The United States hit Iran with a new round of sanctions after linking Tehran with the July cyberattack against Albania. The sanctions are more symbolic than material in effect but send a message that hacking U.S. allies has consequences.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joins ISMG editors to discuss how extremist groups could circumvent sanctions and fund terrorism through NFTs, the limitations of digital assets regulations, and new U.K. rules for crypto exchange reporting.
Banking regulators are looking for ways to tackle authorized payment scams, such as spreading the risk to other banks. In a new report on how eight countries are handling this fraud, researcher Ken Palla advises banks to focus on reimbursing victims and preventing the theft.
The only surprising aspect of the ransomware attack against Los Angeles Unified School District is that it didn’t happen sooner. The district was warned of cybersecurity weaknesses in the 20 months leading up to its ransomware attack. The Vice Society gang has claimed credit.
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
Who's been disrupting ransomware operations' data leak sites by targeting them with distributed denial-of-service attacks? No one has yet claimed credit for the ongoing disruptions and slowdowns, but one likely theory is that rival operations are attempting to cause each other pain.
An attacker stole at least $370,000 worth of USDC stablecoins from a smart contract on the Avalanche blockchain in a flash loan attack, affecting liquidity providers. Victim Nereus Finance is enticing the thief to return the stolen funds for a 20% "no questions asked" white hat reward.
U.S. sanctions on Tornado Cash are driving North Korean hackers away from the cryptocurrency mixer. Chainalysis says hackers' use of ineffective obfuscation techniques allowed the blockchain analysis firm to participate in an operation that recovered $30 million stolen from the Ronin bridge.
A U.S. law enforcement investigation involving multiple countries resulted in the shutdown of an online marketplace selling millions of Social Security numbers, payment cards and other credentials. Prosecutors unsealed a complaint against a Moldovan man fingered as the operator.
The world's largest cryptocurrency trading platform is bankrolling a lawsuit challenging the U.S. Department of the Treasury's sanctions against Tornado Cash. The cryptocurrency mixer is a favored tool of North Korean crypto thieves, who use it to launder stolen funds.
Whether for profit or in furtherance of Russian geopolitical interests - or both - former members of the Conti ransomware group have been targeting networks operated by the Ukrainian government and businesses, as well as European nonprofit organizations, Google's Threat Analysis Group reports.
Albania cut diplomatic ties with Iran following a July cyberattack that disrupted the country's online governmental services portal. Prime Minister Edi Rama today said he gave Iranian diplomats 24 hours to depart the country after establishing Iranian responsibility for the cyberattack.
CISO Marcin Szczepanik recalls when his team's budget was cut dramatically after the onset of the pandemic. He wanted to invest in the latest state-of-the-art tools but prioritized his costs and focused on email security - a move that improved the company's level of cyber maturity.
Patrons of InterContinental Hotels Group hotels might need to call the front desk rather than book hotel rooms online due to an ongoing cyberattack. Cybersecurity intelligence firm Hudson Rock tells ISMG telemetry indicates multiple employees downloaded malware compromising their credentials.
Co-founder and CEO Bipul Sinha has grown Rubrik's business with existing customers by more than 40% thanks to the company's unique take on data observability. The data security vendor has emphasized data availability and resiliency in the face of crippling ransomware and extortion-based attacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.