A Chinese and a Hong Kong national are each under U.S. federal indictment for their roles in channeling cryptocurrency stolen by North Korean hackers into hard currency. Prosecutors also indicted a North Korean man for representing the sanctioned Korea Kwangson Banking Corp.
Over a five-year span, reported BEC incidents cost global enterprises more than $43 billion in losses. This trend has the attention of the U.S. Secret Service. Agents Kevin Cooke and Abigail Tyrrell discuss why law enforcement partnerships and speed of response are more critical than ever.
According to findings from the Identity Theft Resource Center's 2023 Q1 Data Breach Report, the number of publicly reported data compromises decreased, but the number of data breaches with no actionable information about the root cause of the compromise grew.
Threat actors are exploiting Kubernetes Role-Based Access Control in the wild to create backdoors and to run cryptocurrency miners. Researchers observed a recent campaign that targeted at least 60 Kubernetes clusters by deploying DaemonSets to hijack and steal resources from the victims' clusters.
A North Korean backdoor targeting Linux desktop users shares infrastructure with the hacking group behind the 3CX software supply chain hack. Cybersecurity firm Eset analyzed the backdoor and connected it with a Pyongyang fake job recruiting campaign generally known as Operation Dream Job.
In the latest weekly update, finance security expert Ari Redbord joins ISMG editors to discuss takeaways from the U.S. Treasury's 2023 DeFi Illicit Finance Risk Assessment, the state of blockchain analytics and where it is headed, and traction for FinCEN's Financial Action Task Force Travel Rule.
The North Korean software supply chain attack on a Chicago financial trading software developer infected additional victims besides 3CX, including organizations in the energy sector, says Symantec Threat Hunter Team. One organization is located in the United States, the other in Europe.
The Federal Reserve's FedNow Service will launch in July this year. Many banks, including community banks, will be able to leverage FedNow as an instant payment platform. How can these banks prepare for faster payments, and what security controls should they consider adding?
She's been assistant general counsel at the CIA and undersecretary at the Department of Homeland Security. She is on the Cyberspace Solarium Commission. Now an adviser to the Center for Strategic and International Studies, Suzanne Spaulding will keynote at RSA Conference 2023. Her topic: ransomware.
In the days between April 14 and April 20, the spotlight was on the U.S. Consumer Financial Protection Bureau, a ransomware attack on American payments firm NCR, German automotive and arms producer Rheinmetall, state agencies in the Philippines, Indian rental platform RentoMojo, and Point32Health.
Ukraine should brace for more Russian wiper and ransomware attacks, concluded a panel of cyber threat intel experts and government officials in a report assessing the cyber dimensions of Moscow's ongoing war of conquest against its European neighbor.
Hackers who turned a zero-day in Fortra's GoAnywhere software into a bonanza of ransomware attacks for Russian-speaking extortion group Clop first penetrated the company's software in January. Hackers exploited some on-premises instances of the file transfer software as early as Jan. 18.
Between April 14 and 20, hackers stole $23 million from Bitrue, $7 million from Hundred Finance and $10.5 million from 11 blockchains. The SafeMoon hacker returned 80% of the stolen $8.9 million, MetaMask suffered a third-party breach and Kyber Network advised LPs to withdraw funds from Elastic.
North Korean hackers' attack on desktop phone developer 3CX was the fruit of a separate and previously undisclosed supply chain attack on a financial trading software developer, is the conclusion of the Mandiant forensics team brought in to investigate.
The global commercial spyware market will expand over the next five years as demand for advanced surveillance tools by governments surges, says a new report from the U.K.'s National Cyber Security Center. The NCSC assesses that at least 80 countries have purchased advanced spyware apps.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.