Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns. Pulse Secure says that although many organizations have installed the critical April 2019 patch, holdouts persist.
Sodinokibi/REvil appears to be making millions since it seized the ransomware-as-a-service mantle from GandCrab earlier this year. Security firm McAfee says up to 40 percent of every victim's ransom payment - average: $4,000 - gets remitted to the Sodinokibi actor, with "affiliates" keeping the rest.
A hacker group called Tortoiseshell has been hitting targets in the Middle East since at least July 2018, apparently targeting IT service providers to gain access to many potential targets at once. The campaign is fresh proof that criminals and nation-state attackers alike continue to favor supply chain attacks.
With technology-driven growth and innovation, protecting your environment becomes exponentially more challenging. A managed vulnerability assessment (MVA) partner adds tremendous value by helping you get in front of threats and closing the window of opportunity for attackers to exploit your security weaknesses. MVA...
With limited in-house resources, a growing cybersecurity skills gap, and the rapidly growing number and sophistication of threats, more IT teams are turning to Managed Detection and Response solutions to combat cyberthreats.
The Managed Detection and Response (MDR) Buyer's Guide helps IT leaders cut through the...
The Gartner 2019 Market Guide for Managed Detection and Response provides a comprehensive overview of the evolving MDR landscape. According to Gartner, "By 2024, 25% of organizations will be using MDR services, up from less than 5% today. By 2024, 40% of midsize enterprises will use MDR as their only managed security...
Popular business applications are increasingly delivered through the cloud using a software-as-a-service (SaaS) model, and cybersecurity applications are no exception. This is good news for small to midsize enterprises (SMEs) that don't have the budgets for in-house security technologies like a SIEM, and lack security...
Understanding the true costs of building and operating a security operations center has more to do with the capability you'd like to field than the people you need to hire to run it 24x7.
Download this eBook and learn:
The different levels of SOC capabilities;
How to determine which level is right for your...
Hiring and keeping good IT/security practitioners can be tough, so once you've got good talent you'll need to work to keep them.
Download this eBook and learn ways to keep your security analysts happy by:
Getting your security tools in order;
Building a feedback loop to stop false positives;
Setting a tone for...
The NIST Cybersecurity Framework was never intended to be something you could "do." It's supposed to be something you can "use."
Download this guide and learn how you can:
Figure out the "as is" state for your organization;
Identify areas you are doing well and areas you need to focus your efforts;
Positively...
CISOs shouldn't spend energy wrestling with products and massaging alerts. They should pick their tech and then spend their time making decisions and managing risks.
However, how can they be expected to do so when their MSSPs are operating in the black box?
Download this eBook and learn:
Why transparency...
This whitepaper takes a close look at what industry-leading Managed Detection and Response (MDR) capabilities are in detail, and establishes a standard by which you can measure your current security service provider and potential MDR vendors against.
DDoS extortion comes in many forms. Campaigns over the past three years have varied in their nature and continue to evolve over even the past few months. What lessons can be learned from the latest attacks?
Download this eBook on DDoS and extortion and learn about:
Characteristics of today's prevalent...
DDoS has undergone a serious change in attack strategy. In previous years it was used a means of gaining hacking credibility in the underground, taking out competitors or just disrupting business normality or the industry.
However, a recent string of attacks has not followed convention, and is forcing security...
Most organizations have embraced more than one software platform to automate their critical business processes. Platforms are becoming more flexible, allowing users to customize or configure their own applications. As your use cases grow, you may question whether you should leverage an existing platform for your next...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.