North Korean hackers stole $1.7 billion in cryptocurrency during 2022, most of it from decentralized finance platforms, Chainalysis finds. North Korean hackers are "systematic and sophisticated" in hacking and laundering stolen funds, and the nation supports cryptocurrency-enabled crime.
U.S. federal authorities are establishing a new office to tackle supply chain security issues and help industry partners put federal guidance and policies into practice. Former GSA administrator Shon Lyublanovits says she is spearheading the launch of the new organization.
Trellix will debut a console that offers endpoint, security operations and data protection capabilities and a plug-in for network detection and response. The company has moved FireEye's best-in-class detection engines to the cloud for NDR and examined how to address areas such as packet capture.
Juniper Networks has debuted security service edge capabilities that help clients consistently apply zero trust policies in the cloud regardless of the user or device. Juniper takes the policies customers already use within their network and converts them to cloud-delivered policies with one click.
The nearly $200 million it raised in December will allow Snyk to consolidate the developer security market through organic investment and M&A, says CEO Peter McKay. Snyk has focused on bringing open-source security, container security, infrastructure- as-code security and cloud security together.
The Identity Theft Resource Center's 2022 Annual Data Breach Report reveals a near-record number of compromises - the second-highest number in 17 years. ITRC COO James Lee worries that a sudden lack of transparency in breach notices is creating more risk for consumers.
Ukraine traced a cyberattack that delayed a press briefing by the nation's information protection agency Tuesday to Russian Sandworm hackers. The group, which is accused of using wiper malware to disrupt the Ukrainian national Media Center, has close ties to the Russian GRU, investigators say.
The Dutch central bank fined Coinbase 3.3 million euros, saying the U.S. cryptocurrency exchange failed to comply with the national anti-money laundering statute. Since May 2020, Dutch law has required crypto companies operating in the Netherlands to register as money transmitters.
In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether ChatGPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.
Valuations are down, some companies have left the market altogether, and some even have announced deep rounds of layoffs. Yet, Alberto Yépez of Forgepoint Capital retains optimism for the cybersecurity marketplace in 2023 and says now is the ideal time to be ramping up investments in innovation.
In this episode of "Cybersecurity Unplugged," Chris "Tito" Sestito discusses technology to protect neural networks and artificial intelligence and machine-learning models, and John Kindervag explains how such technology fits into the zero trust framework.
North Korea's Lazarus Group was behind the $100 million theft from the Horizon blockchain bridge, the U.S. federal government confirmed. The FBI vowed "to expose and combat North Korea's use of illicit activities - including cybercrime and virtual currency theft - to generate revenue."
How does a CISO map his goals to the security investments made by a company long before he came onboard? How can you balance the short-term and long-terms goals at a new organization? Aditya Vardhan, CISO of Jindal Power & Steel, shares his insights on ensuring a smooth transition.
Spanish authorities arrested three senior executives of the now-defunct cryptocurrency exchange platform Bitzlato, Europol announced. The crime coordination agency says about 46% of the assets exchanged through Bitzlato, worth roughly 1 billion euros, were linked to criminal activities.