What Should India's New Data Protection Bill Look Like?

Suparna Goswami • August 5, 2022

The Indian government has scuttled its personal data protection bill after the proposal grew in scope beyond data protection "and was creating degrees of complexity." Arrka Consulting CEO Shivangi Nadkarni shares her views on what the new bill must incorporate.

Cybercrime

Tracking Ransomware: Here's Everything We Still Don’t Know

Latest

Blockchain & Cryptocurrency

US Extradites Russian Accused of Crypto Laundering

Prajeet Nair • August 5, 2022

Accused cryptocurrency money launder Alexander Vinnik made his first appearance in U.S. federal court today. The Russian national faces 55 years imprisonment for his alleged involvement in laundering hacking proceeds through bitcoin on the BTC-e cryptocurrency exchange.

Finance & Banking

FFIEC Solicits Comments on Cybersecurity Assessment Tool

David Perera • August 5, 2022

The Federal Financial Institutions Examination Council is asking for comments regarding the Cybersecurity Assessment Tool, the ostensibly voluntary way for banks and credit unions to self-assess exposure to risk and the maturity of their cybersecurity.

Fraud Management & Cybercrime

Profiles in Leadership: Ivan Milenkovic

Tom Field • August 5, 2022

Ivan Milenkovic became the group information security director of Webhelp in January 2020. Six weeks later, the pandemic changed everything. Today, Webhelp is twice the size it was in 2020, and Milenkovic discusses the cybersecurity challenges his team has overcome to support that growth.

Cryptocurrency Fraud

ISMG Editors: Ransomware Groups Aiming for Smaller Targets

Anna Delaney • August 5, 2022

In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.

Cyberwarfare / Nation-State Attacks

Okta's Marc Rogers on Why Beating Ransomware Is a Team Sport

Michael Novinson • August 5, 2022

Increased collaboration between the public and private sectors hasn't slowed the increased frequency and ease of ransomware intrusions, but efforts to change the financial incentives of ransomware are having "a pretty good effect," says Marc Rogers, vice president of cybersecurity strategy at Okta.

Cloud Security

Arctic Wolf's Dan Schiappa on Cloud Security in a Recession

Michael Novinson • August 5, 2022

The impending recession should accelerate cloud adoption as firms look to reduce infrastructure costs, but these moves will introduce a new set of security challenges. Arctic Wolf Chief Product Officer Dan Schiappa predicts many companies will start building security into their applications sooner.

Endpoint Security

More Mobile Devices, More Problems, Security Survey Finds

Brian Pereira • August 4, 2022

The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.

Fraud Management & Cybercrime

Neuro Practice Tells 363,000 That PHI Was Posted on Dark Web

Marianne Kolbasuk McGee • August 4, 2022

An Indiana-based neurology practice is notifying nearly 363,000 individuals that their sensitive information was compromised in a recent ransomware attack - and that some of the data was made available on the dark web. Russian ransomware group Hive has been implicated.

Cybercrime

Seed Phrase Compromise May Have Caused Solana Wallets Drain

Rashmi Ramesh • August 4, 2022

Solana identified a common thread in the million-dollar cyberattack on its hot wallets. The exploit might come down to wallet recovery passcodes stored in plaintext on a centralized server. There is "no evidence" that the Solana protocol or its cryptography were compromised.

Endpoint Security

Talon Cyber Security Raises $100M to Enhance Secure Browser

Michael Novinson • August 4, 2022

This year's winner of RSA Conference's prestigious Innovation Sandbox Contest has completed its first major funding round, earning backing from CrowdStrike CEO George Kurtz. Talon has received $100 million to support more operating systems, add more capabilities and boost existing integrations.

Cybercrime

Pro-China Disinformation Campaign Traced to PR Firm

Prajeet Nair • August 4, 2022

Researchers from cybersecurity firm Mandiant say they've discovered a network of inauthentic news sites transmitting Chinese propaganda apparently all under the control of Shanghai Haixun Technology Co., a Chinese PR firm that advertises "positive energy packages."

3rd Party Risk Management

Reducing Risk by Breaking Down Supply Chain Siloes

Anna Delaney • August 4, 2022

Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.