The code used to build copies of Babuk ransomware - to infect victims with the crypto-locking malware - has been leaked, after someone posted the software to virus-scanning service VirusTotal. Whether the leak was intentional - perhaps a rival gang seeking to burn the operation - remains unclear.
The prolific Avaddon ransomware-as-a-service operation has announced its closure and released 2,934 decryption keys for free. Has the increased focus by Western governments on combating ransomware been driving this and other operations to exit the fray?
The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. The move comes as the Biden administration pursues multiple strategies to combat ransomware and digital extortion, including ordering a new task force to coordinate all federal investigations.
The latest edition of the ISMG Security Report details the ongoing wave of ransomware attacks, including the disruption of JBS, the world's largest supplier of meat. Also featured are police busting criminals who formerly used the EncroChat communications network and the strategies for filling the cyber skills gap.
The FBI has attributed the ransomware attack against meat processing giant JBS to the REvil - aka Sodinokibi - ransomware-as-a-service operation. Security experts say the operation, which dates from 2019, appears to be run from Russia, and has been hitting increasingly large targets.
Attackers are leveraging social engineering to drive significantly higher engagement and account takeover. Abnormal Security's quarterly threat reports are the only source of industry data on the true volume of BEC attacks. In our latest threat report, we found that attacks across a variety of categories grew at...
Many organizations can often underestimate their level of cyber
risk or overestimate the strength of their security controls. When it
comes to cyber security, they cannot afford to make mistakes because the
cost of a data breach is incredibly high. For some organizations, the
impact of a breach can cause...
A newly uncovered ransomware variant dubbed 'Epsilon Red' is targeting organizations in the U.S. hospitality sector, with the threat actor successfully extorting $210,000 from one of its victims, a new report by security firm Sophos notes.
The latest edition of the ISMG Security Report features an analysis of the city of Tulsa's decision to refuse to pay a ransom following an attack. Also featured: Johnson & Johnson's CISO on shifting priorities; mitigating quantum computing risks.
"They’re playing games," is how one security expert describes Conti ransomware-wielding attackers' "gift" of a decryptor to Ireland's crypto-locked health service, while still demanding a ransom to not leak stolen health data. The same could be said of the DarkSide gang's promised retirement.
Read the Solution Brief to learn how Fortinet solutions including email security, SaaS application security, malware protection, and identity and access management products—all part of the Fortinet Security Fabric—provide comprehensive protection for organizations using Microsoft 365.
Microsoft 365 is a powerful business productivity and collaboration suite used by over 258 million users worldwide.
Download this eBook which discusses the security implications to be aware of when using Microsoft 365 and key strategies to prevent unauthorized access, protect sensitive data and files, stop malicious...
As more organizations adopt Microsoft 365 Exchange for email services in the cloud, it’s important to consider whether available native tools are sufficient to protect your organization against the full range of email-based threats.
Find the answers in this infographic which highlights how Microsoft 365 Exchange...
Criminals continue to target on-premises Microsoft Exchange servers that have not yet been updated with four critical patches, including for a ProxyLogon flaw, which is now being targeted by Black Kingdom ransomware. One expert describes the attack code as being "rudimentary and amateurish" but still a threat.
There has been a spike in web shells being detected as ransomware gangs and other attackers increasingly target vulnerable on-premises Microsoft Exchange servers following publication of proof-of-concept attack code for ProxyLogon, which is one of four zero-day flaws patched by Microsoft in early March.