Security News

LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer. While 25% of people have been on the receiving end of an AI voice impersonation scam or know someone who has, according to a recent global study, the LastPass employee didn't fall for it because the attacker used WhatsApp, which is a very uncommon business channel.

"We provided a lot of services after they were penetrated by a state actor", Jack told On Call, adding that this incident sparked a "Panic purchase" of defensive tools and the know-how to run 'em. Jack rated the client's CEO as " possibly happy with our service but not happy with the amount of money.

The world's largest cryptocurrency exchange just got a little smaller, with the US Department of Justice announcing Binance and its CEO Changpeng Zhao have both pleaded guilty to a multitude of financial crimes. According to a criminal case [PDF] unsealed Tuesday, Binance failed to register as a money services business in the United States, broke the Bank Secrecy Act by failing to implement and maintain an anti-money laundering program, and violated the International Emergency Economic Powers Act by allowing US users to transact with individuals in sanctioned countries.

Fear and the more technical aspects of cybersecurity are still stopping Australian CEOs from engaging more deeply with cybersecurity risks, despite a string of high-profile cyberattacks that have hit Australian brands, including Optus and Medibank and millions of their customers. New research from consulting firm Accenture found that only one in five of Australian CEOs are currently dedicating board meetings to discussing cybersecurity issues, while 34% think cybersecurity isn't a strategic matter and requires episodic rather than ongoing attention.

74% of CEOs are concerned about their organizations' ability to avert or minimize damage to the business from a cyberattack - even though 96% of CEOs said that cybersecurity is critical to organizational growth and stability, according to Accenture. 60% of CEOs said their organizations don't incorporate cybersecurity into business strategies, services or products from the outset, and 44% believe cybersecurity requires episodic intervention rather than ongoing attention.

The former chief executive of a company that was sold to Qualcomm for more than $150 million has pleaded guilty to one count of money laundering relating to a $1.5 million transaction involving proceeds from the deal. Sanjiv Taneja was CEO at startup Abreezio, for which Qualcomm agreed to pay roughly $180 million, $150 million of which was paid in cash in October 2015.

Microsoft fixed a security flaw in the Power Platform Custom Connectors feature that let unauthenticated attackers access cross-tenant applications and Azure customers' sensitive data after being called "Grossly irresponsible" by Tenable's CEO. The root cause of the issue stemmed from inadequate access control measures for Azure Function hosts launched by connectors within the Power Platform. "It should be noted that this is not exclusively an issue of information disclosure, as being able to access and interact with the unsecured Function hosts, and trigger behavior defined by custom connector code, could have further impact," says cybersecurity firm Tenable which discovered the flaw and reported it on March 30th. "However, because of the nature of the service, the impact would vary for each individual connector, and would be difficult to quantify without exhaustive testing."

Exec faces fraud charges, one regulator wants $5 billion fine Alex Mashinsky, the now-former CEO of collapsed cryptocurrency concern Celsius, today faces charges of fraud as prosecutors and...

A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government agencies, healthcare, and the military. A U.S. Department of Justice announcement published yesterday says Aksoy pleaded guilty in the U.S. District Court of New Jersey, admitting that he defrauded many people and companies by selling them low-quality equipment made to appear as new Cisco models.

TechRepublic Premium Bring your own device policy PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems .....