Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Did police seize the BlackCat/Alphv online infrastructure?

Ransomware Group Offline: Have Police Seized Alphv/BlackCat?

Mathew J. Schwartz • December 11, 2023

Cybercrime underground chatter suggests ransomware group BlackCat - aka Alphv - is being disrupted by law enforcement. Experts warn that disruptions too often remain short-lived, as operators reboot under different names and affiliates go independent or work with a bevy of rival services.

Cybercrime

BlackCat Gang Tattles to SEC About Victim Not Disclosing Breach

Latest

Breach Notification

Okta Says Hacker Stole Every Customer Support User's Details

Mihir Bagwe , Mathew J. Schwartz • November 29, 2023

Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.

Security Information & Event Management (SIEM)

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

Michael Novinson • November 28, 2023

Discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk have driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering. LogScale hit the $100 million ARR milestone last quarter thanks to its search speed, data gravity and cost efficiency.

Data Loss Prevention (DLP)

Zscaler Taps Generative AI to Measure Risk, Predict Breaches

Michael Novinson • November 27, 2023

Zscaler infused generative AI features into its data protection bundles and is introducing AI-powered products that quantify risk and predict breaches, said CEO Jay Chaudhry. The cloud security firm enhanced its data protection policies for AI/ML apps and tools to lower the likelihood of data loss.

Founder Sam Altman Back as OpenAI CEO Under Revamped Board

Michael Novinson • November 22, 2023

The nonprofit behind ChatGPT reinstated co-founder Sam Altman as its chief executive following a tumultuous 106 hours that saw OpenAI burn through two interim CEOs. Most of the board members responsible for firing Altman on Friday gave up their director positions to get him back.

Microsoft Snags OpenAI's Sam Altman to Lead AI Research Team

Michael Novinson • November 20, 2023

OpenAI co-founders Sam Altman and Greg Brockman will lead a new advanced AI research team at Microsoft after OpenAI's board decided not to bring them back, Satya Nadella said. The nonprofit behind ChatGPT opted instead to name longtime Twitch CEO Emmett Shear as its new interim leader Sunday night.

Fraud Management & Cybercrime

The State of Enterprise Mobile App Security 2023: Results Analysis

Tony Morbin • November 17, 2023

Compromised mobile apps can be an open door to critical enterprise app servers and other back-end systems, and this survey aims to shine a light on a potential hole in most enterprise security walls – exposing potential gaps in CISO awareness.

Cloud-Native Application Protection Platform (CNAPP)

Nikesh Arora on Why Palo Alto Networks Is Buying Talon, Dig

Michael Novinson • November 15, 2023

Palo Alto will spent nearly $670 million buying Talon and Dig to broaden its cloud security portfolio and protect unmanaged devices without affecting usability. Purchasing Tel Aviv, Israel-based Talon Cyber Security for $435 million will help safeguard the 36% of the workforce that's independent.

Breach Notification

McLaren Health Care Hack Affected Millions; Lawsuits Pile Up

Marianne Kolbasuk McGee • November 13, 2023

McLaren Health Care is notifying nearly 2.2 million people of a data breach weeks after ransomware group Alphv/BlackCat claimed to have stolen 6 terabytes of patient records in a recent attack. In the meantime, the number of lawsuits filed against McLaren related to the incident continues to climb.

Cybersecurity Spending

SentinelOne Buys High-Profile Consultancy Krebs Stamos Group

Michael Novinson • November 10, 2023

SentinelOne purchased a boutique consultancy established by two of the world's most famous security minds and launched its own strategic risk analysis and advisory group. SentinelOne will add inaugural CISA Director Chris Krebs and former Facebook Chief Security Officer Alex Stamos to its C-suite.

Rockwell Combines Generative AI and Industrial Automation

Michael Novinson • November 9, 2023

The reliance on text bases in modern software development means Rockwell Automation can capitalize on generative AI's ability to read, produce and generate text. Having open text-based files and a domain-specific language made it easy for Rockwell to apply generative AI to FactoryTalk Design Studio.

SASE

Palo Alto Networks to Buy Enterprise Browser Startup Talon

Michael Novinson • November 6, 2023

Palo Alto Networks announced its second acquisition in a week, scooping up the 2022 winner of RSA Conference's prestigious Innovation Sandbox contest. The proposed buy of Talon Cyber Security will enable users to securely access business applications from any device, including noncorporate devices.

Network Firewalls, Network Access Control

Fortinet Invests in SASE, SecOps Amid Network Security Slump

Michael Novinson • November 2, 2023

Fortinet plans to shift its R&D and go-to-market investments to the faster-growing SASE and security operations segments as growth slows in the network security market. The company expects "more modest growth" in the near term given that 70% of Fortinet's billings today come from network hardware.