Latest

Blockchain & Cryptocurrency

OCC Chief Calls for Collaboration in Crypto Regulations

Devon Warren-Kachelein  •  January 15, 2022

With 16% of U.S. citizens using a cryptocurrency trading platform, OCC acting Chief Michael Hsu urges collaborative efforts to pass cryptocurrency regulations, which he says could lead to greater innovation in the space.

Blockchain & Cryptocurrency

North Korean APTs Target Cryptocurrency Startups

Devon Warren-Kachelein  •  January 14, 2022

A new Lazarus-linked APT threat known as BlueNoroff has emerged and is actively targeting cryptocurrency startups in a campaign called "SnatchCrypto." Research by Kaspersky found that more than 15 venture businesses and their employees have fallen victim to the nation-state threat actors.

3rd Party Risk Management

Why Third Parties are the Source of So Many Hacks

Isa Jones  •  January 14, 2022

Protecting your critical access points and assets should be the number one priority in your cybersecurity strategy.

Governance & Risk Management

Insider Threats are a Quiet Risk in your System

Isa Jones  •  January 14, 2022

No matter the root cause, the result is the same: reputation damage, fines, compliance issues, and of course the ripple effects that extend outward from a breach.

Governance & Risk Management

Zero Trust Is More Than A Buzzword

Isa Jones  •  January 14, 2022

Since no one is trusted in this model, insider and outsider access needs to be verified and authenticated each time a user logs into a system.

3rd Party Risk Management

Log4j Updates: Flaw Challenges Global Security Leaders

Devon Warren-Kachelein  •  January 12, 2022

The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.

Fraud Management & Cybercrime

Ransomware's Threat to the Mainframe

Tom Field  •  January 10, 2022

One common misconception about the mainframe is that ransomware poses no significant threat to it. Edward Shim of BMC Software dispels this myth and offers insight on how to shore up some of the mainframe's inherent weaknesses that adversaries may target.

DevSecOps

Mainframe DevOps: What Modernization Means

Tom Field  •  January 10, 2022

"Mainframe" and "modernization" are not often used in the same sentence. But Eric Odell and Paul Allard of BMC Software share a mainframe DevOps strategy that can result in cost savings, automation efficiencies and reduced risk of mainframe defects.

Blockchain & Cryptocurrency

Norton 360 Offering Contains Controversial Cryptominer

Dan Gunderman  •  January 7, 2022

A new feature on antivirus product Norton 360 has left cybersecurity experts baffled, as the company has made a play in the cryptocurrency space with a tool that will mine Ethereum while users' computers are idle. Observers call it a puzzling move and that the feature may be difficult to uninstall.

►

Blockchain & Cryptocurrency

ISMG Editors: Secrets and Lies of Ransomware Operators

Anna Delaney  •  January 7, 2022

In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.

Cryptocurrency Fraud

Coming Invasion? Russian Cyber Activity in Ukraine Escalates

Anna Delaney  •  January 7, 2022

The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.

Anti-Money Laundering (AML)

Israel Tracks, Seizes Cryptocurrency From Hamas-Linked Firm

Prajeet Nair  •  January 3, 2022

The Israeli Ministry of Defense reportedly seized $836,168 worth of cryptocurrency from a currency exchange firm with ties to the Hamas terrorist group. The use of cryptocurrency by cybercriminals may be advantageous to law enforcement agencies, according to some experts.