CISOs are gaining additional discretionary powers to make risk-based decisions, especially as organizations implement the ISO 27035-3 incident response standard, says Khawaja Mohammad Ali, CISO of a large federal bank in Pakistan.
An international coalition of police agencies made 179 arrests and seized virtual currency, cash and drugs based on intelligence gathered from earlier takedowns of the Wall Street and Alphabay darknet marketplaces.
Reviewing online attack trends for the first half of the year, numerous cybersecurity firms agree: COVID-19 was king. As the pandemic has reshaped how many live and work, so too has it driven attackers to attempt to exploit work-at-home challenges and virus fears.
U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.
TikTok and WeChat both received reprieves over the weekend that helped avert U.S. blocks of their social media apps. President Donald Trump says he has given his "blessing" to a deal that would see Oracle and Walmart take a stake in TikTok's U.S. operations. Separately, a federal judge suspended a WeChat ban.
Foreign and domestic hacking activity targeting NASA continues to grow at a time when many staffers are working at home, space agency officials testified at a Friday Congressional hearing where they were questioned about risk mitigation efforts.
Hackers compromised the network of Saudi Arabia's Virgin Mobile KSA, gained email system access and offered stolen data for sale on the dark web. According to a source with knowledge of the attack, the incident - remediated late last week - is one of a string of attacks against organizations in the Middle East.
A hacking group targeting Iranian dissidents has developed malware that can bypass two-factor authentication protection on Android devices to steal passwords, according to Check Point Research. The hackers have also targeted victims' Telegram accounts.
An organization has successfully implemented a "zero trust" framework when it can achieve context-aware resolution of a risk, says Dr. Siva Sivasubramanian, CISO of SingTel Optus, an Australian telecommunications firm.
Check Point Research analysts have observed a significant rise in online attacks against the educational sector worldwide since July. DDoS attacks have surged in the U.S., while European institutions have been hit by ransomware.
Mozi, a relatively new peer-to-peer botnet, is now dominating global IoT network traffic, according to a new report from IBM's X-Force unit. The malware is being used to launch DDoS attacks as well as mine for cryptocurrency.
The latest edition of the ISMG Security Report analyzes whether a leaked database compiled by a Chinese company should be a cause for serious concern. Also featured are discussions on vulnerability disclosure challenges and risks posed by using social media apps for payments.
The U.S. Treasury Department on Thursday imposed sanctions on an Iranian advanced persistent threat group, 45 associated individuals and a front company the Iranian government allegedly used to run a years-long malware campaign that targeted Iranian dissidents, journalists and others.
Many financial institutions have deployed fraud fusion centers as a way to help mitigate risks. But as fraudsters revamp their techniques, banks need to revamp these centers to keep up, says Jeff Dant of BMO Financial Group, who will speak at ISMG's Virtual Cybersecurity and Fraud Summit: Toronto.
A ransomware attack that reportedly was directed at a German university but shut down emergency services at an affiliated hospital likely contributed to the death of a patient who needed urgent treatment but instead had to be transported to another hospital, delaying care, according to a news report.