Despite the recent leak of internal communications and code from the Conti ransomware group, the criminal enterprise appears to have continued operations without breaking stride, in part thanks to constant innovation, security researchers report.
Speaking about his role as managing director, business information security, at financial giant State Street, TJ Hart says, "I wake up nervous, and I go to bed nervous." But he channels that energy into trying to better understand the threat landscape and use that data to make better business risk decisions.
The latest edition of the ISMG Security Report analyzes how the U.S. government is offering a reward of up to $5 million for information to help it disrupt the illicit flow of funds to North Korea. The report also examines approaches to enhance banks' cyber defenses and U.S. regulatory trends.
Lynn Peachey, the director of business development at Arete Incident Response, says that insurance companies have made "a pretty quick turnaround in terms of trying to respond to the ransomware epidemic." She discusses the changes they are making, which include leveraging data quantification.
The Conti ransomware group has been targeting the U.S. and its allies since the beginning of the Russia-Ukraine war. But in the latest large-scale attack on a single country, Conti has reportedly targeted at least five Costa Rican government agencies and leaked nearly 40GB of exfiltrated data.
VMware's Tom Kellermann is out with Modern Bank Heists 5.0, his latest look at the attackers and attacks targeting financial services. Subtitled "The Escalation," this report looks at the increase in destructive attacks, ransomware and hits on cryptocurrency exchanges. Kellermann shares insights.
Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.
Leon Ravenna, CISO of KAR Global, starts each day on the job with the expectation that this could be his last. That's how urgent cybersecurity has become, and it's in part why he's driven to dispatch the image of the CISO as the bureaucratic "Dr. No."
Mimecast has released its latest State of Email Security Report, and it finds that 75% of companies were hurt by ransomware attacks in 2021 - up from 60% in 2020. Thom Bailey analyzes these results and discusses the role of emerging technology in building cyber resilience.
Ransomware and nation-state threats are daunting. But the threat that concerns Mustapha Kebbeh the most is supply chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.
A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," says former National Security Agency deputy commander Tim Kosiba, CEO of security firm bracket f.
A branch of the U.S. Department of Homeland Security says that it stopped an international hacking group from launching a major cyberattack on an underground cable system's servers. If the attackers had been successful, the incident could have become a national security threat, security experts say.
Accenture's new ransomware report reveals key challenges in executing an effective communications plan. Robert Boyce, managing director of global cyber response, discusses why existing recovery strategies aren't enough and offers practical steps for managing a ransomware response.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.