Topics: Cybercrime, Fraud Management & Cybercrime, Governance & Risk Management Also: Recent Breaches at OnePoint Patient Care and French ISP Free Anviksha More (@AnvikshaMore) • October 31, 2024 Image: Shutterstock / ISMG Each week, ISMG compiles notable cybersecurity incidents and data breaches from across the globe. This week, S&P Global…
The Importance of Effective Offboarding Practices in Mitigating Insider Risks A recent analysis by Wing Security has revealed a concerning trend in corporate data security: approximately 63% of businesses might have former employees still authorized to access sensitive organizational data. This statistic underscores the pressing need for businesses to automate…
Illumio Advocates for Zero Trust Approach Amid Rising Cybersecurity Threats In the evolving landscape of cybersecurity, Illumio, a leading vendor specializing in zero trust segmentation, emphasizes the necessity of adopting an “assumed breach” mindset. This approach posits that organizations should act as if a breach has already occurred, regardless of…
Cloudflare Disrupts Phishing Campaign Targeting Ukrainian Entities On Thursday, Cloudflare announced that it has taken measures to disrupt an extensive phishing campaign that has been ongoing for a month. This operation is attributed to a Russia-aligned threat actor known as FlyingYeti, which has specifically targeted Ukraine amidst ongoing tensions in…
The cyber threat group known as Arid Viper, also referred to as APT-C-23 or Desert Falcon, has emerged as the perpetrator behind a recent Android spyware campaign aimed at Arabic-speaking individuals. This sophisticated operation involves the distribution of a fake dating application that is designed to infiltrate users’ devices, extracting…
Cybersecurity experts at Netcraft have identified a sophisticated phishing kit named “Xiū gǒu,” which has been active since September 2024 and is specifically targeting users in multiple countries, including the UK, US, Spain, Australia, and Japan. This malicious toolkit exploits a range of public and private sector services, such as…
As businesses worldwide continue to embrace Artificial Intelligence (AI), a pivotal shift is occurring in the way organizations comprehend risk and compliance. These elements are evolving from mere bureaucratic requirements into vital aspects for successfully embedding AI within corporate frameworks. In the past, efforts related to risk and compliance were…
Volt Typhoon, APT31, APT41 Target Sophos Firewall Devices: A Wake-Up Call for Cybersecurity In a significant disclosure, firewall manufacturer Sophos reported a sustained five-year assault by various Chinese state-sponsored hacking groups on its security appliances. The revelation, described by Sophos as a crucial wake-up call for the cybersecurity sector, highlights…
The United States Department of Justice (DoJ) announced on Wednesday the dismantling of what it claims to be “likely the world’s largest botnet,” which was composed of approximately 19 million compromised devices. These infected machines were made available to various malicious actors for a variety of cybercrimes. This extensive botnet,…
