According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
Budget-strapped and short of cybersecurity talent, SMBs have a hard row to hoe when it comes to securing their businesses. Will Ehgoetz, manager of Threat Hunters at ActZero.ai, discusses the challenges SMBs face when they take a vector-by-vector approach to security.
Budget constraints are the reason many enterprises have not been able to move to the next stage in applying data analytics for fraud and risk management, says Andi McNeal, director of research at the Association of Certified Fraud Examiners.
The U.S.-China Economic and Security Review Commission on Thursday held a daylong hearing on cybersecurity threats posed by Xi Jinping-led China, including the nation's expansive cyberespionage and disinformation capabilities, along with its technical prowess in cyberwarfare.
Data privacy is top of mind early this year, but it comes loaded with questions. Is it a CTO or CISO problem? Does securing data make it both beyond the reach of bad guys and hard to use for businesses? Manish Ahluwalia answers these and other key data privacy questions.
Two recent hacking breaches affecting hundreds of thousands of individuals - one reported by a firm that provides services to health plans and the other by a government contractor - serve as the latest reminders of the risks involving vendors that handle sensitive personal data.
Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which - since at least 2017 - has consistently used more than a dozen remote access Trojans to control compromised machines, according to a report from Proofpoint.
What security functions should be kept in house, and which ones should be outsourced? The sands are shifting: the days of a fully in-house security operations center are probably gone now, says Elrich Engel, CISO and director of data and architecture at AMP, an Australian financial services company.
The latest edition of the ISMG Security Report features an analysis of takedowns of multiple Russian-language cybercrime markets and communities by Russian authorities. It also describes the role of cryptocurrencies in the banking sector and how the identity market will evolve in 2022.
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Unknown hackers have stolen about $1.9 million from South Korean cryptocurrency platform KLAYswap using a Border Gateway Protocol hack in the server infrastructure of one of its suppliers even though service implementers have known about BGP hijack attacks for decades and mitigations for them exist.
An advanced persistent threat group with ties to Iran has updated its arsenal to include a newly developed backdoor called Marlin to attack organizations in the Middle East, according to researchers at cybersecurity firm ESET.
In a preliminary report, the European Data Protection Supervisor has urged EU officials to ban the use and deployment of military-grade surveillance products, citing recent findings around the NSO Group's flagship spyware tool, Pegasus.
A consolidated legal case that includes allegations of embezzlement, trade secret theft and intimidation offers an inside look at a complicated and messy alleged insider breach reported last year by a Texas-based accountable care organization.
CISA, FBI and NSA issued a joint advisory on Wednesday pointing to Russian state-sponsored activity against defense contractors. Officials say they have tracked threat actors compromising cleared defense contractors supporting several branches of the U.S. military and the intelligence community.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.