Chinese government agencies are reportedly using "sophisticated" software - including the acquisition of surveillance tools - to monitor popular social media sites and collect information on Western officials and journalists, according to a recent investigation by The Washington Post.
The U.S. government has taken notable moves to enforce cybersecurity regulation and propose legislation, says Andy Watkin-Child, founding partner of the Augusta Group. To help prepare for these shifts, he advises organizations to improve their "understanding in global regulation in cyber."
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the ransomware-as-a-service model shifted in 2021, the rise of fraud in faster payments and how to prevent it, and one CISO's take on the state of the industry.
The latest edition of the ISMG Security Report features highlights from interviews in 2021 and examines President Joe Biden's executive order on cybersecurity, ransomware response advice and assessing hidden business risks.
Attackers continue to employ commercial penetration testing tools as well as "living off the land" tactics - using legitimate tools or functionality already present in a network - to exploit victims. Accordingly, organizations must monitor for both, to better identify potential intrusions.
Ransomware-wielding attackers continue to hit businesses, demand a ransom payment and oftentimes dump stolen data if a victim chooses not to pay. But some attackers also appear to be keeping a closer eye on victims - at least after they have been infected - in case they bring unwanted attention.
As network defenders continue to patch or mitigate against the remote code execution vulnerability in the Java-based logging utility Log4j, several cybersecurity vendors - and the U.S. CISA - have issued scanning and assessment tools to speed up the identification process.
ISMG's global editorial team reflects on the top cybersecurity news and analysis from 2021 and looks ahead to the trends already shaping 2022. From ransomware to Log4j, here is a compilation of major news events, impacts and discussions with leading cybersecurity experts on what to expect in the new year.
A ransomware operation called Vice Society has claimed credit for attacks that hit two groups of independently owned and operated Spar-branded stores in England and the Isle of Man earlier this month. Threat intelligence firm Kela says thousands of stolen documents have been dumped online.
A ransomware attack disrupted the operations of Norway-based media company Amedia, which publishes more than 70 newspapers for 2 million readers. The Tuesday attack on the company's computer systems forced it to shut the presses, says Amedia's executive vice president of technology, Pål Nedregotten.
For Santosh Kamane, head cybersecurity, risk management and business continuity at DBS Asia Hub 2, privacy regulations play a huge role in improving the security posture of enterprises, including banks.
ONUS, one of Vietnam's largest cryptocurrency platforms, has reportedly fallen victim to a ransomware attack that has been traced to Apache's remote code execution vulnerability, Log4j, via third-party payment software. CrowdStrike has also detected Chinese APT activity around the logging flaw.
LastPass says none of its users accounts have been compromised, although multiple users of the password manager reported receiving email warnings that are normally sent to users who log in from different devices and locations, causing them to think their master passwords had been compromised.
Seven vulnerabilities - including one rated critical and five high-severity - in Schneider Electric's EVlink products have been patched, according to security researcher Tony Nasr. Exploitation of the vulnerabilities would allow attackers to manipulate configurations and settings.
In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.