A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," says former National Security Agency deputy commander Tim Kosiba, CEO of security firm bracket f.
A branch of the U.S. Department of Homeland Security says that it stopped an international hacking group from launching a major cyberattack on an underground cable system's servers. If the attackers had been successful, the incident could have become a national security threat, security experts say.
Ronin Network, which powers the popular NFT game Axie Infinity, announced it had been the victim of a security breach that amounted to about $615 million in stolen funds. The company tweeted that the attacker's wallet had been connected to Binance and that an investigation is currently underway.
Researchers discovered a new social engineering-heavy malware campaign focused on defrauding employees in West Africa's banking sector. Although this campaign is not exactly new, it shows a detailed account of what social engineering looks like, according to cybersecurity veteran Tari Schreider.
Microsoft says it has seized control of 65 domains that the ZLoader gang has been using to grow, control and communicate with its botnet. ZLoader, a descendant of the ubiquitous Zeus banking malware, is run by a global, internet-based, organized crime gang operating malware as a service.
U.S. government agencies, including the Department of Energy, CISA, the NSA and the FBI issued a joint cybersecurity advisory about advanced persistent threat actors using new tools and malwares to target industrial control systems and supervisory control and data acquisition devices.
Accenture's new ransomware report reveals key challenges in executing an effective communications plan. Robert Boyce, managing director of global cyber response, discusses why existing recovery strategies aren't enough and offers practical steps for managing a ransomware response.
The latest edition of the ISMG Security Report analyzes the latest cyberthreats to the energy sector as Russia's invasion of Ukraine continues. It also examines best practices for Customer Identity and Access Management and how healthcare institutions can sharpen their defense strategies.
The Dutch Data Protection Authority has imposed penalties of 3.7 million euros ($4 million) and 565,000 euros ($600,000) on the Dutch Tax and Customs Administration and the Ministry of Foreign Affairs, respectively, for violating the General Data Protection Regulation.
Account opening fraud - a relatively new type of identity fraud - is plaguing financial institutions, including banks. Experts and stakeholders in the industry discuss with ISMG the impact it has on their organizations, the challenges of identifying and tracking fraud, and mitigation measures.
Last week, the U.S. Department of Justice said that law enforcement authorities had made "one of the largest cryptocurrency forfeiture actions ever filed by the United States," confiscating about $34 million worth of cryptocurrency "tied to illegal dark web activity." Here's how they made it happen.
A yearlong joint operation by law enforcement agencies across several countries led to the shuttering of darknet marketplace RaidForums and the seizure of three domains hosting the website. Its 21-year-old alleged founder and two unidentified co-conspirators have also been arrested.
KKR plans to buy Barracuda Networks to support growth in managed detection and response, extended detection and response, and secure access service edge. KKR plans to provide resources and expertise to fuel Barracuda's growth past the $500 million sales figure it hit under Thoma Bravo's ownership.
A breach involving the compromise of a single user's email account at an Illinois-based multispecialty clinic has affected nearly 503,000 individuals - one of the largest breaches reported so far this year to federal regulator. How can other entities avoid similar email security incidents?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.