DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years

December 13, 2024 at 11:45AM The U.S. Department of Justice has indicted 14 North Korean nationals for allegedly violating sanctions through a scheme involving wire fraud, money laundering, and identity theft. They illegally sought remote IT jobs while generating at least $88 million for the North Korean regime, utilizing various deceptive tactics to conceal their … Read more

US offers $5 million for info on North Korean IT worker farms

December 12, 2024 at 03:26PM The U.S. State Department is offering up to $5 million for information on North Korean front companies involved in illegal remote IT work, generating millions to support nuclear programs. Fourteen “IT warriors” were indicted for identity theft and fraud, highlighting ongoing risks of North Korean infiltration in U.S. businesses. **Meeting … Read more

Fake IT Workers Funneled Millions to North Korea, DOJ Says

December 12, 2024 at 02:42PM The U.S. Justice Department indicted 14 North Korean nationals for a scheme posing as remote IT workers to commit sanctions violations, fraud, and identity theft, allegedly earning $88 million over six years. They used stolen identities and advanced tactics to access U.S. companies, highlighting the threat of North Korean cyberattacks. … Read more

Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

November 22, 2024 at 07:12AM Google Workspace has become vital for business productivity, offering tools for collaboration. However, its popularity increases cybersecurity risks, as user errors, weak passwords, and inadequate configurations expose data. A shared responsibility model means securing user accounts falls on users. Implementing layered security and using tools like Backupify can enhance data … Read more

Name That Toon: Meeting of Minds

November 20, 2024 at 12:32AM A contest invites submissions for a cybersecurity-related caption about the work-from-anywhere trend, with a $25 gift card prize for the best entry. Submissions are due by December 11 via email or social media. Last month’s winner was Matthew Tompkins for his caption on the “The Big Jump” cartoon. ### Meeting … Read more

Microsoft warns Azure Virtual Desktop users of black screen issues

November 1, 2024 at 07:25PM Microsoft alerted users about potential 30-minute black screens when logging into Azure Virtual Desktop post the KB5040525 Windows 10 update. Users may also face single sign-on failures with Office apps. This issue stems from a deadlock between Azure Active Directory broker and AppX services, particularly affecting FSLogix user profiles. ### … Read more

Undercover North Korean IT workers now steal data, extort employers

October 17, 2024 at 02:08PM North Korean IT professionals are deceiving Western companies to gain employment, access confidential data, and subsequently extort ransoms to prevent data leaks. Cybersecurity firms like Secureworks and KnowBe4 have identified these schemes, involving fraudulent identities and sophisticated tactics to cover their tracks. Companies are advised to be vigilant during hiring … Read more

CISO Paychecks: Worth the Growing Security Headaches?

October 7, 2024 at 03:43PM Cybersecurity professionals serving as CISOs are experiencing modest pay increase, averaging $403,000 annually, but it lags behind their evolving responsibilities. Business operations are increasingly under attack, with CISOs facing resource constraints and budget pressures. Demand for CISOs has stabilized, and stress persists, especially in government and education sectors. AI risk … Read more

Average North American CISO salary now $565K, mainly thanks to one weird trick

October 3, 2024 at 10:11AM The survey of nearly 700 CISOs in the US and Canada revealed an increase in average salaries to $565,000 and median salaries to $403,000. Job-switching or threatening to do so resulted in a 31% compensation increase, outweighing the 6.3% increase from annual pay rises. The tech industry offers the most … Read more

Complete Guide to Protecting Seven Attack Vectors

August 27, 2024 at 11:25AM Jon Clay reviews seven key initial attack vectors and provides proactive security tips to reduce cyber risk across the attack surface amid the rapid expansion of the digital attack surface due to digital transformation and remote work. The vectors include email, web and web applications, vulnerabilities, devices, island hopping, insider … Read more