In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. and U.K., demanding ransom payments as high as $1.6 million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.
As the Biden administration attempts to force Russia to crack down on its domestic cybercriminals, one challenge will be the sheer diversity of attack code being wielded and individuals involved. Another is that any proactive moves Moscow makes would likely require many months to take effect.
Software developer Kaseya has released patches for its remote monitoring software, which had been exploited by REvil ransomware attackers to infect up to 60 MSPs and 1,500 of their clients. The patches mitigate the final three vulnerabilities out of seven that researchers reported to Kaseya in early April.
Spammers posing as software vendor Kaseya are waging a malspam campaign to target users of the company's VSA remote IT management software that was hit by a ransomware attack, the security firm Malwarebytes reports.
Acting CISA Director Brandon Wales, Rep. Jim Langevin and many others will discuss the government's top priorities in addressing cybersecurity challenges at ISMG's Virtual Cybersecurity Summit: Government, to be held July 13 and 14.
As ransomware attacks become more prolific, their success is being driven by the increasing use of specialists who can refine every stage of an attack. It's a reminder that the goal of cybercrime remains to maximize illicit profits as easily and quickly as possible.
Cue delays for customers of Kaseya waiting for their software-as-a-service and on-premises software to get emergency fixes and be restored, following the July 4 holiday weekend ransomware attack, which hit about 60 IT managed service provider customers and up to 1,500 of their collective managed service clients.
A bipartisan bill introduced by Sens. Gary Peters and Ron Johnson would create a standardized cybersecurity training program for federal employees who purchase technology services. This bill follows a wave of attacks over the last two months that have targeted U.S. critical infrastructure.
REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators. And the operators are constantly improving the malware, including porting it to Linux to target network-attached storage and hypervisors.
Cryptocurrency exchange Binance says it recently assisted police in tracking down individuals accused of laundering money for the Clop ransomware group. The exchange acknowledges that illicit money from cyberattacks circulating on virtual currency exchanges is a big security problem.
The FBI is requesting $40 million in additional funding for its fiscal 2022 budget to help combat and counter ransomware attacks and other cyberthreats. The bureau is also requesting $15 million to help strengthen its internal security infrastructure as well as address network vulnerabilities.
Two cybercrime ecosystem cornerstones today are high-end bulletproof hosting services and ransomware, says Mark Arena, CEO of Intel 471. He notes that ransomware-as-a-service operations don't function like gangs or the Mafia, but rather as individuals collaborating "based on a culture of mistrust."
The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including NATO's new cyber defense policy, the outlook for congressional regulatory action to address the ransomware threat, and cybersecurity comments by U.S. Rep. Jim Langevin.