Kia Motors America has allegedly suffered a ransomware attack by the DoppelPaymer gang. The gang is demanding $20 million for a decryptor and not to leak stolen data, according to news reports.
If the experiences of 2020 taught us anything, it’s that risk in the modern world cannot be understood or sufficiently mitigated with a siloed approach. Individual threats, such as regulatory risk and IT security, converge. Lacking a high-level view, it’s difficult to see the web of cause and effect – making it more difficult to anticipate, prepare, or mitigate the biggest risks. 2020 may be over, but the challenges remain in 2021. Compliance and risk management will need a shared umbrella of information and communication to tackle the complex, integrated risks of today’s landscape.
The acceleration of digitization initiatives was paramount to ensure business continuity during this global crisis. As we rebuild economic stability in 2021, technology – especially automation and security – will play a significant role in positioning enterprises to return to growth.
A federal indictment charged three North Korean computer programmers with participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform.
Listen to Ian Thornton-Trump, CISO of Cyjax, and his talking partner Tristan de Souza as they ruminate on some of the biggest issues in cybersecurity and geopolitics each and every month in this highly informative and entertaining video podcast. This month's episode looks at whether U.S. President Joe Biden has committed sufficient resources to cybersecurity; discusses ‘the Putin problem’; ponders about phishing in a pandemic; and talks about the GameStop blow-up.
SHAREit, an Android application which has been downloaded more than a billion times, contains unpatched security vulnerabilities that the app maker has failed to fix for more than three months, according to a Trend Micro report.
Malwarebytes announced the findings of its annual “State of Malware” report. The latest report explores how the global pandemic forced many employees to quickly become a remote workforce and confined consumers to their homes. In the wake of this change, cybercriminals ditched many of their old tactics, placing a new emphasis on gathering intelligence, and exploiting and preying upon fears with targeted and sophisticated attacks. As a result, the State of Malware Report found a notable shift in the devices targeted and strategies deployed by cybercriminals.
Every week there seems to be a news story about another massive data breach with millions—and sometimes billions—of records containing personal data lost or stolen. We regularly hear about cyberattacks involving brute-forcing secure logins or exploiting software flaws, but there’s a new segment of the cybercriminal economy that’s growing fast: attackers who target companies that have unintentionally left data out in the open via misconfigured databases.
Bottomline and Strategic Treasurer released the results of the 2021 Treasury Fraud & Controls Survey. This is the 6th annual survey between the long-time collaborators, whose research partnership also includes the annual B2B Payments Survey. As in prior years, the 2021 survey gathered details about corporate and banking experiences, actions and plans regarding fraud. Results show that the pandemic accelerated both the threat of fraud and the response to it, with corporate and banking alignment on defensive automation.
As part of an effort to help users apply its well-known Cybersecurity Framework (CSF) as broadly and effectively as possible, the National Institute of Standards and Technology (NIST) has released finalized cybersecurity guidance for positioning, navigation and timing (PNT) services.