The LockBit ransomware operation claims to have stolen data from a Texas-based supplier to Elon Musk's SpaceX, which designs, manufactures and launches rockets and spacecraft. It's the latest PR-grabbing attempt by the prolific LockBit extortion group.
Key to the business success of top ransomware groups remains their ability to find innovative new ways to amass victims. For Hive, which received more than $100 million in ransom payments before being disrupted by law enforcement, the new business strategy that helped it thrive was co-working.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
In the latest weekly update, John Kindervag, creator of zero trust and senior vice president of cybersecurity strategy at ON2IT, joins ISMG editors to discuss the top zero trust storylines of the year, the impact of ChatGPT on the cybersecurity industry and how to tackle MFA bypass attacks.
Will large language models such as ChatGPT take cybercrime to new heights? Researchers say AI for malicious use so far remains a novelty rather than a useful and reliable cybercrime tool. But as AI capabilities and chatbots improve, the cybersecurity writing is on the wall.
The founding team behind SOAR vendor Demisto has started a passwordless authentication and user management platform company that caters to the developer community. Descope helps developers embed authentication in the application build process and competes with Auth0 in the CIAM space.
As ransomware continues to disrupt British organizations, the U.K. for the first time has sanctioned alleged cybercriminals, including accused Conti and TrickBot operators. Ransomware victims must conduct due diligence before paying any ransom, as violating sanctions carries severe penalties.
Identity verification and lack of WebAuthn implementation in legacy applications and smartphones are two of the biggest challenges associated with adopting FIDO authentication. Merck Germany's Andreas Pellenghar also says the current setup of jumping to a browser to log in is turning people off.
Phishing is the number one way to compromise accounts, and Google's Christiaan Brand says passkeys have emerged as a great technical solution to the issue. He wants to ensure what FIDO Alliance has built benefits and is relevant to how Google wants to see passkeys implemented for its own accounts.
The LockBit group has gone from denying it had any involvement in the ransomware attack on Britain's Royal Mail to trying to bargain for a ransom. The ransomware group's site now lists Royal Mail as a victim and demands it pay a ransom or see stolen data get dumped.
Security practitioners are putting cognitive psychology and customer experience at the forefront of new product development in a push for usability, says Trusona's Kevin Goldman. Getting user experience designers familiar with products allows them to speak meaningfully with the security team.
The guardrails organizations use to protect employee identities are often ineffective for contractors, business partners or vendors since they bring their own devices. Many businesses struggle to implement identity safeguards in a setting that's more heterogeneous and offers fewer controls.
Bad news for ransomware groups: Experts find it's getting tougher to earn a crypto-locking payday at the expense of others. The bad guys can blame a move by law enforcement to better support victims, and more organizations having robust defenses in place, which makes them tougher to take down.
PayPal is notifying 34,942 Americans that a hacker accessed their personal information during a two-day credential stuffing attack in early December. The San Jose, California-based company says it has not detected unauthorized transactions emanating from affected accounts.
Attackers have caught up with legacy multifactor authentication tools that use push technology or one-time passcodes, boosting the need for phishing-resistant MFA, says Jeremy Grant. In response, government officials such as CISA Director Jen Easterly have championed FIDO since it's mature and open.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.