Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Highlights of Verizon Data Breach Investigations Report 2023

Anna Delaney • June 6, 2023

Pretexting incidents, a social engineering technique that manipulates victims into divulging information, have nearly doubled, representing 50% of all social engineering attacks, according to Verizon's 2023 Data Breach Investigations Report, which analyzed more than 16,312 security incidents.

Fraud Management & Cybercrime

Iranian Hackers Deploy New Ransomware Against Israeli Firms

Latest

Fraud Management & Cybercrime

Microsoft Attributes MOVEit Transfer Hack to Clop Affiliate

Jayant Chakravarti , David Perera , Mathew J. Schwartz • June 5, 2023

Microsoft says an affiliate of the Russian-speaking Clop ransomware gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's MOVEit application. Known victims include British payroll provider Zellis, which says eight corporate customers were affected.

Patch Management

Hackers Using MOVEit Flaw to Deploy Web Shells, Steal Data

Michael Novinson • June 2, 2023

Adversaries have taken advantage of a zero-day vulnerability in Progress Software's managed file transfer product to deploy web shells and steal data, Mandiant found. An unknown threat actor began exploiting the critical SQL injection vulnerability in MOVEit Transfer on May 27.

Fraud Management & Cybercrime

Breach Roundup: Amazon Settles US FTC Investigations

Prajeet Nair • June 1, 2023

This week: Amazon settled privacy and cybersecurity investigations with the U.S. FTC, SAS received a $3 million extortion demand and apparently Ukrainian hacktivists penetrated Russia's Skolkovo Foundation. Plus, breaches at Onix Group and Toyota and a warning about Salesforce "ghost sites."

Artificial Intelligence & Machine Learning

Cisco Buys Armorblox to Bring Generative AI to Its Portfolio

Michael Novinson • May 31, 2023

Cisco plans to make its third tuck-in cybersecurity acquisition of 2023 to protect email, cloud office applications and enterprise communications through natural language understanding. Cisco will take advantage of Armorblox's predictive and generative AI to help customers bolster their security.

Standards, Regulations & Compliance

Where Hospitals Are Still More Cyber Reactive Than Proactive

Marianne Kolbasuk McGee • May 30, 2023

Many hospitals are still more reactive than proactive in terms of embracing recommended best practices that can advance their cybersecurity maturity level, said Steve Low, president of KLAS Research, and Ed Gaudet, CEO of consulting firm Censinet, who discuss findings of a recent benchmarking study.

Breach Notification

Dental Health Insurer Hack Affects Nearly 9 Million

Prajeet Nair • May 27, 2023

An insurance provider that services many state Medicaid agencies and the Children's Health Insurance Program told regulators that hackers compromised the personal and protected health information of nearly 9 million patients in an incident discovered in March.

Cybercrime

Latitude Financial Attack Costs Company Up to AU$105 Million

Mihir Bagwe • May 26, 2023

Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack.

Cybercrime

State-Aligned Actors Targeting SMBs Globally

Prajeet Nair • May 24, 2023

State-aligned hackers are increasingly targeting small and medium-sized businesses worldwide, as SMBs are more likely to be under-protected against cybersecurity threats such as phishing campaigns, according to a new report by cybersecurity firm Proofpoint.

Blockchain & Cryptocurrency

EU Adopts Comprehensive Crypto Regulation

Akshaya Asokan • May 16, 2023

The European Union on Tuesday formally adopted the world's first comprehensive regulatory regime for the cryptocurrency industry in a measure supporters say will tame volatility illustrated by high-profile crashes such as FTX. The proposal, known as MiCA, will go into effect progressively.

Data Loss Prevention (DLP)

IBM Buys Polar Security to Find and Protect Cloud, SaaS Data

Michael Novinson • May 16, 2023

IBM has bought a startup founded by a longtime security leader in the Israeli Prime Minister's Office to ensure personal identifiable information isn't left unprotected. The deal will ensure sensitive data isn't exposed in public cloud data stores or SaaS apps like Slack, SharePoint or Office 365.

Managed Security Service Provider (MSSP)

Huntress Raises $60M to Bring Managed Protection to Identity

Michael Novinson • May 16, 2023

Huntress has completed a Series C round to expand beyond the endpoint protection market and bring managed security to identity and cloud. Hackers are increasingly going after employee accounts at SMBs and using the compromised identity to move into other systems via SSO, CEO Kyle Hanslovan said.

Government

Why Democracy Is a Critical Asset Against Cyberthreats

Rahul Neel Mani • May 16, 2023

Yigal Unna, former DG, National Cyber Directorate, Israel, emphasized the importance of continued collaboration between defenders and the formation of a Global Cyber Cabinet consisting of more than 20 national CISOs from leading countries working to dismantle cybercrime syndicates.