In this week's update, ISMG editors discussed a U.K. proposal to mandate ransomware payment reporting, tackling financial crime by bringing together fraud and AML teams, and the global AI arms race as countries compete to lead innovation while balancing regulation and ethics.
The U.S. federal government said Friday it's traced the source of Chinese hacker intrusions into telecom networks to a government contractor located in hacking hotbed Sichuan. The Department of Treasury imposed sanctions on the firm, Sichuan Juxinhe Network Technology.
Biden’s final cybersecurity order expands sanctions authorities to better target ransomware hackers and the financial facilitators and infrastructure providers enabling their attacks, a White House official said Thursday, as the administration aims to disrupt the broader cybercrime ecosystem.
This week, Microsoft laid off security staff and released Patch Tuesday, Russian hackers intensified attacks on Ukraine in 2024, Telefónica confirmed a breach, a Tennessee mortgage leader reported a breach and the Texas AG sued Allstate over driver data collection.
The U.S. federal government targeted for sanctions a network of North Korean front companies and a Chinese supplier that support a Pyongyang program of planting remote IT workers into Western corporations. The front companies are Korea Osong Shipping and Chonsurim Trading Corporation.
This week, BitMEX fined $100M, prosecutors sought return of Bitfinex funds, Mango Markets shut, a Web3 attack method; pastor charged in crypto scam, CFPB proposed firms refund hack victims, 2024 crime stats, Wolf Capital co-founder's guilty plea, Thai Bitcoin miners seized and a New York AG lawsuit.
Despite significant law enforcement disruptions to the Ransomware-as-a-Service ecosystem, cyber threats continue to escalate. This year’s findings reveal a record number of ransomware victims in 2024, emphasizing the need for strong, adaptive cyber defenses.
The GRIT 2025 Ransomware & Cyber Threat Report...
Hackers possibly from the Russian Main Intelligence Directorate have been spying on neighboring government of Kazakhstan using legitimate documents that have been booby-trapped with malicious macros. The latest campaign, dubbed "Double-Tap," emerged in October 2024.
The U.S. federal government's first hint that Chinese hackers penetrated American telecommunications infrastructure came from telemetry on government networks, said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency.
A medical supply firm will pay $3 million to settle issues found by a HIPAA investigation into a breach. Also, a public health system will pay $60,000 to resolve a right-of-access dispute. The cases are among the latest in a spate of HIPAA enforcement actions as the Biden administration wraps up.
While ransomware groups' data-leak sites regularly lie, if taken at face value, in December 2024 they collectively listed the largest number of victims ever seen in a one-month period, dominated by RansomHub, Play and Akira operations, plus a bevy of newcomers, researchers report.
Over the past two years, AI enabled by a cloud interface has ushered in the age of cloud 3.0. The industry is evolving faster than anyone could predict, forcing organizations to rethink their security and risk strategies, said Jim Reavis, CEO and co-founder at Cloud Security Alliance.
Navigate the complexity of modern cybersecurity with insights from Marty McDonald (Optiv) and Rob Rachwald (Palo Alto Networks). Learn how unifying platforms can drive advanced detection and response in next-gen SecOps.
Some key takeaways from this session include:
Streamlined Integration: Address...
A ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS's server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.
Six months after a ransomware attack temporarily crippled its blood donation and distribution activities, Florida-based nonprofit OneBlood is reporting a data breach to regulators that affected donors' personal information. Why is the incident reawakening healthcare supply chain concerns?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
