The BlackCat group on Monday claimed responsibility for a ransomware attack on Japanese watchmaker Seiko, publishing samples of stolen data files as proof of its exploit. Seiko Group Corp. announced earlier this month that it had detected unauthorized users accessing of some of its servers.
No sector took digital transformation as seriously as healthcare did. From remote work to multi-cloud environments to new digital healthcare experiences for patients, it's a brave new world - with new risks. Anahi Santiago of ChristianaCare discusses these risks and how to mitigate them.
The nature of fraudulent content has taken on new dimensions with the emergence of generative AI. This new era has ushered in tools capable of creating fake images, voices and videos that can be difficult to distinguish from genuine content, warned Bryan Ware, chief development officer at ZeroFox.
North Korean espionage group Kimsuky used a combination of spear-phishing and info-stealer malware infection in an attempt to access information about a joint exercise between U.S. and South Korean military forces. Authorities said the group stole personal information of all employees.
In encryption-less attacks, ransomware gangs steal large volumes of sensitive data, including terabytes of information, without locking up systems. Attackers leverage the value of the stolen data as a means to coerce organizations into paying ransoms to avert data release.
Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.
This year's massive exploitation of managed file transfer products such as Fortra's GoAnywhere and Progress Software's MOVEit proves that MFTs are a hacker's paradise. Research by John Dwyer of IBM Security X-Force shows why and also reveals a path toward protecting MFTs in the future.
U.S. intelligence agencies are warning about unnamed foreign intelligence entities targeting the private space sector to steal sensitive data related to satellite payloads and disrupting and degrading U.S. satellite capabilities. They say space-related innovation is a valuable target.
Microsoft identified a new variant of BlackCat ransomware malware that uses an open-source communication framework tool to facilitate lateral movement. BlackCat, also known as Alphv, is a Russian-speaking criminal group suspected of being a successor to DarkSide and BlackMatter.
Threat actors are on a phishing spree targeting users of Zimbra Collaboration email suite, in particular small and medium businesses and government agencies. Security firm Eset on Thursday revealed the ongoing campaign, writing that the hackers behind it have been active since at least April.
The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the market has shifted dramatically to reduce risk exposure.
Browser security and microsegmentation play critical roles in stemming the bleeding from ransomware attacks, as "almost always the attacks come from a point-based browser vector," said Spencer Tall, managing director, AllegisCyber Capital. He shared two approaches to ensure secure browser adoption.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
North Korea is on track to have a middling year of cryptocurrency theft despite Pyongyang's constant demand for ready cash. Hackers deployed by the totalitarian regime have stolen $200 million in cryptocurrency this year, far less than the country's banner year of cryptocurrency theft in 2022.
While consolidating third-party risks into one document is important, it is equally vital to introduce artificial intelligence into various elements of your third-party risk management program, said Jonathan Pineda, CISO and DPO at the Government Service Insurance System in the Philippines.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.