The median number of days an attacker dwells in a system before detection fell from 24 days in 2020 to 21 days in 2021, according to a Mandiant report. The biggest year-on-year decline in median dwell time occurred in the APAC region, where it dropped from 76 days in 2020 to 21 days in 2021.
The Emotet botnet, which was disrupted by law enforcement actions in January 2021, has been making its way back in recent months. Cybersecurity researchers at Proofpoint have now recorded a brief departure from its typical behavior, indicating that the group is likely testing new attack techniques.
Has your organization been bitten by BlackCat ransomware, aka Alphv? If so, the FBI wants to hear details about how attackers broke in, cryptocurrency wallet addresses used to receive ransoms and other information that could help law enforcement authorities better track and block future attacks.
The Food and Drug Administration's decision to incorporate "quality systems regulations" into its new draft guidance for premarket medical device cybersecurity is an important development in the scope of the agency's expectations for manufacturers, says Dr. Suzanne Schwartz of the FDA.
The 2021 Dragos ICS/OT Cybersecurity Year in Review report says the number of industrial organizations with external connections to their industrial control systems has doubled, yet 86% of organizations report limited to no visibility of ICS environments. Tom Winston outlines the top challenges.
Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms. SOC.OS will allow customers to extract information sooner from non-Sophos firewalls, network proxies and endpoint security technology.
VMware's Tom Kellermann is out with Modern Bank Heists 5.0, his latest look at the attackers and attacks targeting financial services. Subtitled "The Escalation," this report looks at the increase in destructive attacks, ransomware and hits on cryptocurrency exchanges. Kellermann shares insights.
Accenture's new ransomware report reveals key challenges in executing an effective communications plan. Robert Boyce, managing director of global cyber response, discusses why existing recovery strategies aren't enough and offers practical steps for managing a ransomware response.
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and ESET, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and CISOs about the seriousness of these threats and what organizations can do to mitigate the risks.
Five recently reported data breaches involving cyberattacks on a variety of different types of healthcare sector entities have affected a total of more than 1.2 million individuals. Experts say the incidents highlight the intensifying threat landscape in the sector.
The REvil ransomware gang's attack against the U.S. software company Kaseya in July 2021 is one of the largest and most intriguing ransomware attacks of all time. Here's the inside story of how the attack went down and how organizations recovered.
Hackers have allegedly managed to breach the infrastructure belonging to Russia's Federal Air Transport Agency, or Rosaviatsiya, and wiped out its entire database and files consisting of 65TB of data, including documents, files, aircraft registration data and emails from the servers.
Eighty percent of survey respondents say they either are well on the way or getting started toward becoming a "smart manufacturing company." Cloud migration, business resiliency and securing OT environments are among their priorities. Del Rodillas of Palo Alto Networks analyzes the survey results.
In the latest weekly update, editors at Information Security Media Group discuss important cybersecurity issues, including the White House warning about escalated cyberthreats from Russia, the impact of the Russia-Ukraine war on the healthcare sector and why combating SIM swap fraud remains challenging.