The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.
Recent research highlights the growth in risky remote work behaviors. Dr. Margaret Cunningham of Forcepoint X-Lab discusses the implications of this increase in insider threats and shares risk mitigation strategies.
A Russian national who conspired to extort millions from electric car manufacturer Tesla by trying to plant malware in the company's network has pleaded guilty to a single federal conspiracy charge, according to the U.S. Justice Department. The FBI thwarted the plot before it could be carried out.
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
The U.S. Marine Corps looks to expand its insider threat program and seeks proposals to include activity monitoring technology on its enterprise and classified networks. The goal is to give the Marines greater ability to monitor network traffic and stop insiders from exposing data.
Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.
Ransomware attacks continue to pummel organizations, but fewer victims have been paying a ransom, and when they do, on average they're paying less than before, says ransomware incident response firm Coveware, which traces the decline to attackers failing to honor their data deletion promises.
Among remote workers, senior managers apparently are taking cybersecurity hygiene far less seriously than rank-and-file employees, a recent survey shows. Kathy Ahuja of OneLogin offers an analysis.
Ticketmaster has agreed to pay a $10 million criminal fine to resolve charges that the company illegally accessed an unnamed competitor's computer system on at least 20 separate occasions, using stolen passwords to conduct a cyber espionage operation.
A former Cisco engineer has been sentenced to serve two years in federal prison after pleading guilty to charges that he hacked his former company, causing $1.4 million in damages.
Italian authorities arrested two employees of the Italian defense contractor Leonardo S.p.A. for installing a backdoor Trojan into the company's systems and exfiltrating 10GB of data over a two-year period, according to local law enforcement officials.
Darkside is the latest ransomware operation to announce an affiliate program in which a ransomware operator maintains crypto-locking malware and a ransom payment infrastructure while crowdsourced and vetted affiliates find and infect targets. When a victim pays, the operator and affiliate share the loot.
A former Microsoft software engineer has been sentenced to nine years in prison after being found guilty on 18 criminal charges in connection with the theft of more than $10 million through the company's online retail platform.
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
Takeaway from the U.K.'s GDPR privacy fine against hotel giant Marriott: During M&A, review an organization's cybersecurity posture before finalizing any acquisition. Because once a deal closes, you're fully responsible for data security - IT network warts and all.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
