The United States' second-highest-ranking prosecutor said the Department of Justice has pivoted its security strategy from pursuing courtroom victories to preventing and disrupting cybercrime. Lisa Monaco said Justice officials now put victims at the center of their cybercrime response.
Diabetic patients who used a Medtronic smartphone app for managing insulin levels are being told that Google may have collected certain personal information through the sign-in infrastructure. The disclosure comes amid a wave of healthcare providers reassessing their use of third-party tools.
Nurse call systems present a top cybersecurity risk in clinical environments, but so do an array of other similarly connected nonmedical devices commonly found in healthcare settings, says a new research study by security vendor Armis.
ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of opening-day speakers and hot topics including the emergence of AI, the latest intel on nation-state threats, security product innovation and deals, and ransomware trends. Join us for daily updates from RSA.
A Chinese and a Hong Kong national are each under U.S. federal indictment for their roles in channeling cryptocurrency stolen by North Korean hackers into hard currency. Prosecutors also indicted a North Korean man for representing the sanctioned Korea Kwangson Banking Corp.
The dark web is an ideal platform for planning dangerous crimes, which is why India's state of Kerala has coordinated cybersecurity experts and law enforcement officials, said Manoj Abraham, additional director general of police for the Government of Kerala.
What is the role of payment intermediaries when fraud takes place? How much are they working with banks to reduce risks from payment fraud? Anuj Bhansali, head of trust and safety at PhonePe, discusses the payment fraud landscape in India and steps to reduce authorized push payment fraud.
Over a five-year span, reported BEC incidents cost global enterprises more than $43 billion in losses. This trend has the attention of the U.S. Secret Service. Agents Kevin Cooke and Abigail Tyrrell discuss why law enforcement partnerships and speed of response are more critical than ever.
According to findings from the Identity Theft Resource Center's 2023 Q1 Data Breach Report, the number of publicly reported data compromises decreased, but the number of data breaches with no actionable information about the root cause of the compromise grew.
Threat actors are exploiting Kubernetes Role-Based Access Control in the wild to create backdoors and to run cryptocurrency miners. Researchers observed a recent campaign that targeted at least 60 Kubernetes clusters by deploying DaemonSets to hijack and steal resources from the victims' clusters.
A North Korean backdoor targeting Linux desktop users shares infrastructure with the hacking group behind the 3CX software supply chain hack. Cybersecurity firm Eset analyzed the backdoor and connected it with a Pyongyang fake job recruiting campaign generally known as Operation Dream Job.
In the latest weekly update, finance security expert Ari Redbord joins ISMG editors to discuss takeaways from the U.S. Treasury's 2023 DeFi Illicit Finance Risk Assessment, the state of blockchain analytics and where it is headed, and traction for FinCEN's Financial Action Task Force Travel Rule.
Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company. The Swedish firm said becoming publicly traded will accelerate Yubico's push to enter adjacent authentication markets and land clients in new verticals.
Soumak Roy, vice president and global cybersecurity practice leader at SDG Corp. and winner of the ISMG Dynamic CISO award in the zero trust category, proudly says he implemented zero trust within a year. Roy shares his journey, learnings and strategies for a smooth zero trust implementation.
The North Korean software supply chain attack on a Chicago financial trading software developer infected additional victims besides 3CX, including organizations in the energy sector, says Symantec Threat Hunter Team. One organization is located in the United States, the other in Europe.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.