Josh Lospinoso, co-founder and CEO, Shift5 (Image: Shift5)

Shift5 Gets $33M to Help Safeguard Commercial Transportation

Michael Novinson • June 9, 2023

Moore Strategic Ventures led a $33 million investment into a military and transportation security startup founded by officers who stood up U.S. Army Cyber Command. The funds will help Shift5 expand from safeguarding military vehicles to protecting commercial modes of transportation.

►

3rd Party Risk Management

Highlights of Verizon Data Breach Investigations Report 2023

Latest

Fraud Management & Cybercrime

MOVEit Discloses More Vulnerabilities, Issues Patch

David Perera • June 9, 2023

The company behind the MOVEit managed file transfer application is urging customers into a new round of emergency patching after identifying additional vulnerabilities. "These newly discovered vulnerabilities are distinct from the previously reported vulnerability," said Progress Software.

Blockchain & Cryptocurrency

US DOJ Charges Two Russian Nationals With Mt. Gox Hack

David Perera • June 9, 2023

U.S. federal prosecutors accused two Russian nationals of carrying out the heist that provoked the 2014 collapse cryptocurrency trading exchange Mt. Gox, then the world's largest crypto platform. One of them used the proceeds to co-found BTC-e, a now-shuttered crypto money laundering platform.

Fraud Management & Cybercrime

Point32Health, Harvard Pilgrim Facing 4 Data Breach Lawsuits

Marianne Kolbasuk McGee • June 9, 2023

An April ransomware attack that compromised the personal information of more than 2.5 million individuals has triggered at least four proposed federal class action lawsuits against Massachusetts health insurer Harvard Pilgrim Health and its parent company, Point32Health.

Cloud Security

Cloud Security Trends, Best Practices Everyone Should Know

Tom Field • June 9, 2023

As cloud migration continues across regions and sectors, how are organizations choosing security tools, and how are those tools being operationalized? Which practices are producing the best security outcomes? Explore these cloud security tips from Palo Alto Networks' Ben Nicholson.

Cryptocurrency Fraud

ISMG Editors: Verizon's DBIR Reveals Surge in BEC Scams

Anna Delaney • June 9, 2023

In the latest weekly update, four ISMG editors discuss highlights from Verizon's 16th annual Data Breach Investigations Report, what's on the mind of CISOs in Malaysia and the Philippines, and how the U.S. SEC sued crypto trading platforms Binance and Coinbase over securities violations.

Fraud Management & Cybercrime

New Entrants to Ransomware Unleash Frankenstein Malware

Mathew J. Schwartz • June 9, 2023

Ransomware hackers are stretching the concept of code reuse to the limit as they confront the specter of diminishing returns for extortionate malware. In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups.

Fraud Management & Cybercrime

Nova Scotia Health Says 100,000 Affected by MOVEit Hack

Marianne Kolbasuk McGee • June 8, 2023

Hackers stole personal information of up to 100,000 employees of Nova Scotia Health by exploiting the zero-day in Progress Software's MOVEit managed file transfer application. The software is widely used in the healthcare sector, warned the U.S. federal government.

Blockchain & Cryptocurrency

Cryptohack Roundup: Court Summons for Binance Chief

Rashmi Ramesh • June 8, 2023

This week: A U.S. federal court issued a summons to Binance CEO Changpeng Zhao, Lazarus may be behind the $35 million Atomic Wallet heist, and Manhattan prosecutors seized a scam crypto recovery website. Also, the Blockchain Association weighs in on Tornado Cash, and crypto security attacks decline.

Fraud Management & Cybercrime

Breach Roundup: Barracuda Networks Recalls Hacked Appliances

Anviksha More • June 8, 2023

This week: Barracuda Networks recalls hacked email security appliances, the latest on MOVEit, and a Gigabyte motherboard firmware security vulnerability is exposed. Also, researchers detail a patched flaw in the Microsoft Visual Studio extension installer, and ransomware hits across the globe.

Cybercrime

US Supreme Court Curtails Identity Theft Prosecutions

Marianne Kolbasuk McGee • June 8, 2023

The Supreme Court on Thursday narrowed federal prosecutors' ability to bring identity theft charges in an opinion holding that misuse of another person's identification must be the crux of a criminal offense "rather than merely an ancillary feature of a billing method."

Business Email Compromise (BEC)

US DOJ Indicts 6 for $6M Business Email Compromise Scam

Rashmi Ramesh • June 8, 2023

U.S. federal prosecutors unsealed indictments Wednesday against six Houston-area men for an alleged six-month spree of business email compromise thefts adding up to nearly $6 million. Business email compromise is a mainstay of social engineering fraud.

Cryptocurrency Fraud

Hacking Group Seen Mixing Cybercrime and Cyberespionage

Mathew J. Schwartz • June 8, 2023

Hacking group Asylum Ambuscade, which security researchers say aligns with Belarusian government interests, has an "unusual" twist: It appears to be mixing cybercrime - focused on banking and cryptocurrency customers - with cyberespionage, including attacks targeting Ukraine.