While malicious wipers have stolen most of the headlines in the Russia-Ukraine cyberwar, investigators say Russians are now using modified GammaLoad and GammaSteel info stealer malware to spy on compromised government employee accounts and avoid detection. The attack begins with a phishing email.
Organizations have struggled to understand why APIs are so strategic even though they're an intrinsic way businesses interface with their software, according to Checkmarx CEO Emmanuel Benzaquen. He says API abuse is slated to become one of the most common types of web application data breaches.
The insider threat hacker who attempted to extort $1.9 million out of Ubiquiti Networks faces sentencing in May after pleading guilty to three crimes in federal court. The hacker, Nickolas Sharp, was the company's cloud lead and was on the team remediating the security incident he caused.
Splunk has infused its SIEM with user behavior analytics and threat intelligence to better identify anomalies and understand what's going on in a customer's environment, says CEO Gary Steele. Adding UEBA to the SIEM makes it easier for organizations to identify, detect and remediate anomalies.
The BlackCat ransomware-as-a-service group says it's selling 2 terabytes worth of military data including classified documents culled from Indian explosives and propellant manufacturer Solar Industries. Ransomware criminals say they've stolen specifications of rocket propellant and warheads.
Praveen Kumar, group CISO of Zee Entertainment Enterprises, says the market has failed to provide enough solutions to isolate the network when an attack happens. While a zero trust approach helps, there are not enough tools available in the market, he adds.
Lacework has debuted an attack path analysis tool to help organizations understand the havoc specific threats could wreak within their cloud infrastructure, says CEO Jay Parikh. The company helps customers prioritize which risk elements inside their infrastructure should be addressed first.
The Russia-Ukraine war has had huge economic consequences for Eset, given that the Slovakian vendor was the largest cybersecurity company in Ukraine and second-largest in Russia. The decision to halt sales in Russia and a spending slowdown in Ukraine due to the war hurt Eset, says CEO Richard Marko.
Hackers stymied by Microsoft's crackdown on macros are shifting to malicious OneNote attachments. Particularly worrying is the takeup of the tactic by an initial access broker associated with various ransomware infections, say researchers from Proofpoint.
Christmastime was bleak for a number of organizations in Britain that got hit with ransomware, including car dealership giant Arnold Clark, which originally reported that no customer data had been stolen. But the business subsequently revised its assessment, after attackers dumped stolen data.
Okta will execute the third-largest round of layoffs of any cybersecurity company in the current economic downturn, axing 300 workers following customer identity execution challenges. The identity giant plans to reduce its staff by 5% in a push to reduce operating expenses and improve profitability.
Virginia Democratic Sen. Mark Warner, who chairs the Senate Select Committee on Intelligence, says he hopes to gather support for new bipartisan legislation this year to incentivize healthcare sector entities to meet certain minimum cybersecurity standards and tackle other top security concerns.
Researchers from cybersecurity firm WithSecure say they spotted a North Korean espionage campaign they dub "No Pineapple" that reveals a slew of tools in the Pyongyang hacking arsenal. They're confident the hackers were North Korean: One hacker connected to an infected server using a DPRK address.
Attackers this week locked up the business of London-based ION Cleared Derivatives, a software firm that supports derivatives trading, forcing major European banks to process trades manually and prompting a major futures exchange to delay the settlement of trades for two hours.
For the first time in 17 years, day-to-day control at converged endpoint management provider Tanium rests outside the Hindawi family. The Seattle-area firm named former Tibco, BMC Software and Salesforce executive Dan Streetman as CEO to evolve Tanium's client-facing operations and partner strategy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.