The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.
Federal regulators are alerting healthcare and public health sector entities of the "elevated threat" for potential ransomware attacks by BlackMatter, despite the gang's purported claims that it is not targeting "critical infrastructure" organizations, such as hospitals.
A bipartisan group of lawmakers wants to better insulate the director of CISA from political pressure by giving the role a defined five-year term that could keep the agency's leader in place even when presidential administrations change. Currently, the position of CISA director lacks a set term.
Olympus, a Japanese company that manufactures optics and reprography products, reports that a portion of its IT system in the EMEA region was affected by a "potential cybersecurity incident." While Olympus has not identified an attacker, some reports suggest it is the BlackMatter ransomware gang.
Ransomware continues to pummel every type of business, government agency and more. Given the massive profit-making potential ransomware still offers, aided by many organizations being under-defended, these criminals have continued to refine their technology, as well as extortion tactics, to hit more victims as quickly...
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.
The latest edition of the ISMG Security Report features an analysis of the most sought-after type of victim for ransomware-wielding attackers. Also featured: fighting extortion schemes and stress management tips.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Despite a recent slowdown in incidents and some cybercriminals claiming they have stopped or abandoned ransomware attacks, National Cyber Director Chris Inglis says it's "too soon to tell," if the behavior of these groups has changed permanently or if they are waiting for an opportunity to return.
On Aug. 25, President Joe Biden invited about 25 technology, insurance, finance and education executives to the White House to discuss pressing cybersecurity issues such as supply chain and critical infrastructure. One of those participants was Resilience CEO Vishaal Hariprasad.
Howard University canceled classes Tuesday in the wake of a ransomware attack it first detected on Friday, the university has announced. There is no evidence the attackers accessed or exfiltrated personal information, the school says.
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
Ireland's cybercrime police, the Garda National Cyber Crime Bureau, have conducted a "significant disruption operation" targeting the IT infrastructure of a cybercrime group, seizing multiple domains used in a May ransomware attack that disrupted Ireland’s national health services provider.
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.