Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.
At least 14 lawsuits seeking class-action status have been filed against Accellion in the wake of breaches of the vendor's 20-year-old File Transfer Appliance. A motion to consolidate the cases has also been filed.
The now-defunct Ziggy ransomware gang is reportedly offering to return the ransoms it collected, but some security experts question whether the offer is legitimate or a publicity stunt.
Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.
A Russian-speaking cybercriminal recently sold on a darknet forum thousands of stolen payment and gift cards that researchers at Gemini Advisory believe were taken from the now-defunct online gift card exchange Cardpool.com.
How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
Crypto banks need to develop new ways to track suspicious activities, such as money laundering, says James Wester, research director, worldwide blockchain strategies, at IDC, a technology research and analysis provider.
Capital One is warning additional customers that their Social Security numbers may have been exposed in a massive 2019 breach. Meanwhile, a suspect in the breach is slated to go to trial in October.
Preventing deepfake fraud while addressing customer digital onboarding ease-of-use concerns is a balancing act. Sanjay Gupta of Mitek discusses the challenge of juggling security and the user experience in digital banking.
When a breached organization such as Ubiquiti says it is "not currently aware of evidence" that attackers stole customer data, it too often means: "We don't know, because we failed to have in place the robust logging and monitoring capabilities that might have provided us all with real answers."
A security researcher found more than 500 million Facebook records being offered for free on the darknet, exposing basic user information, including any phone numbers associated with the accounts. Facebook says this is “old data” previously reported as exposed.
CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government agencies and companies for cyberespionage.
Many governments are exploring Central Bank Digital Currencies to reduce costs and expand digital inclusion. Karen Hsu of AppDome discusses the opportunities and challenges for minting digital money.
New York state officials are warning insurance and financial firms that fraudsters continue to probe for security weaknesses in websites offering instant quotes, as a way to target consumers' data. Attackers are now using credential stuffing techniques and targeting unprotected data in transition.
A Kansas man faces federal charges for allegedly accessing the network of a local water treatment facility and tampering with the systems that control the cleaning and disinfecting procedures, according to the Justice Department. The charges follow a similar security incident at a Florida facility.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.