The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.
A security researcher in Germany says he's discovered a software flaw affecting a small number of Teslas, allowing him to unlock doors and windows, start vehicles without keys and disable security systems. The flaw, however, does not affect steering, acceleration or braking.
Cybercrime gang FIN7 is impersonating the U.S. Department of Health and Human Services and Amazon to trick enterprises in the U.S. into using a malicious flash drive, according to the FBI. The threat actor targeted undisclosed companies in the transportation, defense and insurance sectors.
Where are security practitioners in their zero trust journeys, and what approach to zero trust have they taken? Three experts - Netskope's David Fairman, Exceture's Mario Demarillas, and Petronas' Soumo Mukherjee - share their thoughts in a panel discussion.
Applying cloud access security broker’s three functionalities - API-level integration with managed device transfer for visibility, in-line CASB for proxy and other devices, and its control over cloud and other access points - helps provide better control and the ability to protect and secure user access, says Thomas...
Morgan Stanley agreed to a $60 million settlement to resolve a class action lawsuit claiming the banking giant violated security compliance laws and provided negligent oversight when a third party did not properly decommission legacy IT systems in 2016 and 2019.
Mobile carrier T-Mobile fell victim to another data breach, this time linked to a SIM swap attack that affected "a very small number" of its 105 million customers. Details remain scarce, but T-Mobile says it has enacted proper incident response protocols to limit the number of people affected.
ISMG's global editorial team reflects on the top cybersecurity news and analysis from 2021 and looks ahead to the trends already shaping 2022. From ransomware to Log4j, here is a compilation of major news events, impacts and discussions with leading cybersecurity experts on what to expect in the new year.
As Russia masses troops on its border with Ukraine, the White House says Russian disinformation campaigns have been aimed at destabilizing Ukraine's government, while experts have seen a surge in "cyber intrusions" against infrastructure, banking and government targets in advance of a potential invasion.
Network compromise drives big business on the dark web. Cybercriminals are actively buying and selling unauthorized network access in a variety of underground forums.
This specific variety of criminal market offerings is less well known than others, but the extended cybercrime activity it enables is impacting...
Phishing is one of the most well-known cyberattack methods, but hackers still have considerable success despite security teams' best efforts. Attackers use phishing attacks to gain access to login credentials, financial information like credit card details or bank accounts, company data, and any other digital assets...
Ransomware continues to evolve at warp speed and is always a potential threat, regardless of your company’s size, location, or industry.
Today’s ransomware threat is more advanced than attackers simply asking for a payment. Some threat actors care more about stealing your company’s data. At any given moment,...
The spyware of sanctioned Israeli firm NSO Group was reportedly detected on the smartphones of high-profile Polish figures associated with the nation's opposition party. And the spyware has also reportedly been tied to the phone of Hanan Elatr, wife of the late journalist Jamal Khashoggi.
Businesses are constantly being bombarded by malicious attack threat vectors that operate through email inboxes/outboxes. Malevolent entities use a wide variety of ever increasingly sophisticated techniques to lure your employees and customers in order to attack your organization through email, while evading detection...
Businesses around the world rely on email to communicate — in the post-pandemic world perhaps more than ever before. But
email is inherently insecure, with a staggering 94% of malware delivered via the email channel.
Download this whitepaper to learn more about:
Preventing Email Data Leaks
Protecting...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
