A thief stole $1.25 million worth of cryptocurrency from DeFi protocol New Free DAO in a flash loan attack and so far has cashed out nearly half of the funds. The attack resulted in a sharp drop in the platform's native token $NFD, whose value slumped more than 99% day-on-day on Thursday.
The United States hit Iran with a new round of sanctions after linking Tehran with the July cyberattack against Albania. The sanctions are more symbolic than material in effect but send a message that hacking U.S. allies has consequences.
Organizations must think differently about how to detect adversaries in the cloud rather than merely shifting their on-premises controls. Combining Carbon Black's insights into the endpoint with NSX's ability to see network connections has allowed VMware to more effectively spot lateral movement.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joins ISMG editors to discuss how extremist groups could circumvent sanctions and fund terrorism through NFTs, the limitations of digital assets regulations, and new U.K. rules for crypto exchange reporting.
Banking regulators are looking for ways to tackle authorized payment scams, such as spreading the risk to other banks. In a new report on how eight countries are handling this fraud, researcher Ken Palla advises banks to focus on reimbursing victims and preventing the theft.
The only surprising aspect of the ransomware attack against Los Angeles Unified School District is that it didn’t happen sooner. The district was warned of cybersecurity weaknesses in the 20 months leading up to its ransomware attack. The Vice Society gang has claimed credit.
In this episode of "Cybersecurity Unplugged," Mark Cristiano of Rockwell Automation discusses Rockwell's cybersecurity journey, the particular challenges of deploying cybersecurity in an OT environment, and the minimum and proper industrial protections that organizations need to have in place.
Who's been disrupting ransomware operations' data leak sites by targeting them with distributed denial-of-service attacks? No one has yet claimed credit for the ongoing disruptions and slowdowns, but one likely theory is that rival operations are attempting to cause each other pain.
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
Vulnerabilities in certain medication infusion pump products from manufacturer Baxter could compromise a hospital's biomedical network. The flaws highlight the risks involving the acquisition and disposal of medical technology, says researcher Deral Heiland of Rapid7.
An attacker stole at least $370,000 worth of USDC stablecoins from a smart contract on the Avalanche blockchain in a flash loan attack, affecting liquidity providers. Victim Nereus Finance is enticing the thief to return the stolen funds for a 20% "no questions asked" white hat reward.
U.S. sanctions on Tornado Cash are driving North Korean hackers away from the cryptocurrency mixer. Chainalysis says hackers' use of ineffective obfuscation techniques allowed the blockchain analysis firm to participate in an operation that recovered $30 million stolen from the Ronin bridge.
The sale of Tufin to Turn/River Capital will accelerate the network management firm's move from a perpetual to subscription-based licensing model, says CEO Ruvi Kitov. The deal will give Tufin access to Turn/River Capital's knowledge, best practices and playbooks around subscription licensing.
Thoma Bravo halted efforts to buy publicly traded cybersecurity AI vendor Darktrace this week after the two sides failed to agree on the terms of the buyout. The private equity giant walked away from what would have been its third take-private cybersecurity acquisition of 2022.
A U.S. law enforcement investigation involving multiple countries resulted in the shutdown of an online marketplace selling millions of Social Security numbers, payment cards and other credentials. Prosecutors unsealed a complaint against a Moldovan man fingered as the operator.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.