Risk management is essential to the existence of every business. It requires organizations to consider which risks they can accept and which risks they can mitigate. But the problem with risk acceptance is that attackers are "actively looking for risks that you haven't mitigated that they're able to exploit," says...
Indian Prime Minister Narendra Modi's official Twitter account was compromised - for the second time - as part of a cryptocurrency scam. The account was "immediately secured" by Twitter, according to a tweet by the PM’s Office. Cyberlaw experts discuss where the onus of protection lies.
The U.S. Federal Trade Commission reports that impostor scams were the #1 type of fraud reported by consumers last year, with losses to American consumers nearly $30B. UK Finance reported an increase in authorized push payment fraud last year with loss of more than £479M, and top UK bank Barclays reported a 20%...
The Southeast Asian region will see a spike in multifaceted extortion with more public breaches, along with an increase in ransomware-as-a-service operations in 2022, says Singapore-based Yihao Lim, principal intelligence adviser at Mandiant Threat Intelligence.
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
Ransomware incidents are becoming a major cause of health data breaches affecting millions of individuals that have been reported so far in 2021, according to the latest additions to the federal tally. What else is topping the list?
Organizations should take a "zero trust" approach to secure their identities, as being able to authenticate and authorize every resource access will minimize risk, says Ivan Lai, solution strategy architect - access for Asia-Pacific and Japan at CyberArk.
According to a panel of experts, protecting the Active Directory, a rich target for increasing ransomware attacks, will require organizations to audit privileged accounts and endpoints with continuous monitoring and an identity governance approach.
Customer authentication is a critical component of almost every application that exists because it serves as a product gateway impacting 100% of customers. While it is a standard feature, it is not easy to get right and the stakes for getting it right are higher than ever: 46% of customers abandon a transaction...
"There are so many basics we need to get right," says Daniel Dresner, professor of cyber security at Manchester University. In this interview, he discusses the cybersecurity practices that he recommends to make the task of securing small- to medium-sized enterprises less overwhelming.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.
Cryptocurrency exchange Coinbase faces potential user trust challenges after a system error led it to send out false automated security alerts to about 125,000 customers indicating their two-factor authentication settings had been changed.
Google has removed eight fake crypto-mining apps from its Play Store, but researchers at security firm Trend Micro have flagged 120 other apps on users' phones purporting to also be crypto-mining. Users paid for services the eight apps never delivered.