A group of fraudsters made more than $1.6 million in a massive scam using fake cryptocurrency giveaway YouTube streams attracting more than 165,000 viewers. The campaign also exploited the names of Vitalik Buterin, Elon Musk, Michael Saylor and other crypto enthusiasts.
Five recently reported data breaches involving cyberattacks on a variety of different types of healthcare sector entities have affected a total of more than 1.2 million individuals. Experts say the incidents highlight the intensifying threat landscape in the sector.
A proposed rule requiring publicly traded companies to disclose a breach within four days of deeming it material will force CISOs to determine the consequences of breaches sooner. CISOs will need to have board-level conversations within a day or two of discovering an issue to assess materiality.
Sunder Krishnan, chief risk officer at Reliance Nippon Life Insurance Co., a joint venture of Reliance Capital and Nippon Life, discusses risk management approaches; using PAM, data encryption and other processes to safeguard customer data; and investing in behavioral systems to secure data.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
APT-C-23, a politically motivated, Hamas-linked threat actor, is using fake Facebook profiles to trick high-ranking Israeli officials into downloading previously undocumented Trojanized Android and PC direct message applications that grant them access to the victims' devices.
A week after the Spring4shell vulnerability was first detected, security companies Microsoft, Check Point and Akamai have identified exploitation attempts, and Trend Micro has confirmed the first successful attempt - the Mirai botnet leveraging CVE-2022-22965 for its malicious operations.
David Pollino, former CISO of PNC Bank, joins two editors at ISMG to discuss what organizations can do to harden their cybersecurity defenses, how we need to think about our adversaries differently in today's threat landscape and how the "Great Resignation" is affecting cybersecurity.
Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.
Investment platform Cash App, a subsidiary of U.S.-based payments company Block, says it has been breached. The incident happened last year when a former employee downloaded reports containing Cash App U.S. customer information, including full names, brokerage account numbers and portfolio values.
In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.
The Justice Department has announced that it has successfully disrupted "Cyclops Blink," a botnet controlled by the Russia-linked threat actor Sandworm, aka Voodoo Bear. The court-authorized operation was conducted in March and removed the botnet from thousands of infected devices worldwide.
New BeyondTrust CEO Janine Seebeck plans to help privileged users protect themselves by applying machine learning to detect patterns in the data generated across BeyondTrust's 20,000 customers. She starts as BeyondTrust's CEO July 1 and replaces Matt Dircks, who has led the company since 2014.
Chinese state-backed threat actor Cicada, aka APT10, is attacking global organizations in what appears to be a monthslong espionage campaign. On its radar are government, legal, religious and nongovernmental organizations in Europe, Asia and North America, the Symantec Threat Hunter team says.
The REvil ransomware gang's attack against the U.S. software company Kaseya in July 2021 is one of the largest and most intriguing ransomware attacks of all time. Here's the inside story of how the attack went down and how organizations recovered.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.