The national cybersecurity strategy calls for regulators to drive adoption of "secure by design" principles by establishing a framework government and industry can use to collaborate. Shifting more cyber responsibility to commercial security vendors makes companies, constituents and missions safer.
The BlackCat ransomware-as-a-service operation's putative "unseizing" of its leak site from the FBI is a stunt made possible by way the dark web handles address resolution, security researchers said Tuesday. The stunt was a "tactical error" that could alienate affiliates.
Fraudsters can now easily create fake driver's licenses to scam banks and merchants. Moving to electronic identification that can be stored on mobile devices has the potential to unlock innovation in the identity verification space, said Mary Ann Miller, vice president of client experience at Prove.
U.S. authorities seized dark web infrastructure of the BlackCat ransomware-as-a-service group, also known as Alphv, although the Russian-speaking threat actor said it has reestablished operations. The group's data leak site and its Tox instant messaging account went offline Dec. 7.
Cybercriminals increasingly use malicious ads through search engines to deploy new malware targeting businesses, marking a rise in browser-based attacks. Researchers at Malwarebytes observed PikaBot, a malware family that appeared in early 2023, being distributed via malvertising.
Synthetic IDs and mule accounts will continue to be a huge problem in 2024 even though vendors and financial institutions now recognize the problem and are beginning to address these risks, according to Trace Fooshee, strategic adviser at Datos Insights.
A group known as Predatory Sparrow claimed responsibility for a Monday cyberattack that shut down a majority of gas stations across Iran as officials blamed the attack on foreign powers. The group has previously taken credit for a number of attacks targeting Iran's fuel supply and rail system.
Attorney Jonathan Armstrong examines four cybersecurity legal trends that will shape 2024: heightened personal liability for security leaders, the impact of ransomware, legal and ethical concerns about AI, and the influence of shadow IT, especially regarding messaging apps.
In the latest weekly update, editors at ISMG discuss whether police have seized ransomware group Alphv/BlackCat's data leak site, how fraudsters are adapting their tactics and techniques to exploit advancements in technology, and which cryptocurrency stories shaped the industry this year.
The departments of Commerce, State and Justice are among the 20 agencies identified in a Government Accountability Office report as having failed to meet key cyberthreat incident response deadlines outlined in the 2021 cybersecurity executive order.
Criminal use of social engineering at scale continues to surge, as AI-driven automation and easy access to stolen personal information enables attackers to create ever-more sophisticated and tough-to-detect assaults, says Sharon Conheady of First Defense Information Security.
As Russia's all-out invasion of Ukraine continues, Moscow's strategy for targeting Ukrainian allies centers on "painting the picture of incompetent governments that can't protect from the Russian might" via misinformation and disinformation campaigns, said Ian Thornton-Trump, CISO of Cyjax.
Our email authentication experts will be on hand to provide their insight and a demonstration of how exactly Proofpoint Email Fraud Defense can help identify and close requirement gaps.
As a legacy protocol, DICOM lacks proper security measures, and as the healthcare industry modernizes and moves to the cloud, there is a significant risk of patient data exposure, said Sina Yazdanmehr, a senior IT security consultant at Aplite.
A U.S. federal court at the behest of Microsoft seized multiple domains used by a Vietnamese cybercrime group that created 750 million fraudulent Microsoft accounts while raking in millions of dollars in illicit revenue. Storm-1152 also sold services to bypass CAPTCHA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.