Researchers have identified two legitimate-looking malicious npm packages that concealed an open-source info stealer for two months before being detected and removed. Developers downloaded the TurkoRat malware about 1,200 times from open-source repositories.
MiCA's consumer protection provisions extend to cybersecurity, with its anti-money laundering, cyberattack liability and travel rule clauses. ISMG contributors Ari Redbord of TRM Labs and Troy Leach of Cloud Security Alliance discuss its impact on cybercrime, compliance challenges and the way ahead.
In the latest weekly update, four ISMG editors discuss the mounting fallout from the March hack of Capita and accompanying data breach, the comprehensive crypto regulation adopted by the EU, and Crosspoint Capital's agreement to purchase Absolute Software for $657 million.
Identity is more important than ever in today's "work from anywhere" world where the need for secure authentication has become paramount. Zero Trust Authentication complements security investments in EDRs, EPPs, SIEMs and existing SSOs and delivers a passwordless experience that drives productivity.
In the days between May 11 and May 18, the Uranium Finance hacker laundered more stolen funds, LayerZero launched a $15 million bug bounty program, the European Union adopted comprehensive cryptocurrency legislation, and Ledger faced backlash on its seed phrase recovery solution.
Fifteen months after Russia intensified its illegal invasion of Ukraine, experts say top cyber defense lessons policymakers and defenders should apply include focusing on resilience. Building for resilience acknowledges the inevitability of ongoing attacks.
Data443 has bought Cyren's threat intelligence, URL categorization and email security technology out of bankruptcy for up to $3.5 million. Buying Cyren's anti-spam, virus outbreak detection, IP reputation, URL filtering and Threat InDepth data feeds will boost Data443's existing product portfolio.
The European Union on Tuesday formally adopted the world's first comprehensive regulatory regime for the cryptocurrency industry in a measure supporters say will tame volatility illustrated by high-profile crashes such as FTX. The proposal, known as MiCA, will go into effect progressively.
The chief executive of the company behind generative artificial intelligence tool ChatGPT called for global regulations, including licensing, in testimony before a U.S. congressional panel. The Biden administration is already investigating mechanisms to ensure an "AI accountability ecosystem."
IBM has bought a startup founded by a longtime security leader in the Israeli Prime Minister's Office to ensure personal identifiable information isn't left unprotected. The deal will ensure sensitive data isn't exposed in public cloud data stores or SaaS apps like Slack, SharePoint or Office 365.
Yigal Unna, former DG, National Cyber Directorate, Israel, emphasized the importance of continued collaboration between defenders and the formation of a Global Cyber Cabinet consisting of more than 20 national CISOs from leading countries working to dismantle cybercrime syndicates.
The "shift left" movement puts "unrealistic" expectations on developers, said Gayatri Prakash, vice president and general manager of compliance at CloudBees. She said installing new tools to manage various parts of the SDLC is not necessarily "going to solve our problem for security."
In the latest weekly update, ISMG editors discuss how the Feds have dismembered Russia's 'Snake' cyberespionage operation; the ongoing debate over privacy laws and regulations in the APAC region; and why more companies are banning the use of generative AI tool ChatGPT.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.