Eset researchers discovered the first in-the-wild bootkit malware, BlackLotus, bypassing security and booting up on fully up-to-date Windows 11 systems. Researchers found the Unified Extensible Firmware Interface bootkit in 2022, being sold on hacking forums for $5,000.
Cyren plans to cease operations and pursue liquidation after the email security and threat detection vendor failed to sell assets or raise more capital. The company terminated the employment of all remaining workers, commenced a bankruptcy proceeding in Israel and told Nasdaq to delist the company.
Lehigh Valley Health Network, which operates 13 hospitals and numerous physician practices and clinics in eastern Pennsylvania, says it has been hit with an attack by Russian-based ransomware-as-a-service group BlackCat. The network says it didn't pay a ransom and operations were not disrupted.
Attackers targeting unpatched VMware ESXi hypervisors to hit virtual machines have reportedly modified their ESXiArgs ransomware to prevent victims from using decryption workarounds identified by researchers. The campaign has already amassed nearly 3,000 known victims and could have many more.
The LockBit group has gone from denying it had any involvement in the ransomware attack on Britain's Royal Mail to trying to bargain for a ransom. The ransomware group's site now lists Royal Mail as a victim and demands it pay a ransom or see stolen data get dumped.
The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
Many healthcare sector organizations would raise their security maturity levels if more CISOs and their teams approached security with business enablement as the objective, says Taylor Lehmann, director for the office of the CISO at Google Cloud.
Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess. Witness victims' continuing willingness to pay a ransom - separate to a decryptor - in return from a promise from extortionists that they will delete stolen data. As if.
According to Accenture Security's Cyber Threat Intelligence team, information stealer malware - malicious software designed to steal information, including passwords - became one of the most discussed malware types on the cybercriminal underground in 2022.
One of Europe's busiest ports is added to the list of LockBit ransomware victims. The hacking group targeted Portugal's Port of Lisbon on Christmas Day, giving the facility a deadline of Jan.18 to pay a ransom of $1.5 million in exchange for deletion of their data.
California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
State-backed Russian hacking groups are continuing to focus less on Ukrainian military targets and much more on civilian infrastructure, Ukrainian cybersecurity officials report. Since the start of the year, Ukraine's Computer Emergency Response Team has tracked more than 2,100 major hack attacks.
One of the primary healthcare systems in the northwestern Italian city of Alessandria has been listed as a recent victim of the Ragnar Locker ransomware group, which has leaked stolen data and appears to be continuing to try and extort the organization.
Hospitals must not only prepare in advance for ransomware and other debilitating attacks on their organizations, but also for responding to the effect of cyber incidents at neighboring facilities, says Dr. Christian Dameff of the University of California San Diego.
Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety. Success is measured by the number of partners and "who is using the platform," he says.