Police have confiscated $90 million from a company allegedly owned by Alexander Vinnik, who is accused of money laundering and defrauding individuals through BTC-e, a cryptocurrency exchange he controlled.
It's a good time to be a CISO. You have the board's attention, and now you can use your position to ensure appropriate resources to tackle key challenges such as identity & access, cloud application security and third-party risk. Expel CISO Bruce Potter discusses how best to influence these decisions.
Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We are addressing problems too far downstream," he says.
The Evil Corp cybercrime group, originally known for the Dridex banking Trojan, is now using new ransomware called WastedLocker, demanding ransom payments of $500,000 to $1 million, according to security researchers at NCC Group's Fox-IT.
Many ransomware gangs hell-bent on seeing a criminal payday have now added data exfiltration to their shakedown arsenal. Gangs' extortion play: Pay us, or we'll dump stolen data. One massive takeaway is that increasingly, ransomware outbreaks also are data breaches, thus triggering breach notification rules.
Federal agencies will add a layer of security to their websites that use the top-level domain .gov. All the sites eventually will use the HSTS protocol, which ensures that a user's connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking.
The recent leak of 269 GB of sensitive data from more than 200 police departments and the FBI could be a sign that law enforcement agencies are becoming a prime target for hackers, given recent civil unrest.
A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos. The analysts also found this campaign is using a previously unknown dropper called IndigoDrop to spread a weaponized version of Cobalt Strike.
It's a new, dynamic workforce - and also a larger, more dynamic threat landscape. How have threats evolved, and how can enterprises better prioritize risks and response? Ran Shahor, CEO of HolistiCyber, shares strategies.
Integrating IoT devices into OT systems brings a raft of security concerns. Microsoft's acquisition of CyberX, which offers a specialized IoT/OT security platform, may give some organizations more confidence to tackle what can be a messy business of securing and monitoring IoT controls across a network.
Four recent cybersecurity incidents that may have involved ransomware demonstrate the ongoing threats facing the sector during the COVID-19 pandemic. They also serve as a warning that extra watchfulness is needed as physicians reopen their clinics.
As a result of the rapid move to a remote workforce, now is a golden opportunity to refine cybersecurity approaches - especially for the cloud, says Christian Toon, CISO at the international law firm, Pinsent Masons.
If the lifting of telehealth restrictions during the COVID-19 pandemic becomes permanent through new legislation or changes in government policies, what would be the potential impact on patient data privacy and security?