Finding the Balance to Tackle Business ID Theft

Suparna Goswami • August 16, 2022

Research by Dun & Bradstreet says business identity fraud jumped 254% last year. Tools can help prevent this fraud but may create greater friction, say Andrew La Marca, senior director at Dun & Bradstreet, and Ralph Gagliardi, agent in charge, High Tech Crimes Unit, Colorado Bureau of Investigation.

Anti-Money Laundering (AML)

Fresh Guilty Plea Follows Crackdown on BitMEX Exchange

Latest

Analytics

Thoma Bravo Eyes Darktrace Acquisition in Take-Private Spree

Michael Novinson • August 16, 2022

Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.

3rd Party Risk Management

1,900 Signal Customers' Data Exposed in Twilio Hack

Mihir Bagwe • August 16, 2022

Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.

Open XDR

Sumedh Thakar on Fusing Vulnerability and Patch Management

Michael Novinson • August 16, 2022

Companies continue to struggle with prioritizing which vulnerabilities present the greatest risk to the business and need to be remediated first since vulnerability scoring is too often based on a static set of what could happen if an issue is exploited, says Qualys President and CEO Sumedh Thakar.

Open XDR

Why XDR Beats SIEM at Spotting Threats in Noisy Environments

Michael Novinson • August 16, 2022

SIEM can play a key role in aggregating log data for compliance or auditing purposes, but when it comes to identifying threat activity in an IT environment, nothing beats XDR, which excels at using advanced techniques to pinpoint threats in high volumes of data, says Secureworks' Ryan Alban.

Critical Infrastructure Security

Comedy of Errors: Ransomware Group Extorts Wrong Victim

Mathew J. Schwartz • August 16, 2022

The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider. Through ineptitude or outright lying, this isn't the first time that a ransomware group has claimed the wrong victim.

Governance & Risk Management

Why Companies Are Failing at Cybersecurity

CyberEdBoard • August 16, 2022

When security practitioners lose their initial enthusiam for hunting cyberthreats, their companies begin to fail at cybersecurity, says CISO Marco Túlio Moraes. He discusses how collaborating with the business lines and moving from awareness to education all around can help fix this problem.

Fraud Management & Cybercrime

ENISA Report: Threat Landscape for Ransomware Attacks

Anna Delaney • August 15, 2022

ENISA’s new "Threat Landscape for Ransomware Attacks" report analyzes 623 ransomware incidents in the EU, U.K. and U.S. from 2021 to 2022. ENISA cybersecurity officer Ifigeneia Lella shares how attacks have evolved and how 95% of reported incidents lack key data about how the breaches occurred.

Finance & Banking

Building Resilience in a Multi-Cloud Environment

Anna Delaney • August 15, 2022

A well-managed multi-cloud strategy "is a sensible approach" because it allows organizations to move different workloads between providers, but it gets a "bit more complicated when you start thinking about workload portability," says Lee Newcombe, security director, Capgemini U.K.

Cyberwarfare / Nation-State Attacks

Why Being Prepared Is the Key to Preventing Cyberattacks

Steve King • August 15, 2022

Hybrid war includes cyberattacks, critical infrastructure attacks and efforts to get information. Victoria Beckman, director of Microsoft's Digital Crimes Unit in the Americas, says Ukraine used a national cybersecurity strategy to withstand such attacks from Russia and so can other countries.

Account Takeover Fraud

Updated Android Trojan Features Ransomware Capabilities

Prajeet Nair • August 13, 2022

An updated version of the Russian-linked SOVA Android Trojan is back with updated attack techniques targeting more than 200 mobile applications, including banking apps and crypto exchanges/wallets. Researchers at Cleafy uncovered that the Trojan now also features ransomware capabilities.

Anti-Money Laundering (AML)

ISMG Editors: Analyzing the Twilio Breach

Anna Delaney • August 12, 2022

In the latest weekly update, four ISMG editors discuss the breach of customer engagement platform Twilio, a cyberattack on the U.K.'s NHS that has reignited concerns about supply chain security in the healthcare sector, and the U.S. Treasury clamping down on shady cryptocurrency mixers.

Cybercrime

Ransomware Groups Refine Shakedown and Monetization Models

Mathew J. Schwartz • August 12, 2022

Ransomware-wielding attackers continue to seek new ways to maximize profits with minimal effort. Top tactics spotted recently by experts include continuing to partner with initial access brokers and botnet operators and testing new monetization models, such as "mediation as a service."