Security News

ISO 27001 is also supported by the other standards ISO/IEC 27000:2018 and ISO/IEC 27005:2022, among others. What advice do you have for organizations, particularly SMEs, in effectively allocating resources and budget for ISO 27001 implementation?

The Reserve Bank of India announced on Thursday it would make its digital currency programmable, and ensure it can be exchanged when citizens are offline. Indian media report that governor Shaktikanta Das outlined scenarios for the programmable digital rupee, including allowing government agencies to ensure payments to citizens are only used for defined benefits.

The study examining attitudes towards cybersecurity teams within organizations has uncovered that despite minor issues around communication and processes, there are high levels of trust and appreciation amongst employees. It indicates how cybersecurity teams and professionals are increasingly viewed as a vital strategic function enabling both individuals and business success.

In this Help Net Security video, Karen Schuler, Global Privacy & Data Protection Chair at BDO, discusses overconfidence in data privacy and data protection practices. There is an apparent disconnect between tech CFOs' confidence and consumer perceptions.

Singapore-based infosec firm Group-IB has detected a group that spent the last two months of 2023 stealing personal info from websites operated by jobs boards and retailers websites across Asia. The actors, dubbed "ResumeLooters" by Group-IB, used SQL injection and Cross-Site Scripting attacks to steal databases from the sites.

Nearly half of businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased, according to AuthenticID. Consumers and businesses alike are facing new challenges in today's digital existence, from considering the ramifications of digital identity to grappling with the use and prevalence of new tools like generative AI. In the meantime, the explosion of AI has also pushed identity fraud into a new frontier that will become a potential global shift in the coming year. 68% of people said the threat of identity fraud and scams impacts how they make purchases, open accounts, and do business.

Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The...

The US government has placed an extra $5 million bounty on Hive ransomware gang members - its second such reward in a year. The FBI has also put up an additional $5 million award for information leading to the arrest and/or conviction of any person "Conspiring to participate in or attempting to participate in Hive ransomware activity."

Analysis The FBI's latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the Chinese government. During a US House subcommittee meeting last week on cyber threats from Beijing, FBI boss Christopher Wray told lawmakers that "702 is the greatest tool the FBI has to combat PRC hacking groups." PRC being People's Republic of China.

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.For those unable to apply patches, you can mitigate the flaw by disabling SSL VPN on your FortiOS devices.