Amid a surge in cryptocurrency investment - particularly across DeFi - blockchain experts warn that lax security was a main factor in $1.3 billion in cryptoassets being lost to hacks, exploits and scams in 2021. The losses, according to CertiK, rose from $500 million in 2020.
In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.
The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.
To crack down on the criminal use of cryptocurrency, including for ransomware, authorities are increasingly targeting "cryptocurrency businesses that do not have the compliance controls in place necessary to mitigate the risks of illicit activity," says Ari Redbord of TRM Labs.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Dutch police have detained Moscow businessman Denis Dubnikov after the U.S. accused him of receiving bitcoins worth $400,000 paid to Ryuk as ransoms by its victims. The U.S. is seeking to extradite the suspect, as the Biden administration's crackdown on ransomware continues.
Four editors at ISMG discuss important cybersecurity issues, including law enforcement agencies' crackdown on ransomware operations, how banks are building their technology stacks to counter card fraud and whether the "work from anywhere" model is beneficial for employees in the long term.
CoinMarketCap says it has found no evidence of a data beach despite the circulation of a list of 3.1 million email addresses that correlates with accounts on its service. Regardless of the source, the list would be useful for attackers to launch phishing attacks against those interested in cryptocurrency.
In the latest weekly update, four ISMG editors discuss: a federal judge imposing the maximum sentences on a hacker who pleaded guilty to conspiracy and aggravated identity theft, regulators getting tougher on cryptocurrency lending platforms and the return to in-person roundtables.
The latest edition of the ISMG Security Report features an analysis of the arrest of two suspects tied to a major ransomware group in Ukraine. Also featured: Introducing "The Ransomware Files" and defining the next-gen CISO.
The U.S. Department of Justice said this week it will pursue government contractors that fail to report cybersecurity incidents. The department also announced the formation of a Cryptocurrency Enforcement Team to prosecute the misuse of virtual currencies.
The latest edition of the ISMG Security Report features an analysis of how a cryptocurrency exchange bug has revealed North Korean monero laundering. Also featured are cyber insurance trends and cybercrime innovation.
Weaknesses in the systems of ShapeShift, a U.K.-based cryptocurrency exchange, reveal how a North Korean-linked group laundered cryptocurrency that came from the WannaCry 2.0 attack. The issues undermined some protections in Monero, a cryptocurrency designed to provide a high degree of privacy.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.
Cryptocurrency exchange Coinbase faces potential user trust challenges after a system error led it to send out false automated security alerts to about 125,000 customers indicating their two-factor authentication settings had been changed.