A ransomware gang claims to have stolen SIM card data and banking information in an attack on Schepisi Communications, a service provider to Australian telecommunications company Telstra, a local news outlet reports.
The Biden administration will prioritize cybersecurity in its $1 billion IT modernization grant program for federal agencies, which will be overseen by the General Services Administration and the Office of Management and Budget.
With consumers relying more heavily on e-commerce during the pandemic and beyond, leveraging behavioral biometrics for authentication is an effective strategy, says Coby Montoya, a fraud-fighting and authentication strategist at a financial company.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
CISA is investigating whether five U.S. government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to a senior official. Security researchers believe that at least two nation-state groups have been attempting to exploit these flaws.
The Internal Revenue Service is sharpening its expertise in cryptocurrencies to help prevent their use for tax evasion and money laundering, says Jarod Koopman, a director at the agency. The IRS is partnering with companies that have developed techniques and technologies for tracing blockchain transactions.
Four editors at Information Security Media Group discuss timely issues, including how the zero-day attacks against Accellion File Transfer Appliance users have rewritten the rules of the cyber extortion game and former federal CISO Gregory Touhill taking on an important new role.
The Babuk ransomware gang says it will no longer launch attacks but instead will make its malware source code available for other attackers to use. The gang took credit for recent attacks against the Washington, D.C. Metropolitan Police Department and the Houston Rockets basketball team.
Some security experts are questioning whether Experian is doing enough to ensure security after a researcher discovered that an API the credit reporting firm uses to allow lenders to check the credit score of prospective borrowers could expose customer's scores.
A coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.
A bipartisan group of lawmakers has introduced a legislative proposal that would create a program, similar to the National Guard, to deploy those with tech and security skills during significant cyberthreats, such as the recent SolarWinds and Microsoft Exchange attacks.
Phishing, online fraud, cryptocurrency scams – they are coming at lightning speed, threatening enterprises and their brands. And just as fraudsters rely on automation to deliver these attacks, defenders can use automated tools to protect their brands. Jeff Baher of Bolster tells how.