Using intrusive technologies to check staff behavior in an effort to fight against supply chain fraud is ineffective, says Richard Dailly, managing director in Hong Kong at the security firm Kroll, who explains why.
A Chinese-speaking hacking group used a rare Unified Extensible Firmware Interface bootkit dubbed "MosaicRegressor" to target nongovernment organizations and diplomatic missions with an espionage campaign for two years, the security firm Kaspersky reports.
Privacy regulators in Germany have slammed clothing retailer H&M with a $41 million fine for collecting and retaining private employee data in violation of the EU's General Data Protection Regulation. H&M has apologized, instituted changes and promised to financially compensate employees.
Organizations in all sectors need to end "the dichotomy between privacy and security" and avoid a checklist approach to privacy protection, says digital ethics expert Ivana Bartoletti, who explains why ensuring customers' privacy is essential to a company's survival.
A new malware variant dubbed Black-T developed by the hacker group TeamTnT targets exposed Docker daemon APIs to perform scanning and cryptojacking operations, according to researchers at Palo Alto Networks' Unit 42.
Digital identity is coming of age as a way to enable COVID-19 contact tracing, crack down on payment fraud and much more, says Tony Craddock of the Emerging Payments Association.
Security researchers at Appgate are warning about a recently uncovered ransomware variant called Egregor that appears to have infected about a dozen organizations worldwide over the past several months. The gang behind this crypto-locking malware is threatening to release data if victims don't pay.
To help ensure security as India moves to digital payments, enterprises need to educate their customers to help them understand potential risks and take the right precautions, says payments expert Navin Surya.
Eight months after Microsoft issued a critical security update fixing a remote code execution flaw in Exchange Server, more than half of these mail servers in use remain vulnerable to exploits, according to the security firm Rapid7.
Among the most malicious and potentially dangerous cyber incidents affecting the healthcare, energy and other sectors are evolving "distruptionware" attacks - including ransomware - that aim to shut down businesses, says retired FBI agent Jason G. Weiss.
A recently updated version of the "InterPlanetary Storm" botnet is now infecting Mac and Android devices as well as those running Windows and Linux, researchers at Barracuda Networks say.
U.S. President Donald Trump's positive COVID-19 test result may expose the country to increased nation-state mischief. And without a doubt, scammers, fraudsters and disinformation teams will attempt to exploit the news for their own goals.
Death via a thousand paper cuts? The U.S. government hasn't been able to arrange a domestic court date for whistleblower Edward Snowden, but via the courts, it's successfully been awarded $5.2 million in his book royalties and revenue from speaking engagements.
The latest edition of the ISMG Security Report analyzes cybersecurity firm McAfee's plans to again become a publicly traded company. Also featured: 'Zero trust' strategic insights and an IoT security flaw saga.
One of the biggest challenges of remote fraud investigation is the inability to verify the data handed over to you, says Charanjeet Singh Bhatia, senior vice president and head of fraud risk and investigation at First Abu Dhabi Bank in UAE.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.