Fresh Guilty Plea Follows Crackdown on BitMEX Exchange

Mathew J. Schwartz • August 9, 2022

A high-ranking employee at Bitcoin Mercantile Exchange, or BitMEX, has pleaded guilty to violating the Bank Secrecy Act, which requires financial institutions to help prevent money laundering. The plea by Gregory Dwyer follows BitMEX's three founders all pleading guilty to the same charge.

Blockchain & Cryptocurrency

Phishing-as-a-Service Platform Offers Cut-Rate Prices

Latest

Cybercrime as-a-service

Ransomware Leak Sites Attract More Attacks

Prajeet Nair • August 9, 2022

Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos. The cybersecurity firm says it's seen an uptick in incidents involving multiple criminal gangs demanding a ransom for unencrypted victims' files.

Analytics

John Watters on Why Google and Mandiant Are Better Together

Michael Novinson • August 8, 2022

Combining the data analytics of Google Chronicle with Mandiant's ability to identify signals of abnormal behavior is an unbeatable combination, says Mandiant President and COO John Watters. Google agreed in March to purchase threat intelligence and incident response titan Mandiant for $5.4 billion.

Governance & Risk Management

Hatem Naguib on Charting Barracuda's New Course Under KKR

Michael Novinson • August 8, 2022

President and CEO Hatem Naguib expects Barracuda Networks to pursue more midmarket growth opportunities in both North America and internationally under private equity firm KKR's tutelage. The company will move from Thoma Bravo to KKR's control for a reported $4 billion in a deal announced in April.

Fraud Management & Cybercrime

Beyond Security: Forrester's Bot Management Q2 Trends

Anna Delaney • August 8, 2022

Sandy Carielli, principal analyst at Forrester, shares research on the latest bot management trends. Forrester found that while bots affect security, e-commerce, marketing, fraud and other teams, security professionals are still the most common bot management users.

Network Detection & Response

James Foster on Taking ZeroFox Public in Hard Economic Times

Michael Novinson • August 8, 2022

James Foster has been swimming against the current for months, taking ZeroFox public by merging with a special-purpose acquisition company despite the worsening economic conditions. The Nasdaq Stock Exchange listing makes ZeroFox the first cybersecurity company to go public in all of 2022.

Fraud Management & Cybercrime

Hunting the Bad Guys Behind Golden SAML Attacks

Steve King • August 8, 2022

In this episode of "Cybersecurity Unplugged," Yonatan Khanashvili describes in detail how Golden Security Assertion Markup Language attacks occur and how SOC platforms with much greater capacity to cross-correlate data than legacy SIEMs can help defenders detect and hunt for them.

Governance & Risk Management

FFIEC Solicits Comments on Cybersecurity Assessment Tool

David Perera • August 5, 2022

The Federal Financial Institutions Examination Council is asking for comments regarding the Cybersecurity Assessment Tool, the ostensibly voluntary way for banks and credit unions to self-assess exposure to risk and the maturity of their cybersecurity.

Blockchain & Cryptocurrency

Nomad Entices Thieves of $190M Hack With Offer to Keep 10%

Rashmi Ramesh • August 5, 2022

The hackers who stole $190 million from cross-chain bridge Nomad stand to keep up to 10% of the loot and escape civil liability and criminal prosecution. The only caveat: They must return the rest of the money. Then, the firm says, it will label them as white hats and won't pursue legal action.

Cryptocurrency Fraud

ISMG Editors: Ransomware Groups Aiming for Smaller Targets

Anna Delaney • August 5, 2022

In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.

Cyberwarfare / Nation-State Attacks

Okta's Marc Rogers on Why Beating Ransomware Is a Team Sport

Michael Novinson • August 5, 2022

Increased collaboration between the public and private sectors hasn't slowed the increased frequency and ease of ransomware intrusions, but efforts to change the financial incentives of ransomware are having "a pretty good effect," says Marc Rogers, vice president of cybersecurity strategy at Okta.

Cloud Security

Arctic Wolf's Dan Schiappa on Cloud Security in a Recession

Michael Novinson • August 5, 2022

The impending recession should accelerate cloud adoption as firms look to reduce infrastructure costs, but these moves will introduce a new set of security challenges. Arctic Wolf Chief Product Officer Dan Schiappa predicts many companies will start building security into their applications sooner.

Fraud Management & Cybercrime

Neuro Practice Tells 363,000 That PHI Was Posted on Dark Web

Marianne Kolbasuk McGee • August 4, 2022

An Indiana-based neurology practice is notifying nearly 363,000 individuals that their sensitive information was compromised in a recent ransomware attack - and that some of the data was made available on the dark web. Russian ransomware group Hive has been implicated.