are more critical than ever.
Italy's suspension of ChatGPT is part of a "wider campaign in Italy" to regulate the use of AI applications, said attorney Jonathan Armstrong of Cordery Compliance, who added that transparency, usage and the protection of intellectual property are major concerns with the new generative AI tool.
The Biden administration is probing how highly classified military and intelligence documents detailing national security secrets came to be leaked via Discord servers and social media. Experts say the leaked documents appear to be genuine, although some have been crudely doctored.
Further punishment of Moscow-based Kaspersky by the Biden administration could be the final nail in the coffin of the company's deeply wounded North American business. The U.S. Commerce Department is weighing enforcement action against the Russian cybersecurity giant under its online security rules.
The U.S. Securities and Exchange Commission and the state of New York have proposed new cybersecurity regulations. Fred Harris, managing director of Societe Generale, says it's a "watershed moment for the industry" and offers insights as to how financial institutions can manage these changes.