This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
This is the first episode of "The Ransomware Files," a podcast series focused on stories of resilience in the fight against ransomware. A systems administrator with a school district in Washington state recounts a brush with Ryuk ransomware and how the district recovered through tenacity and a bit of luck.
Ransomware has become a huge cyber security challenge for organisations. It is growing in numbers as well as in sophistication. The cost of financial and reputational losses to organizations is also on the rise. In 2019, average remediation costs for a company that had incurred a ransomware attack were over $761,000....
After a string of high-profile hits, many of the largest and most notorious ransomware operations recently disappeared. But the pace of ransomware attacks hasn't diminished because of a steady influx of new operations, existing operations getting more sophisticated and old players rebranding.
The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
Indianapolis, Indiana-based Eskenazi Health has acknowledged that hackers stole some data and posted it on the darkweb after a ransomware attack. But the organization says it's not yet determined if individuals need to be notified because its investigation is still underway.
The Biden administration is hosting a White House meeting Wednesday with technology, banking, insurance and education executives to focus on cybersecurity and national security issues, such as protecting critical infrastructure from attacks and how to hire more security professionals to meet demand.
ALTDOS, an advanced persistent threat group, has recently targeted several organizations in Singapore by waging "double extortion" ransomware attacks in an attempt to gain ransom payments, local government authorities say.
Want defensive advice from a ransomware-wielding attacker? In a tell-all interview, a LockBit 2.0 representative not only extols the virtues of his malware, but also advises would-be victims to hire red teams, keep their software updated and educate employees to resist social engineering attacks.
Despite these financial headwinds, new ways are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers.
The Cybersecurity and Infrastructure Security Agency is warning organizations to immediately patch the ProxyShell vulnerabilities in Microsoft Exchange email servers because security researchers say ransomware gangs are exploiting these flaws.
Two large healthcare organizations - Memorial Health System in Ohio and University Medical Center of Southern Nevada - continue to mop up after recent cyberattacks apparently involving ransomware. The Ohio organization admits negotiating "a settlement" with attackers to obtain a decryptor.
Australia's data regulator says organizations hit by ransomware may be underreporting data breaches because they haven't thoroughly figured out if data was taken. But an "absence of evidence" of a data breach in a ransomware attack isn't sufficient to declare that no data was taken.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.