Technology and software-as-a-service, or SaaS, companies ship code at scale. Beyond Identity offers ways for them to solve the problems of phishable authentication factors, bring-your-own devices or BYOD, device security posture, zero trust risk policy enforcement, and user identity.
Former members of the defunct Conti ransomware group are continuing to ply their trade under a variety of other guises, including Royal and Black Basta. Thanks to their agile and innovative approaches, post-Conti operations are "stronger than ever," one ransomware expert reports.
Breach notifications from British outsourcing giant Capita mount amid signs the multibillion-pound company doesn't have a firm grip on how much data it exposed. For a company that trumpets its ability to "achieve better outcomes," Capita's inability to grasp the impact of its breaches is ironic.
A hacking group with apparent ties to Russia or Belarus has been using "simple yet effective attack techniques and tools" to gain access to multiple governments' email systems as part of apparent cyberespionage operations in support of Russia's invasion of Ukraine, researchers warn.
CISOs have faced a broad and varied set of challenges in recent years. Remote environments, increasingly sophisticated threats and expanding supply chains are just some of the many concerns keeping them up at night.
Cybercriminals have been launching attacks against our people, networks, and services for decades with varying success. So, the need to realign our defences to meet the demands of evolving threats is nothing new.
Threat actors are exploiting the ongoing economic downturn by using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters. Researchers advise companies to be wary of attachments and URLs.
With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
Cybercrime experts have long urged victims to never pay a ransom in return for any promise an attacker makes to delete stolen data. That's because, as a recent case highlights, whatever extortionists might promise, stolen personal data is lucrative, and it often gets sold six ways from Sunday.
Crypto exchange firm Coinbase has confirmed that an SMS phishing campaign aimed at stealing employee credentials resulted in a minor data breach. The company estimates the latest campaign is part of the phishing campaign that successfully compromised Twilio and Cloudflare last year.
Russian military intelligence agency hackers walloped Ukraine with waves of data wipers and phishing attacks, but the torrent of destructive cyberattacks doesn't appear to have been as effective as previous Russian cyberattacks, report researchers from the Google Threat Analysis Group and Mandiant.
Check fraud, first-party fraud and AI-related fraud will increase on a massive scale in 2023, thanks in large part to growing insider threats and the global economic slowdown. Frank McKenna, chief fraud strategist at Point Predictive, explains how banks can prepare to tackle these types of scams.
Expect the recently leaked database containing over 200 million Twitter records to be an ongoing resource for hackers, fraudsters and other criminals operating online, experts warn. Though 98% of the email addresses have appeared in prior breaches, bad actors can merge databases and do more damage.
Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.