‘Operation DarkHunTOR’ Seizes Millions in Cash & Crypto, Plus Drugs, GunsInternational law enforcement officials on Tuesday announced that some 150 suspects have been arrested globally for buying or selling illegal goods, following a 10-month sting operation, code name “Operation DarkHunTOR,” […]

Steve King of CyberTheory on Getting Serious With Our Defense StrategyFindings from CyberTheory’s 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in […]

Ron Ross of NIST Discusses Moving Away From Stovepipe ThinkingIn preparation for the relaunch of ISMG’s education platform, CyberEd.io, Ron Ross of the National Institute of Standards and Technology and Brian Barnier, who is designing a course on critical thinking […]

Microsoft Says Nobelium APT Is Eyeing Resellers, Tech Service ProvidersThe actor behind the cyberattack targeting SolarWinds customers – Nobelium – is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says […]

Retailer Says an Attempt Was Made to Interfere With Its SystemsGrocery retailer Tesco said it faced a service disruption on its app and website. The company told ISMG that the outage was likely due to an attempt to interfere with […]

Horizon3.ai CEO Snehal Antani on Re-Setting Enterprise Security ExpectationsAt a time when ransomware, zero day vulnerabilities and supply chain threats are rampant, what is effective security? Snehal Antani, CEO of Horizon3.ai, defines “effective security” in today’s context and describes how […]

Email Addresses Correlate With Accounts on Crypo Price Tracking ServiceCoinMarketCap says it has found no evidence of a data beach despite the circulation of a list of 3.1 million email addresses that correlates with accounts on its service. Regardless of […]

Sonatype: Cryptominers Launched in Windows, macOS, Linux DevicesResearchers at open-source software firm Sonatype have uncovered multiple malicious packages that disguise themselves as legitimate JavaScript libraries on npm registries to launch cryptominers on Windows, macOS and Linux machines.

The Cybercrime Group Posted Job Advertisements on Russian Job PortalsThreat group FIN7 has set up a website posing as a security company to recruit talent, according to fraud intelligence company Gemini Advisory. The aim of the scam was to lure […]

Co-Sponsor of Bipartisan Proposal Calls Bill ‘Common-Sense Legislation’Two Senate leaders on Thursday introduced legislation that would form a working group charged with monitoring the security of AI data obtained by federal contractors. This body would also ensure that the data […]