While doing digital transformation, CISOs tend to look more at technology and try to adapt it without making the distinction between technologies that are must-have and good to have. Krishnamurthy Rajesh of ICRA says CISOs must analyze risks, update security, and change the mindset of employees.
The cyber actors suspected of being behind the deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary agencies from eight countries. The actors are believed to have affected more than 1,800 victims.
While overregulating the cryptocurrency space is not advisable, it is important for the Biden administration to look into the areas in which cryptocurrencies pose the greatest risks, says Nichole Dennis, director and government relations specialist with Cybercrime Support Network.
National Cyber Director Chris Inglis on Thursday announced that Federal CISO Chris DeRusha will concurrently serve as his deputy at the newly created office. Inglis, a Senate-confirmed top adviser to the president, also released a "statement of strategic intent" outlining his own official duties.
Six national data protection and privacy authorities – from Australia, Canada, Gibraltar, Hong Kong SAR, China and Switzerland - have joined with the U.K. information Commissioner’s Office to issue guidance to video teleconferencing companies on privacy, calling for end-to-end encryption.
OptinMonster, a WordPress plug-in used in more than 1 million websites for sales campaign creation, was vulnerable to high-severity bugs, according to Wordfence researchers. An updated version of the plug-in has patched the flaws.
As the global pandemic enters its second year, IT and infosec teams continue to face challenges on all sides. On top of “ordinary” cybersecurity issues, they’re dealing with an explosion of pandemic-themed phishing scams and a surge in ransomware attacks. How well prepared are users?
Four ISMG editors discuss important cybersecurity issues, including law enforcement authorities' disruption of ransomware gang REvil's operations, how to collaborate as an industry to fight the surge in ransomware attacks hitting businesses, and increasing diversity and inclusion in the workplace.
The latest ISMG Security Report features the fallibility of ransomware gangs and why victims should always seek help from a reputable response firm, law enforcement or other qualified expert. Also featured: Data protection advice and why the remote work model might make securing data easier.
Microsoft launched a four-year campaign on Thursday with community colleges in the U.S. aimed at recruiting hundreds of thousands of people into the field of cybersecurity. The goal is to fill an expected shortfall of 250,000 workers in cybersecurity, which Microsoft says means rising risk.
The National Rifle Association has reportedly fallen victim to a ransomware attack at the hands of a Russian cybercriminal gang known as Grief. The group has reportedly posted 13 files to its website after claiming to have hacked the gun rights advocacy group.
North Korean advanced persistent threat group Lazarus - aka Hidden Cobra - is developing supply chain attack capabilities using its multiplatform malware framework, MATA, for cyberespionage goals, according to researchers from Kaspersky.
CISA announced that Washington Secretary of State Kim Wyman will be the agency's senior election security lead. She will become a top security official within the Biden administration, inheriting a role that has garnered public attention following interference in 2016 and fraud claims in 2020.
As vice president of Red Team Services at CyberArk, Shay Nahari has an up-close view of an enterprise's soft defenses. He sees adversaries attack workforce users and compromise credentials. The lines between identity and privilege are colliding. More than ever, Nahari says, context matters.
Singapore healthcare firm Fullerton Health confirms that a data breach in the server of its vendor partner Agape Connecting People was responsible for the leak of 400,000 user accounts. The incident marks the fourth major data breach incident involving third-party vendors in Singapore this year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.