(Photo: AgelessFinance/37 images via Pixabay)

Nearly $200 Million Stolen in BitMart Crypto Exchange Hack

Dan Gunderman • December 6, 2021

Nearly $200 million has reportedly been stolen from the cryptocurrency exchange BitMart, one of the top centralized crypto exchanges by volume, according to China-based blockchain analytics firm PeckShield, which tracked the heist beginning Saturday.

Business Continuity Management / Disaster Recovery

Essential Preparations for the Holiday Season Attack Surge

Latest

Breach Notification

Incident Response: Best Practices in the Age of Ransomware

Mathew J. Schwartz • December 6, 2021

Good news on the breach prevention and incident response front: More businesses are getting more mature practices in place, although as attackers continue to improve their efforts, so too must defenders, says incident response expert Rocco Grillo of consultancy Alvarez & Marsal.

Access Management

Missouri Governor's Hack Accusation Loses Steam

Jeremy Kirk • December 6, 2021

In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.

3rd Party Risk Management

Alert: 'Cuba' Ransomware Slams Critical Sector Organizations

Prajeet Nair • December 4, 2021

The FBI warns that the "Cuba" ransomware-wielding attackers have extorted $43.9 million in ransom payments from victims after compromising at least 49 organizations across five critical infrastructure sectors - financial services, government, healthcare, manufacturing and IT - since early November.

Account Takeover Fraud

ISMG Editors: Are We Close to Cracking Cybercrime Ecosystem?

Anna Delaney • December 3, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the FBI has seized bitcoins from an alleged REvil ransomware affiliate, how to mitigate risks from BIN attacks and the latest COVID-19 trends globally.

Business Continuity Management / Disaster Recovery

Need to Negotiate a Ransomware Payoff? Newbies: Start Here

Anna Delaney • December 3, 2021

The latest edition of the ISMG Security Report features an analysis of best practices for negotiating a ransom payment. Also featured: Busting Zero Trust myths and the dangers of mythologizing defenders.

Analytics

Using Behavioral Biometrics to Secure Against Digital Fraud

Geetha Nandikotkur • December 2, 2021

A risk-based approach to secure against digital fraud requires putting in the correct security controls in proportion to the organizational risk, which is determined by understanding the customer's subconscious habits, says Australia-based Tim Dalgleish, senior director, a global advisory, at BioCatch.

Video

Overcoming the Hesitancy to Move to the Cloud

Suparna Goswami • December 2, 2021

"Enterprises are reluctant to move to the cloud because they are concerned about the infrastructure and data security that cloud vendors are going to offer," says Deepak Prasad, customer engineer, security specialist at Google Cloud. He gives advice on making the digital transformation journey smoother

Cybercrime

Report: Aberebot-2.0 Hits Banking Apps and Crypto Wallets

Soumik Ghosh • December 1, 2021

A new variant of the Aberebot banking Trojan has been discovered by Cyble's researchers. Christened Aberebot-2.0, the latest malware version not only uses more advanced spying capabilities, it also has increased its target list to 213 banking apps and nine crypto wallets in 22 countries.

Cybercrime

Banish Sequential Numbering: How to Combat 'BIN Attacks'

Suparna Goswami • December 1, 2021

In order to identify BIN attacks, it is important for payment card brands to leverage AI and automated systems for monitoring transaction data to look for unusual patterns, says Keri Crane, advisory technical product manager with Jack Henry & Associates. She also discusses mitigation tips.

Fraud Management & Cybercrime

Why Today's Security Rhetoric is Harmful and Must Change

Anna Delaney • November 30, 2021

In her latest book, "Rhetoric of InSecurity: The Language of Danger, Fear and Safety in National and International Contexts," academic Victoria Baines questions the imagery and rhetoric we use to communicate safety and security issues, and details their unwelcome impact on the workforce.

3rd Party Risk Management

Japanese Electronics Giant Panasonic Discloses Data Breach

Dan Gunderman • November 30, 2021

Japanese multinational conglomerate Panasonic has disclosed a security breach that it says involved unnamed threat actors accessing servers on its network. The company says it detected the breach on Nov. 11. It was determined that some data on a file server had been accessed during the intrusion.

Cybercrime

The Best Gift for the Holidays? An Incident Response Plan

Anna Delaney • November 26, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why security teams are still unprepared for cyberattacks over weekends and holidays, which experts warn is when attackers love to strike.