A French law requiring companies to report cyber incidents to authorities within 72 hours or lose their eligibility for cyber insurance reimbursement has practitioners scratching their heads. Global companies with headquarters in France will have the most uncertainty, experts say.
Identity verification and e-signature firm OneSpan is working with investment bank Evercore on a sale process that could attract interest from other businesses and private equity firms, Reuters reported. This follows five publicly traded cyber vendors agreeing to go private since the start of 2022.
Key to the business success of top ransomware groups remains their ability to find innovative new ways to amass victims. For Hive, which received more than $100 million in ransom payments before being disrupted by law enforcement, the new business strategy that helped it thrive was co-working.
Arctic Wolf has expanded its security operations platform into threat intelligence, incident response and cyber insurance, says CEO Nick Schneider. The company has focused on putting businesses in the best possible position to answer questions from insurance carriers following a security incident.
Here's further proof many cybercriminals are rampant self-promoters: Credit card market BidenCash, which sells compromised payment card data, dumped 2 million payment cards for free. This shows that competition between carder markets - and increasingly, Telegram-based vendors - is fierce.
In the 21-month stretch from October 2020 to June 2022, a whopping 48 cybersecurity startups received 10-figure valuations as investors evaluated prospects on potential rather than performance. Now that the financial boom has gone bust, what happens to these unicorns from a different economic era?
Summa Equity bought a majority stake in Logpoint to help the security operations firm expand in areas such as automation, detection and response, and attack surface management. The sustainable growth fund says the acquisition will allow the company to acquire technologies in adjacent areas.
The situation at LastPass keeps getting worse: The company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
A Chinese law requiring mandatory disclosure to the government of vulnerability reports appears to be paying dividends for state-connected hacking. "The Chinese government is up-leveling their capabilities," says Adam Meyers, senior vice president of intelligence at CrowdStrike.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
India and Singapore made it easier and cheaper for their citizens to send and receive money through the integration of UPI and PayNow, but could this move lead to a rise in cross-border online payment scams? Reports of UPI-related fraud surged in India in 2022.
Healthcare entities and their vendors should be prepared to show evidence to regulators of how they've implemented "recognized security practices," or RSPs, says Robert Booker, chief strategy officer of HITRUST. "You've got to demonstrate that you align with a framework."
Reddit says hackers penetrated its internal systems via a phishing attack but that user passwords and accounts appear safe. The self-proclaimed "front page of the internet" says the hackers gained access to its internal documents, code and some internal business systems.
Adopting hybrid or public clouds remains IT’s go-to means of achieving scale. While this transformation has improved price performance and advanced tech-driven business capabilities, including faster and deeper data insights, it hasn’t always engendered greater customer trust.
Attackers targeting unpatched VMware ESXi hypervisors to hit virtual machines have reportedly modified their ESXiArgs ransomware to prevent victims from using decryption workarounds identified by researchers. The campaign has already amassed nearly 3,000 known victims and could have many more.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.