Multifaceted Extortion Rising in Southeast Asia in 2022

Geetha Nandikotkur • December 2, 2021

The Southeast Asian region will see a spike in multifaceted extortion with more public breaches, along with an increase in ransomware-as-a-service operations in 2022, says Singapore-based Yihao Lim, principal intelligence adviser at Mandiant Threat Intelligence.

Business Continuity Management / Disaster Recovery

Financial Agencies Eye Existing Laws for Crypto Regulation

Latest

Analytics

Using Behavioral Biometrics to Secure Against Digital Fraud

Geetha Nandikotkur • December 2, 2021

A risk-based approach to secure against digital fraud requires putting in the correct security controls in proportion to the organizational risk, which is determined by understanding the customer's subconscious habits, says Australia-based Tim Dalgleish, senior director, a global advisory, at BioCatch.

Video

Overcoming the Hesitancy to Move to the Cloud

Suparna Goswami • December 2, 2021

"Enterprises are reluctant to move to the cloud because they are concerned about the infrastructure and data security that cloud vendors are going to offer," says Deepak Prasad, customer engineer, security specialist at Google Cloud. He gives advice on making the digital transformation journey smoother

Cybercrime

Report: Aberebot-2.0 Hits Banking Apps and Crypto Wallets

Soumik Ghosh • December 1, 2021

A new variant of the Aberebot banking Trojan has been discovered by Cyble's researchers. Christened Aberebot-2.0, the latest malware version not only uses more advanced spying capabilities, it also has increased its target list to 213 banking apps and nine crypto wallets in 22 countries.

Cybercrime

Identifying and Countering BIN Attacks

Suparna Goswami • December 1, 2021

In order to identify BIN attacks, it is important for payment card brands to leverage AI and automated systems for monitoring transaction data to look for unusual patterns, says Keri Crane, advisory technical product manager with Jack Henry & Associates. She also discusses mitigation tips.

Fraud Management & Cybercrime

Why Today's Security Rhetoric is Harmful and Must Change

Anna Delaney • November 30, 2021

In her latest book, "Rhetoric of InSecurity: The Language of Danger, Fear and Safety in National and International Contexts," academic Victoria Baines questions the imagery and rhetoric we use to communicate safety and security issues, and details their unwelcome impact on the workforce.

3rd Party Risk Management

Japanese Electronics Giant Panasonic Discloses Data Breach

Dan Gunderman • November 30, 2021

Japanese multinational conglomerate Panasonic has disclosed a security breach that it says involved unnamed threat actors accessing servers on its network. The company says it detected the breach on Nov. 11. It was determined that some data on a file server had been accessed during the intrusion.

Cybercrime

The Best Gift for the Holidays? An Incident Response Plan

Anna Delaney • November 26, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why security teams are still unprepared for cyberattacks over weekends and holidays, which experts warn is when attackers love to strike.

Endpoint Security

Medical Data Exposed in Breach at True Health New Mexico

Jeremy Kirk • November 26, 2021

A health insurer in New Mexico is warning of a data breach that exposed customers' personal and medical information. True Health New Mexico reports that nearly 63,000 individuals' personal details were exposed in the "early October" incident. It's offering all victims prepaid credit monitoring services.

Governance & Risk Management

Improving Identity Management for Zero Trust Architecture

Suparna Goswami • November 25, 2021

When it comes to managing identities, most enterprises make the mistake of having silos of identity systems in place, says Deepak Prasad, customer engineer, security specialist at Google Cloud. He discusses the benefits of a consolidated identity system.

Cybercrime

Ukraine's Secret Service Busts 5 Alleged 'Phoenix' Hackers

Mihir Bagwe • November 25, 2021

The Secret Service of Ukraine has arrested five Ukrainian citizens on suspicion of being part of a cybercrime group called Phoenix, which it says has been tied to hacking hundreds of mobile devices, stealing personal data and also selling "hacking as a service" to others.

Fraud Management & Cybercrime

Synthetic ID Fraud: What to Look Forward to in 2022

Suparna Goswami • November 24, 2021

Automation, a good criminal network and the ability to use accounts as an alias are some of the factors contributing to synthetic ID fraud, says a panel of three experts.

Blockchain & Cryptocurrency

Cryptocrimes Proliferate: Ransomware, New Threat Campaigns

Prajeet Nair • November 24, 2021

Cryptocurrency exchange BTC-Alpha faces a ransomware attack; Morphisec researchers investigate malware that targets cryptocurrency, NFT communities on Discord; and RiskIQ researchers uncover fresh Aggah campaign that deploys clipboard hijacking code to swap a victim's cryptocurrency address.