Iranian state-backed persistent threat group TA456, which PwC tracks as Yellow Liderc, used a combination of malicious Javascript, phishing emails and .NET malware called IMAPLoader to conduct espionage attacks on maritime, shipping and logistics companies in the Mediterranean region.
The U.S. Cybersecurity and Infrastructure Security Agency launched a security tool intended to help organizations with limited resources better protect their Windows-based devices and sensitive data. Logging Made Easy is meant to serve as a turnkey log management tool.
The U.K. communication regulator laid down plans to implement a controversial regulation intended to prevent online child sexual abuse material after it officially became law. The Online Safety Bill received royal assent on Thursday after it was cleared by the parliament in September.
It has been over a year since Indonesia enacted its first personal data protection law, bringing its data privacy and security controls closer to standards set by Europe's GDPR. With less than a year to go, many businesses are still looking for clarity on many aspects of the regulations.
The United Nations unveiled Thursday an AI advisory body that looks to analyze risks and make recommendations on international governance for the technology. The body comprises 38 experts across geographies and industries, including from government, the private sector and civil society.
In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.
Hospitals, clinics and doctor practices have long fallen victim to cyberattacks and breaches kicked off with phishing emails. But with the advent of AI-augmented phishing, the lures are more convincing and could lead to even more scams targeting healthcare organizations, federal authorities warned.
Two cybersecurity vendors are laying off a sizable chunk of their staff, with Exabeam axing 20% of its workforce and F-Secure cutting up to 70 employees. Exabeam eliminated roughly 134 positions this week, while F-Secure wants to shrink its workforce by nearly 14%.
Social media single sign-on standard OAuth has an implementation weakness that hackers could exploit to obtain unauthorized access, say researchers. "We expect that 1,000s of other websites are vulnerable to the attack," wrote Salt Security, "putting billions of additional internet users at risk."
Consumer lenders such as mortgage brokers, auto dealers and payday lenders must soon report data breaches to the Federal Trade Commission under a revised regulation that mandates public disclosure. The new disclosure requirement will become effective in six months.
"We're doing fine, but we're not OK." This was the opening comment from Michael Yehoshua, CMO of HolistiCyber, discussing the impact of the Israel-Hamas war. Yehoshua shared his insights about the conflict, its historic perspective and how his and other Israeli companies are focused on resilience.
A Kazakhstan-based cyberespionage group that has been stealing credentials and data from government agencies of the Commonwealth of Independent States countries is going great lengths to hide its identity. The group is using custom malware and evasion techniques to pose as Azerbaijani hackers.
Unveiling a vision of factory workers using AI chatbots to control the assembly line, fix production issues and develop code, Rockwell Automation plans to buy an industrial cybersecurity vendor and team up with Microsoft's generative AI practice to speed automation design and development.
A Biden administration executive order on artificial intelligence on deck for release next week will result in governmentwide standards for agencies already using the emerging technology, a top White House official said. NIST is expected to play a key role in executing the order.
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential-stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.