James Foster on Taking ZeroFox Public in Hard Economic Times

Michael Novinson • August 8, 2022

James Foster has been swimming against the current for months, taking ZeroFox public by merging with a special-purpose acquisition company despite the worsening economic conditions. The Nasdaq Stock Exchange listing makes ZeroFox the first cybersecurity company to go public in all of 2022.

Anti-Phishing, DMARC

Hacking Concerns Delay Balloting for New UK Prime Minister

Latest

3rd Party Risk Management

Cyberattack on NHS Vendor Already Offering Critical Lessons

Marianne Kolbasuk McGee • August 8, 2022

As the U.K.'s National Health Service continues to deal with the impact of a cyberattack on one of its critical IT suppliers, the situation underscores the risks posed by vendors - and the need to have business continuity plans ready to deploy.

Analytics

John Watters on Why Google and Mandiant Are Better Together

Michael Novinson • August 8, 2022

Combining the data analytics of Google Chronicle with Mandiant's ability to identify signals of abnormal behavior is an unbeatable combination, says Mandiant President and COO John Watters. Google agreed in March to purchase threat intelligence and incident response titan Mandiant for $5.4 billion.

Governance & Risk Management

Hatem Naguib on Charting Barracuda's New Course Under KKR

Michael Novinson • August 8, 2022

President and CEO Hatem Naguib expects Barracuda Networks to pursue more midmarket growth opportunities in both North America and internationally under private equity firm KKR's tutelage. The company will move from Thoma Bravo to KKR's control for a reported $4 billion in a deal announced in April.

Fraud Management & Cybercrime

Beyond Security: Forrester's Bot Management Q2 Trends

Anna Delaney • August 8, 2022

Sandy Carielli, principal analyst at Forrester, shares research on the latest bot management trends. Forrester found that while bots affect security, e-commerce, marketing, fraud and other teams, security professionals are still the most common bot management users.

Blockchain & Cryptocurrency

US Treasury Sanctions Tornado Cash, Freezes Its Assets

David Perera • August 8, 2022

The federal government today sanctioned Tornado Cash. The Department of Treasury ordered assets of the Ethereum blockchain cryptocurrency mixer to be frozen and says civil and potentially criminal penalties await anyone under U.S. jurisdiction who uses the service.

Finance & Banking

How To Reduce Authorized Payment Fraud

Suparna Goswami • August 8, 2022

What makes authorized payment scams hard to detect? The speed and volume of transactions hinders banks in monitoring for fraud, but David Lott, payments risk expert with the Federal Reserve Bank of Atlanta, says educating customers and leveraging the right technology can help reduce scams.

Fraud Management & Cybercrime

Hunting the Bad Guys Behind Golden SAML Attacks

Steve King • August 8, 2022

In this episode of "Cybersecurity Unplugged," Yonatan Khanashvili describes in detail how Golden Security Assertion Markup Language attacks occur and how SOC platforms with much greater capacity to cross-correlate data than legacy SIEMs can help defenders detect and hunt for them.

API Security

Twitter Confirms Zero-Day Bug That Exposed 5.4M Accounts

Prajeet Nair • August 6, 2022

Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through its bug bounty program in January.

Blockchain & Cryptocurrency

US Gets Russian Accused of Crypto Laundering Extradited

Prajeet Nair • August 5, 2022

Accused cryptocurrency money launderer Alexander Vinnik made his first appearance in U.S. federal court today. The Russian national faces 55 years imprisonment for his alleged involvement in laundering hacking proceeds through Bitcoin on the BTC-e cryptocurrency exchange.

Finance & Banking

FFIEC Solicits Comments on Cybersecurity Assessment Tool

David Perera • August 5, 2022

The Federal Financial Institutions Examination Council is asking for comments regarding the Cybersecurity Assessment Tool, the ostensibly voluntary way for banks and credit unions to self-assess exposure to risk and the maturity of their cybersecurity.

3rd Party Risk Management

Reports: NHS Dealing With IT Outages Due to Cyber Incident

Marianne Kolbasuk McGee • August 5, 2022

The U.K.'s National Health Service is experiencing IT outages resulting from a cyberattack on a third-party vendor. Birmingham-based technology provider Advanced's Adastra system supplies digital services for urgent healthcare services number 111.

Endpoint Security

HHS HC3 Warns Healthcare of IoT Device, Open Web App Risks

Marianne Kolbasuk McGee • August 5, 2022

Federal authorities, in two separate advisories issued Thursday, urge healthcare sector entities to proactively address security risks from internet of things devices equipped with sensors, software and other technologies to connect and exchange data over the internet and from open web applications.