The FBI has released an advisory stating that the TrickBot Group, which operates the TrickBot banking trojan and the backdoors Anchor and BazarBackdoor, was also behind the Diavol ransomware that attacked corporate networks. The advisory details Diavol and offers some protective measures against it.
To guard against future threats to clients' crypto assets after a hack totaling millions in stolen funds, Crypto.com will require all new whitelisted withdrawal addresses to be registered within 24 hours before the first withdrawal. "Users will receive notifications that withdrawal addresses have been added, to give them adequate time to react and respond," Crypto.com said in a statement.
As attacks on critical infrastructure increase, the UK government might widen the Network and Information Systems Regulations, which require essential services companies, such as those in energy and health care, to meet security obligations. "Cyberattacks are often made possible because criminals and hostile states cynically exploit vulnerabilities in businesses' digital supply chains and outsourced IT services that could be fixed or patched," says Julia Lopez, minister of state for media, data and digital infrastructure.
A hack of The International Committee of the Red Cross has exposed information on roughly 515,000 war and disaster victims and forced the organization to shut down its family reunification program systems. Spokesperson Crystal Wells says data was likely stolen but that the Red Cross cannot say for sure.
The Institute of CyberSecurity and Innovation teaches high schoolers about cyberattack response, surrounded by video walls displaying live intelligence. "This display technology has become key to the instructional process," says senior iCSI instructor Josh Beck, adding, "It is great to be able to have displays of sufficient resolution and size that all students can easily see all relevant information."
An insider risk management plan that defines what HR, legal, security, IT and the business unit must do if there is an internal threat to data will help firms respond effectively. When Ubiquiti's mitigation team faced this issue, they prevented the exfiltration from escalating by executing the plan as soon as unusual activity was spotted.
Google is urging US and EU lawmakers to create a more secure, durable framework for transferring data between nations. Google's Chief Legal Officer Kent Walker writes in a blog post that failure to replace the General Data Protection Regulation might result in blocked data flows.
US taxpayers will have to use facial recognition technology to file online, a process that requires utility bills and government identification as well as video footage, beginning this summer. Vendor ID.me could retain user data for multiple years, even from those who delete their accounts.
Computing requirements grow as more companies adopt data analytics, leading to the rise of high-performance computing as a service. Licensing, data movement and security can be problems, but many companies are finding that HPCaaS can cut time and costs.
No-code automation platform Bryter is working with Accelance, a consulting firm focused on robotic process automation, to build workflows for Bryter clients. The arrangement will allow clients to receive "an out-of-the-box product for an existing problem," such as an environmental, social and governance reporting suite, Bryter CEO Michael Grupp says.
- Page 1