An April ransomware attack against one of Australia's largest law firms swept up the data of 65 Australian government agencies, the country's national cybersecurity coordinator said Monday. The Russian-speaking Alphv hacking group claimed responsibility earlier this year for hacking HWL Ebsworth.
A spate of high-profile ransomware attacks shows that the Asia-Pacific region is squarely in the crosshairs of cybercriminal groups, and some fear that attackers are turning to smaller, regional businesses even less prepared to defend themselves. Expert weigh in on defensive strategies.
Growing reliance on both AI and generative AI is posing new challenges to CISOs. For example, CISOs have limited visibility into how certain large language models were packaged, making it difficult for them to spot security and privacy risks, said Chandan Pani, CISO at LTIMindtree.
China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic information security laws.
Hackers stole the personal details of thousands of police officers and staff in a ransomware attack that swept up one of the United Kingdom's largest law enforcement agencies. The Greater Manchester Police on Thursday described the attack as targeting a third-party supplier of various organizations.
A major ransomware attack on the Sri Lankan government's cloud infrastructure compromised approximately 5,000 government email accounts and wiped out numerous emails that had not been protected by offline backups. The agency said some employees lost three months of email messages.
Cybersecurity researchers at Symantec said a cybercriminal entity with possible ties to the Chinese government used the ShadowPad Trojan to target an Asian country's national power grid earlier this year. The Redfly APT group focused on stealing credentials and compromising multiple computers.
Cybercriminals have found a new opportunity to exploit retail investors - a popular target among individuals looking to diversify their income. Researchers at Group-IB discovered an ongoing global investment scam that uses fake money-making investment schemes to lure investors.
The U.K. government may have sidestepped a fight with American tech companies by appearing to soften a legislative mandate for chat apps to actively scan for terrorist and child sexual abuse content. The House of Lords is set this week to return the Online Safety Bill to the House of Commons.
More than a one-fourth of Indian organizations suffered over $2 million in losses to cyberattacks in the past year as a result of a lack of skilled cybersecurity workforce and funds, according to a recent survey by cloud cybersecurity vendor Cloudflare.
U.S. tech companies are stepping up warnings to British lawmakers over a government proposal they say will fatally weaken security and privacy protections for users. The House of Lords is set to return the bill to the House of Commons after a third reading scheduled to begin Wednesday.
One-fourth of APAC healthcare organizations over the past year paid a ransom to recover encrypted files and systems, and a greater share incurred losses exceeding $1 million to cyberattacks. A survey by cybersecurity firm Claroty found that defenders are understaffed and using outdated technology.
While the problems of money laundering and mule accounts continue to haunt the financial industry, fintechs are using AI to a large extent to mitigate the problem, said Kawin Boonyapredee, a member of the Cyber Risk Subcommittee for the Singapore FinTech Association.
Japanese government investigators say cybercriminals are employing a new technique that tricks users into downloading malicious Word files disguised as harmless PDFs. Japan's Computer Emergency Response Team warned that the "maldocs" attack can bypass traditional malware detection.
The BlackCat group on Monday claimed responsibility for a ransomware attack on Japanese watchmaker Seiko, publishing samples of stolen data files as proof of its exploit. Seiko Group Corp. announced earlier this month that it had detected unauthorized users accessing of some of its servers.