Latest

Artificial Intelligence & Machine Learning

Microsoft to Buy Nuance Communications for $19.7 Billion

Marianne Kolbasuk McGee  •  April 12, 2021

Microsoft Corp. on Monday announced it will acquire cloud-based speech technology and artificial intelligence vendor Nuance Communications in an all-cash transaction valued at $19.7 billion. The deal is expected to close by the end of this year.

►

Governance & Risk Management

Why Is Mastercard Working on Digital ID Assurance?

Nick Holland  •  April 12, 2021

Sarah Clark of Mastercard discusses why the card payment network is expanding its focus to include digital identity assurance.

Breach Notification

Facebook Tries to 'Scrape' Its Way Through Another Breach

Mathew J. Schwartz  •  April 12, 2021

Facebook has been attempting to dismiss the appearance of a massive trove of user data by claiming it wasn't hacked, but scraped. No matter how the theft is characterized, 533 million users have just learned that their nonpublic profile details were stolen and sold to fraudsters.

►

Anti-Money Laundering (AML)

The Role of Predictive KYC in Fighting Money Laundering

Suparna Goswami  •  April 9, 2021

How can automation help to reduce money laundering fraud? Larry Gordon and Kathleen Gowin of the consultancy Endurance Advisory Partners describe how predictive KYC can help mitigate risks.

Cybercrime

Fraudsters Flooding Collaboration Tools With Malware

Prajeet Nair  •  April 9, 2021

The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.

►

Endpoint Security

Weekly Roundup: Biden’s Cybersecurity Proposals and More

Anna Delaney  •  April 9, 2021

Four editors at Information Security Media Group discuss important cybersecurity issues, including President Biden’s latest cybersecurity proposals and large vendor-related breaches in healthcare.

Cybercrime

Crisis Communications: How to Handle Breach Response

Anna Delaney  •  April 9, 2021

The latest edition of the ISMG Security Report features an analysis of why transparent communication in the aftermath of a data breach pays off. Also featured: Mastercard on digital identity issues; building a more diverse and inclusive cybersecurity workforce.

Identity & Access Management

Death to 'Fluffy': Please Stop With the Pet Name Passwords

Mathew J. Schwartz  •  April 9, 2021

Loving your pet and creating tough-to-crack passwords should remain two distinctly separate activities. Unfortunately, Britain's National Cyber Security Center reports that more than 1 in 6 Brits admit to using the name of a pet as their password. And the problem is global.

Fraud Management & Cybercrime

Post-Ransomware Response: Victim Says 'Do the Right Thing'

Mathew J. Schwartz  •  April 8, 2021

Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.

Cybercrime

Ziggy Ransomware Gang Offers Victims Ransom Refunds

Doug Olenick  •  April 7, 2021

The now-defunct Ziggy ransomware gang is reportedly offering to return the ransoms it collected, but some security experts question whether the offer is legitimate or a publicity stunt.

Fraud Management & Cybercrime

Attackers Target Unpatched SAP Applications

Akshaya Asokan  •  April 7, 2021

Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.

Breach Notification

Ransomware Cleanup Costs Scottish Agency $1.1 Million

Mathew J. Schwartz  •  April 6, 2021

How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.