Some of the highest-ranking cybersecurity officials in the U.S. government discussed the pervasive threat of ransomware on Tuesday, likening it to a clear issue of national security with the ability to inflict measurable damage on major world powers.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why enterprises need a multilayered approach to securing identity, how fraud will evolve in 2022 and the need to secure backdoors to prevent ransomware attacks.
The latest edition of the ISMG Security Report features an analysis of how a cryptocurrency exchange bug has revealed North Korean monero laundering. Also featured are cyber insurance trends and cybercrime innovation.
A new self-assessment tool aims to help public and private sector organizations assess their level of vulnerability to insider threats, according to CISA. The agency also indicated this week it will keep its "rumor control" website active ahead of the 2022 midterm elections.
Hacktivist collective Anonymous has, for the second time this month, leaked data belonging to Washington-based domain name registrar and web hosting service Epik. The size of the second set: more than 300GB - double the amount in the first leak.
Researchers at the University of Birmingham and University of Surrey say they have uncovered a vulnerability in the Apple Pay-Visa setup that could allow hackers to bypass iPhone’s Apple Pay lock screen, perform contactless payments and skirt transaction limits.
Cybersecurity vendor VMware has published a security advisory detailing 19 vulnerabilities affecting its vCenter server and Cloud Foundation products and has released fixes for all of them. One of the flaws has a high CVSS of 9.8, and CISA is warning of its "widespread exploitation."
Rant of the day: Are we getting hacked because we now work remotely in the new normal? No, we're being hacked because we're not managing our risks and being lazy - and because the CISO is not being heard.
A bipartisan bill has been introduced in the U.S. Senate which, if passed, would find the Treasury Department actively monitoring cryptocurrency mining abroad, as well as its ultimate impact on U.S. supply chains for critical resources, including semiconductors.
Hacking incidents - especially those involving ransomware attacks and vendors - continue to rack up some of the largest victim counts in major health data breaches being reported to federal regulators in 2021. Will the trend continue?
The Russia-linked cyberespionage group Nobelium, which was responsible for the SolarWinds supply chain attack, has developed and deployed a new malware, dubbed FoggyWeb, according to a Microsoft Threat Intelligence Center security blog. Microsoft says FoggyWeb creates a backdoor to exfiltrate data.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
The U.S. Department of Commerce is soliciting input on a Trump administration cybersecurity executive order that requires cloud providers to verify the identities of certain users - particularly cyber actors potentially operating abroad and leveraging U.S. cloud technologies.