The US government’s cybersecurity agency CISA on Tuesday confirmed that director Jen Easterly and deputy Nitin Natarajan will depart on January 20, clearing the way for a leadership overhaul by the incoming administration. A CISA spokesperson told SecurityWeek that all appointees of the Biden-Harris administration will leave by inauguration day. “All appointees of the Biden […]

A Russian national allegedly involved in administering the Phobos ransomware appeared in court in the US after being extradited from South Korea. The man, Evgenii Ptitsyn, 42, was allegedly involved in the development of Phobos, and oversaw the sale, distribution, and operations of the ransomware, an indictment unsealed by the US Department of Justice shows. […]

The modern enterprise is far more mobile than it used to be. Trends like Bring Your Own Device (BYOD) and Company Owned, Personally Enabled (COPE), hybrid working and enterprise mobility initiatives have been picking up pace, allowing mobile devices to access and interact with enterprise data systems like never before. According to Verizon, more than […]

A threat actor is monetizing vulnerable Internet-of-Things (IoT) devices by infecting them with malware and listing them as residential proxies within minutes after exploitation, Trend Micro reports. Tracked as Water Barghest, the adversary has compromised over 20,000 IoT devices to date, renting them to threat actors looking to anonymize their activities. Active for at least […]

AI-powered learning automation firm iLearningEngines on Monday disclosed a cybersecurity incident that resulted in the theft of $250,000. iLearningEngines told the SEC that a threat actor accessed its environment and certain files on its network, deleted some emails, and misdirected a $250,000 wire payment, which has not been recovered. Maryland-based iLearningEngines has developed a platform […]

In a single day last week, the Akira ransomware group leaked information allegedly stolen from 32 victims, cyber risk firm Cyberint reports. Active since March 2023 and operating under the ransomware-as-a-service (RaaS) business model, Akira has become one of the most prevalent ransomware enterprises, impacting over 350 organizations to date. In April 2024, US government […]

Aphorisms abound in cybersecurity. They are clever, self-effacing, and purposeful survival mechanisms that simultaneously teach reality truths in possibly the most stressful occupation outside of the military. SecurityWeek talked to Bec McKeown CPsychol, founder and principal psychologist at Mind Science Ltd (and a visiting lecturer in applied psychology at Cranfield university) to understand the role […]