Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Ransomware Leak Site Listings Invite Follow-On Attacks

Prajeet Nair • August 9, 2022

Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos. The cybersecurity firm says it's seen an uptick in incidents involving multiple criminal gangs demanding a ransom for unencrypted victims' files.

Fraud Management & Cybercrime

Feds Double Reward for Tips on North Korean-Backed Actors

Latest

Fraud Management & Cybercrime

Black Hat 2022 Opens Today With Focus on Emerging Threats

Michael Novinson • August 10, 2022

Black Hat 2022 kicks off today with security experts sharing cutting-edge research and insights through demos, technical trainings and hands-on labs. Keynote speaker Chris Krebs will discuss risk trends in cybercrime, geopolitical threats and what they mean for tomorrow's network defenders.

DevSecOps

Lacework's Kate MacLean on Securing Users Across Many Clouds

Michael Novinson • August 10, 2022

Lacework has used the $1.3 billion raised to strengthen its multi-cloud support, giving customers better visibility across development and production environments. The company is able to identify elusive threats and zero-day vulnerabilities by finding spikes in anomalous activity.

Security Operations

Aparna Rayasam on How Trellix Plans to Boost XDR Protection

Michael Novinson • August 10, 2022

An open architecture, a single pane of glass and robust endpoint security are vital to fueling Trellix's growth in XDR, says Chief Product Officer Aparna Rayasam. Trellix has given customers a unified view into their security posture for configuration, reporting and forensic purposes.

Next-Generation Technologies & Secure Development

Ken Xie on Why Fortinet Is Leaning Into SD-WAN, OT Security

Michael Novinson • August 10, 2022

Fortinet has taken advantage of its ASIC chip and network security expertise to drive massive growth in both its SD-WAN and OT security businesses, CEO Ken Xie says. OT devices are difficult to secure on their own, so Fortinet uses its ability to block bad network traffic to keep them secure.

Next-Generation Technologies & Secure Development

Black Hat: Web3 Defense, Open-Source Intel & Directory Hacks

Michael Novinson • August 10, 2022

ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.

Blockchain & Cryptocurrency

North Korean Cryptocurrency Hacking Poised to Get Even Worse

Prajeet Nair • August 9, 2022

North Korean state-sponsored theft of cryptocurrency could intensify once cryptocurrency becomes accepted as a means of payment settlement, said a panelist at a think tank event in Washington. The United States and South Korea in 2021 committed to enhanced collaboration over cybercrime.

Next-Generation Technologies & Secure Development

Sophos' Kris Hagerman on Powering Cybersecurity as a Service

Michael Novinson • August 9, 2022

The rise of ransomware brokers and the continued talent shortage mean defenders increasingly need security technology managed on their behalf, Sophos' Kris Hagerman says. Customers must manage all their security products from a single platform and analyze the data these tools generate, he says.

Identity Governance & Administration

OneTrust's Blake Brannon on Unifying Privacy and Governance

Michael Novinson • August 9, 2022

OneTrust has put nearly $1 billion in investment to good use, helping companies address data governance, security assurance, third-party risk and more, Chief Strategy Officer Blake Brannon says. OneTrust has taken on challenges such as monitoring the ethical use of data and verifying compliance.

SASE

Hatem Naguib on Charting Barracuda's New Course Under KKR

Michael Novinson • August 8, 2022

President and CEO Hatem Naguib expects Barracuda Networks to pursue more midmarket growth opportunities in both North America and internationally under private equity firm KKR's tutelage. The company will move from Thoma Bravo to KKR's control for a reported $4 billion in a deal announced in April.

Fraud Management & Cybercrime

Beyond Security: Forrester's Bot Management Q2 Trends

Anna Delaney • August 8, 2022

Sandy Carielli, principal analyst at Forrester, shares research on the latest bot management trends. Forrester found that while bots affect security, e-commerce, marketing, fraud and other teams, security professionals are still the most common bot management users.

Network Detection & Response

James Foster on Taking ZeroFox Public in Hard Economic Times

Michael Novinson • August 8, 2022

James Foster has been swimming against the current for months, taking ZeroFox public by merging with a special-purpose acquisition company despite the worsening economic conditions. The Nasdaq Stock Exchange listing makes ZeroFox the first cybersecurity company to go public in all of 2022.

Finance & Banking

How To Reduce Authorized Payment Fraud

Suparna Goswami • August 8, 2022

What makes authorized payment scams hard to detect? The speed and volume of transactions hinders banks in monitoring for fraud, but David Lott, payments risk expert with the Federal Reserve Bank of Atlanta, says educating customers and leveraging the right technology can help reduce scams.