A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant.
Despite the takedown of the Trickbot botnet by Microsoft and others Monday, the malware is still functioning, and its operators retain the tools needed to rebuild their malicious network, some cybsersecurity experts say. So the impact, while significant, could prove to be temporary.
Microsoft collaborated with cybersecurity companies and government agencies to take down the million-device Trickbot botnet in an effort to help protect the Nov. 3 U.S. election and stop the global spread of ransomware and other malware.
In an exclusive interview, Roger Severino, director of the HHS Office for Civil Rights, which enforces HIPAA, spells out critical steps healthcare organizations must take to safeguard patient information and ensure patient safety in light of the surge in ransomware and other hacking incidents.
Among the most malicious and potentially dangerous cyber incidents affecting the healthcare, energy and other sectors are evolving "distruptionware" attacks - including ransomware - that aim to shut down businesses, says retired FBI agent Jason G. Weiss.
A Treasury Department advisory offers a reminder that financial institutions, cyber insurance firms and others that facilitate a ransom payment after a ransomware attack could face federal penalties. But the warning isn't necessarily a sign of a looming enforcement effort, some cybersecurity experts say.
Blackbaud, a provider of cloud-based marketing, fundraising and customer relationship management software, now acknowledges that a ransomware attack in May could have exposed much more PII - including banking details - than the company initially believed, according to an SEC filing.
Since March, the operators behind ProLocker ransomware have focused on targeting large enterprise networks with ransomware demands sometimes exceeding $1 million, the security firm Group-IB reports. The gang has recently started to use the Qbot banking Trojan.
With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one. That's because ransomware-wielding gangs continue to find innovative new ways to extort cryptocurrency from crypto-locking malware victims.
Ransomware continues to pose a "significant" threat, and email remains one of the top attack vectors being used by both criminals and nation-states, Australia's Cyber Security Center warns in its latest "Cyber Threat Report," which urges organizations to improve their defenses.
Two recent hacking incidents that each affected more than 100,000 individuals illustrate the variety of cyberthreats healthcare organizations face during these chaotic times. Security experts offer risk mitigation insights.
Cybersecurity professionals expect a spike in ransomware attacks against school districts and universities this fall as new hybrid learning environments go online and unpatched equipment that has spent months in the homes of students and faculty is reconnected to school networks.
Ransomware gangs are increasingly not just claiming that they'll leak data if victims don't pay, but following through. On average, about a quarter of all successful ransomware attacks feature a gang claiming to have first stolen data. But in recent months, the number of gangs actually doing so has surged.
Ransomware-wielding gangs continue to rack up new victims and post record proceeds. That's driving new players of all sizes and experience to try their hand at the crypto-locking malware and data-exfiltration racket.