Emotions about the global pandemic are running high, and attackers are taking advantage. Researchers have observed criminals spreading malware by impersonating official sources, distributing malicious COVID-19 maps and trackers, and malvertising on coronavirus-related news stories.
As security professionals, we...
Data breaches expose a wealth of personal information that can enable cybercriminals to bypass security measures, take over accounts, and compromise enterprise networks. To provide a snapshot of the breach exposure affecting major enterprises, we examined SpyCloud's database and found:
412 million breach assets tied...
The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.
With the declaration of COVID-19 as a pandemic, and the global shift to work from home, Tom Kellermann of VMware Carbon Black sees a corresponding increase in hacking and espionage attempts against U.S. agencies, businesses and citizens. He says add "digital distancing" to your precautions.
As cybercriminals and nation-states take advantage of the COVID-19 pandemic to further their own aims, authorities are calling on victims to report online attacks as quickly as possible to help them better disrupt such activity.
Account Takeover is now a ubiquitous term, and ATO prevention has become a high priority for cybersecurity leaders. But most of the effort is put toward thwarting high-volume, automated credential stuffing. Less understood are "targeted ATO attacks." Highly effective and difficult to detect, they cause huge damage to...
Security firm Emsisoft is offering free, customized decryptors to victims of PwndLocker ransomware, which first surfaced in late 2019 and has been tied to attacks against Lasalle County in Illinois and the Serbian city of Novi Sad, with the gang demanding up to $660,000 or more in bitcoins from its victims.
In discussions around the future of AI and cyber-threats, we often wonder when we can expect to see malicious or offensive AI attacks in the wild. While we have not yet seen conclusive evidence of execution, we can anticipate that AI-driven cyber-attacks are not years away, but a very real possibility in the immediate...
Visser Precision, a U.S. manufacturer that supplies Boeing, Lockheed Martin, Tesla and SpaceX, appears to have been hit by the DoppelPaymer ransomware gang, which has begun leaking internal data and threatening to leak more unless the victim pays a ransom.
Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker.
The 2016 U.S. presidential election served as a wake-up call for lawmakers and the public about the threat that cyberattackers can pose to the country's democracy, CISA Director Christopher Krebs said at the RSA 2020 conference. Election security and ransomware remain his agency's two biggest concerns.
Bad news on the ransomware front: Victims that choose to pay attackers' ransom demands - in return for the promise of a decryption tool - last quarter paid an average of $84,116, according to Coveware. But gangs wielding Ryuk and Sodinokibi - aka REvil - often demanded much more.
Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.
For close to three years, a technology executive was hounded by a persistent attacker who stole his identity, opened credit cards in his name, and wired funds from his bank account. Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks.
If your account...
Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns. Pulse Secure says that although many organizations have installed the critical April 2019 patch, holdouts persist.