Australian shipping giant Toll Group recently suffered its second ransomware outbreak of the year, with Thomas Knudsen, the company's managing director, branding the latest attack as being "serious and regrettable." But was it preventable?
The operators of the REvil ransomware strain are attempting to ratchet up pressure on a New York law firm to pay a $42 million ransom, threatening to release more data on the firm's roster of celebrity clients. So far, the REvil gang has released about 2 GB of legal information related to Lady Gaga.
More ransomware-wielding gangs are not just crypto-locking victims' systems, but also stealing and threatening to leak data unless they get their demanded bitcoin ransom payoff. A growing number of security experts believe the strategy is leading more victims to pay.
If an organization fails to stop a ransomware attack, how does it recover the data? Backups, of course, are essential. But Peter Marelas of Dell Technologies says organizations should have a well-developed strategy for backups because attackers are increasingly targeting those systems as well.
DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
The latest edition of the ISMG Security Report discusses securing RDP to prevent ransomware attacks. Also featured: A look at three likely scenarios for the COVID19 pandemic, and an analysis of why we're still using PINs for certain card payments.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Magellan Health, a U.S. managed care company that focuses on specialty areas of healthcare, says it was hit by a ransomware attack that involved the exfiltration of data. Ransomware gangs are increasingly going beyond encrypting data, stealing information to put more pressure on victims to pay ransoms.
Australian shipping giant Toll Group has vowed to again not pay a ransom after suffering its second ransomware attack of the year. In the latest incident, however, the company warns that attackers also stole corporate data - and it may get leaked.
After suffering a ransomware attack last October that left several systems inaccessible, mailing equipment manufacturer Pitney Bowes reports that it recently blocked another ransomware attack before any data was encrypted and says there's "no evidence of further unauthorized access to our IT systems."
Cognizant estimates that the April ransomware attack that affected its internal network will cost the IT services firm between $50 and $70 million, according to the company's latest financial report. The company has said that the Maze ransomware gang was behind the attack.
Security and risk experts from Forrester and Neustar advise on what you need to know about today's cyberthreats, including website vulnerabilities, APIs, third-party party scripts, nefarious bots and DDoS attacks.
Done right, a zero trust architecture can reduce the complexity of one's environment while also improving cybersecurity protection and efficiency. Bob Reny of ForeScout focuses on three critical considerations: visibility, compliance and control.