Russia-Ukraine War: Over 300 Cyber Operations Seen So Far

Mathew J. Schwartz • August 9, 2022

The ongoing Russia-Ukraine war has featured cyber operations being used to target Ukraine as well as Russia. But CyberPeace Institute, which tracks cyberattacks tied to the conflict, has so far seen 27 different countries being affected by more than 300 attacks, and many have affected civilians.

Anti-Phishing, DMARC

Crypto Bridge Nomad Loses $190M in Free-For-All Attack

Latest

Blockchain & Cryptocurrency

North Korean Cryptocurrency Hacking Poised to Get Even Worse

Prajeet Nair • August 9, 2022

North Korean state-sponsored theft of cryptocurrency could intensify once cryptocurrency becomes accepted as a means of payment settlement, said a panelist at a think tank event in Washington. The United States and South Korea in 2021 committed to enhanced collaboration over cybercrime.

Next-Generation Technologies & Secure Development

Sophos' Kris Hagerman on Powering Cybersecurity as a Service

Michael Novinson • August 9, 2022

The rise of ransomware brokers and the continued talent shortage mean defenders increasingly need security technology managed on their behalf, Sophos' Kris Hagerman says. Customers must manage all their security products from a single platform and analyze the data these tools generate, he says.

Governance & Risk Management

OneTrust's Blake Brannon on Unifying Privacy and Governance

Michael Novinson • August 9, 2022

OneTrust has put nearly $1 billion in investment to good use, helping companies address data governance, security assurance, third-party risk and more, Chief Strategy Officer Blake Brannon says. OneTrust has taken on challenges such as monitoring the ethical use of data and verifying compliance.

Cybercrime as-a-service

Ransomware Leak Site Listings Invite Follow-On Attacks

Prajeet Nair • August 9, 2022

Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos. The cybersecurity firm says it's seen an uptick in incidents involving multiple criminal gangs demanding a ransom for unencrypted victims' files.

Anti-Money Laundering (AML)

Fresh Guilty Plea Follows Crackdown on BitMEX Exchange

Mathew J. Schwartz • August 9, 2022

A high-ranking employee at Bitcoin Mercantile Exchange, or BitMEX, has pleaded guilty to violating the Bank Secrecy Act, which requires financial institutions to help prevent money laundering. The plea by Gregory Dwyer follows BitMEX's three founders all pleading guilty to the same charge.

3rd Party Risk Management

Cyberattack on NHS Vendor Already Offering Critical Lessons

Marianne Kolbasuk McGee • August 8, 2022

As the U.K.'s National Health Service continues to deal with the impact of a cyberattack on one of its critical IT suppliers, the situation underscores the risks posed by vendors - and the need to have business continuity plans ready to deploy.

Governance & Risk Management

Hatem Naguib on Charting Barracuda's New Course Under KKR

Michael Novinson • August 8, 2022

President and CEO Hatem Naguib expects Barracuda Networks to pursue more midmarket growth opportunities in both North America and internationally under private equity firm KKR's tutelage. The company will move from Thoma Bravo to KKR's control for a reported $4 billion in a deal announced in April.

Fraud Management & Cybercrime

Beyond Security: Forrester's Bot Management Q2 Trends

Anna Delaney • August 8, 2022

Sandy Carielli, principal analyst at Forrester, shares research on the latest bot management trends. Forrester found that while bots affect security, e-commerce, marketing, fraud and other teams, security professionals are still the most common bot management users.

Network Detection & Response

James Foster on Taking ZeroFox Public in Hard Economic Times

Michael Novinson • August 8, 2022

James Foster has been swimming against the current for months, taking ZeroFox public by merging with a special-purpose acquisition company despite the worsening economic conditions. The Nasdaq Stock Exchange listing makes ZeroFox the first cybersecurity company to go public in all of 2022.

Blockchain & Cryptocurrency

US Treasury Sanctions Tornado Cash, Freezes Its Assets

David Perera • August 8, 2022

The federal government today sanctioned Tornado Cash. The Department of Treasury ordered assets of the Ethereum blockchain cryptocurrency mixer to be frozen and says civil and potentially criminal penalties await anyone under U.S. jurisdiction who uses the service.

Finance & Banking

How To Reduce Authorized Payment Fraud

Suparna Goswami • August 8, 2022

What makes authorized payment scams hard to detect? The speed and volume of transactions hinders banks in monitoring for fraud, but David Lott, payments risk expert with the Federal Reserve Bank of Atlanta, says educating customers and leveraging the right technology can help reduce scams.

Fraud Management & Cybercrime

Hunting the Bad Guys Behind Golden SAML Attacks

Steve King • August 8, 2022

In this episode of "Cybersecurity Unplugged," Yonatan Khanashvili describes in detail how Golden Security Assertion Markup Language attacks occur and how SOC platforms with much greater capacity to cross-correlate data than legacy SIEMs can help defenders detect and hunt for them.