Image: Shutterstock

Ransomware Hit on ION Group Delays EU Derivatives Trades

Cal Harrison • February 1, 2023

Attackers this week locked up the business of London-based ION Cleared Derivatives, a software firm that supports derivatives trading, forcing major European banks to process trades manually and prompting a major futures exchange to delay the settlement of trades for two hours.

Fraud Management & Cybercrime

FBI Seizes Hive Ransomware Servers in Multinational Takedown

Latest

Endpoint Security

Tanium Taps Tibco CEO Dan Streetman to Replace Orion Hindawi

Michael Novinson • February 1, 2023

For the first time in 17 years, day-to-day control at converged endpoint management provider Tanium rests outside the Hindawi family. The Seattle-area firm named former Tibco, BMC Software and Salesforce executive Dan Streetman as CEO to evolve Tanium's client-facing operations and partner strategy.

Blockchain & Cryptocurrency

Banner Year for North Korean Cryptocurrency Hacking

Rashmi Ramesh • February 1, 2023

North Korean hackers stole $1.7 billion in cryptocurrency during 2022, most of it from decentralized finance platforms, Chainalysis finds. North Korean hackers are "systematic and sophisticated" in hacking and laundering stolen funds, and the nation supports cryptocurrency-enabled crime.

Open XDR

Bitdefender CEO Florin Talpes on Bringing XDR to the Masses

Michael Novinson • February 1, 2023

Incumbent XDR platforms target large enterprises with access to a full security operations center, threat hunters and incident response teams, says Bitdefender CEO Florin Talpes. But firms looking to successfully serve the SMB market need to modify their XDR tools to address the skills shortage.

Critical Infrastructure Security

White House Mulls Banning Huawei's Access to US Technology

Mathew J. Schwartz • February 1, 2023

Chinese technology firms could be completely banned from buying U.S.-built technology under export control restrictions being mulled by the White House, which has already restricted access to the advanced semiconductors Beijing needs to realize its large-scale artificial intelligence ambitions.

Governance & Risk Management

Network Security, Isolation Still Pose Zero Trust Challenges

Suparna Goswami • February 1, 2023

Praveen Kumar, group CISO of Zee Entertainment Enterprises, says the market has failed to provide enough solutions to isolate the network when an attack happens. While a zero trust approach helps, there are not enough tools available in the market, he adds.

Endpoint Security

Trellix CEO on Unifying Endpoint, SecOps and Data Protection

Michael Novinson • January 31, 2023

Trellix will debut a console that offers endpoint, security operations and data protection capabilities and a plug-in for network detection and response. The company has moved FireEye's best-in-class detection engines to the cloud for NDR and examined how to address areas such as packet capture.

Governance & Risk Management

Juniper Exec Samantha Madrid on Pursuing Single-Vendor SASE

Michael Novinson • January 31, 2023

Juniper Networks has debuted security service edge capabilities that help clients consistently apply zero trust policies in the cloud regardless of the user or device. Juniper takes the policies customers already use within their network and converts them to cloud-delivered policies with one click.

Application Security

Snyk CEO Peter McKay on Making Defense Easier for Developers

Michael Novinson • January 31, 2023

The nearly $200 million it raised in December will allow Snyk to consolidate the developer security market through organic investment and M&A, says CEO Peter McKay. Snyk has focused on bringing open-source security, container security, infrastructure- as-code security and cloud security together.

Breach Notification

ITRC Breach Report: Lack of Transparency, Details Worsen

Anna Delaney • January 31, 2023

The Identity Theft Resource Center's 2022 Annual Data Breach Report reveals a near-record number of compromises - the second-highest number in 17 years. ITRC COO James Lee worries that a sudden lack of transparency in breach notices is creating more risk for consumers.

Customer Identity & Access Management (CIAM)

Founder Sachin Nayyar Back as CEO of Identity Vendor Saviynt

Michael Novinson • January 31, 2023

Saviynt has brought founder and longtime leader Sachin Nayyar back as its chief executive to govern access around privileged, machine and third-party identities. Saviynt wants Nayyar to implement a strategy that incorporates everything from critical apps and cloud workloads to IoT devices and bots.

Critical Infrastructure Security

Russian Sandworm APT Adds New Wiper to Its Arsenal

Mihir Bagwe • January 31, 2023

Security researchers say they found the Russian intelligence-linked Sandworm threat actor deploying a novel disk wiper against an energy sector company located in Ukraine. Data wipers have played a key role in Russia's hacking campaign against Ukraine.

Will Hive Stay Kaput After FBI Busts Infrastructure?

Mathew J. Schwartz • January 31, 2023

What's not to love about an international law enforcement operation visiting disruption on Hive, the ransomware-wielding crime syndicate? But with no suspects in jail, it's unclear how long this takedown might stick before the bad guys reboot or rebrand.