What actually happens when a company examines third-party risk
More than zero-days or machine learning, this is what CISOs are constantly measuring on a day-to-day basis.
Email scammers stole more than $150K from defense contractors and a university, FBI says
Scammers were able to obtain fraudulent lines of credit to buy expensive technical equipment in the organizations’ names, the FBI said last week in an industry advisory obtained by CyberScoop.
Chinese e-commerce giant Gearbest leaks millions of records, researcher finds
“Gearbest’s database isn’t just unsecured. It’s also providing potentially malicious agents with a constantly-updated supply of fresh data.”
UN report links North Korean hackers to theft of $571 million from cryptocurrency exchanges
The U.N. panel is increasingly taking note of North Korea's use of cyber operations to circumvent sanctions.
Latest Pakistan bank-card fraud looks like an actual breach, researchers say
New York-based threat intelligence company Gemini Advisory says it appears that a card-information dump in January points to a more aggressive level of hacking beyond point-of-sale attacks.
Deadline passes for companies to comply with New York's cybersecurity regulation
The New York State Department of Financial Services Cybersecurity Regulation goes into full effect Friday.
Third suspect in Methbot, 3ve case to plead not guilty after extradition from Malaysia
Sergey Ovsyannikov's court appearance will mark the third time an accused 3ve/Methbot group member will be extradited and enter a not guilty plea.
Russian hacker accused of creating NeverQuest malware pleads guilty
Stanislov Lisov created the NeverQuest banking malware that was used against hundreds of financial institutions
Researchers paint different portraits of hackers behind Ryuk ransomware
Analysts poring over Ryuk are coming to different conclusions, highlighting the subjective side of cyberthreat studies.
U.S. busts Romanian cybercrime ring that phished Americans, laundered millions of dollars
The scheme involved an elaborate amount of social-engineering with a dose of phishing.