On one hand, 60% of survey respondents rate their institutions as "above average" or "superior" when it comes to mitigating fraud. Yet, 55% say their customers and partners lack sufficient awareness to protect themselves from fraud. Appgate's Bryan Jardine analyzes the Faces of Fraud survey results.
U.S. federal agencies issued a joint advisory around potential cyber threats to the nation's water facilities. They cite "ongoing malicious cyber activity - by both known and unknown actors - targeting the IT and OT technology networks, systems and devices" of U.S. water and wastewater systems.
In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner's Office's recent consultation on creating an international data transfer agreement.
A free decryptor for BlackByte ransomware has been released by security researchers at Trustwave who cracked the crypto-locking malware's encryption. But they say that unfortunately, the underlying encryption problem is likely in the process of already being fixed by the malware's developer.
A newspaper reporter in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state's governor. The governor alleged the publication of the vulnerability after it was fixed was part of a "political vendetta."
Democratic lawmakers on the House Committee on Energy and Commerce announced legislation that would rein in tech algorithms on platforms exceeding 5 million monthly viewers. This follows a high-profile whistleblower case heard before Congress on Facebook's allegedly questionable data policies.
Researchers at Cider Security have uncovered a security loophole in GitHub Actions that allows adversaries to bypass the required reviews mechanism and push unreviewed code to a protected branch, allowing it into the pipeline to production.
Australia plans to require businesses with more than $10 million in revenue to report ransomware attacks to the government, part of a comprehensive strategy to fight the attacks that also includes new criminal penalties and assistance to victims. The plan would need to be passed by Parliament.
John O'Driscoll is the first CISO for the Australian state of Victoria, a job that has purview over 1,900 entities with 340,000 public servants. He's an expert in risk and audit, and that has subsequently lead to interesting conversations about who is accountable for risk and how to manage risk.
The White House National Security Council this week kicked off its international counter-ransomware event with participation from more than 30 nations. This gathering aims to elevate both law enforcement collaboration and diplomatic efforts. Noticeably absent from the summit: Russia.
Dutch cybercrime police have a message for almost 30 users of an on-demand distributed denial-of-service site: We see what you're doing; now cut it out or we're going to arrest you. And not for the first time, the move shows police in Europe emphasizing ethical hacking pursuits instead for young adults.
Microsoft disclosed that it mitigated a 2.4 Tbps DDoS attack, which was 140% higher in scale than any previously recorded network volumetric event on Azure. The firm and some security experts say that attacks of this magnitude could wreak havoc on targeted companies and are difficult to mitigate.
The U.S. Attorney's Office for the Eastern District of Virginia last week indicted three men - including an ex-employee of Bank of America and TD Bank - with money laundering and aggravated identity theft after the men allegedly conducted an extensive business email compromise scheme.
How tough is it to apply the principals of zero trust architecture in an OT environment and a military environment? Two experts discuss the challenges and opportunities of implementing ZTA.
In an effort to bolster endpoint protection within the U.S. government, the White House is ordering federal agencies to allow CISA to access existing deployments. It is also setting timelines for improving the protection of workstations, mobile phones and servers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.