Many ransomware gangs hell-bent on seeing a criminal payday have now added data exfiltration to their shakedown arsenal. Gangs' extortion play: Pay us, or we'll dump stolen data. One massive takeaway is that increasingly, ransomware outbreaks also are data breaches, thus triggering breach notification rules.
API attacks are on the rise, and Gartner predicts that APIs will be the top threat vector by 2022. Roey Eliyahu, CEO of Salt Security, discusses the trend and how to build a more effective API security strategy.
Ransomware-wielding attackers are typically breaking into victims' networks using remote desktop protocol access, phishing emails or malware that's sometimes used in drive-by attacks against browsers, experts warn, advising organizations to make sure they have the right defenses in place.
More ransomware-wielding gangs are not just crypto-locking victims' systems, but also stealing and threatening to leak data unless they get their demanded bitcoin ransom payoff. A growing number of security experts believe the strategy is leading more victims to pay.
Cyber Threat Intelligence (CTI) isn't the exclusive domain of specialized organizations anymore. Yet many CTI practitioners - the analysts, researchers and threathunters who collect and manage Open Source Intelligence (OSINT) gleaned from the open, deep and Dark Web - report a lack of training, tools and internal...
To facilitate investigations across the vast expanses of the open, deep, and dark web, Authentic8 engineers built a guide to 21 easily accessible Open Source Intelligence (OSINT) research tools. The report provides a brief overview of each tool, where and how to get it, a supporting visual, and use case.
Many attackers continue to camp out in networks for months, conducting reconnaissance and stealing sensitive data before unleashing ransomware. Experts say many recent efforts trace to gangs wielding the RobbinHood, Valet Loader, NetWalker, PonyFinal, Maze and Sodinokibi strains of crypto-locking malware.
Cybercrime groups and nation-state hacking gangs are continuing to exploit the COVID-19 pandemic to further their aims, U.K. and U.S. security agencies warn in a joint alert. While overall attack levels haven't increased, they say, "the frequency and severity of COVID-19-related cyberattacks" looks set to surge.
As the COVID-19 outbreak has intensified, so too has cybercrime, including ransomware, Interpol, the international crime-fighting agency, warns. Despite some gangs claiming to no longer be targeting healthcare organizations, experts have seen "no abatement, empathy or free decryptor" from any of them.
More bad ransomware news: Following in the footsteps of Maze, now even more cybercrime gangs are threatening to not only crypto-lock systems but also leak stolen data. Such moves come following a banner year for ransomware operators, who are continuing to bring more advanced tactics to bear.
Bots touch virtually every part of our digital lives; they populate our news feed, tell the weather, provide stock market updates, and control search rankings. We use bots to book travel, access online customer support - even turn on the lights in our own homes.
It's no wonder that bots also now account for over half...
As sophisticated malware continues to evade existing detection tools and
processes, security teams must adopt new technologies and use them to deploy
new detection, hunt, and response capabilities.
Security teams looking to improve
threat intelligence, hunting, analysis, and rapid response capabilities...
According to the VMware Carbon Black Threat Analysis Unit (TAU), retail organizations may see a noticeable spike in attempted cyberattacks during the holiday season. ""This guide is an introduction to the world of cybersecurity-it's history, language and resources-so you can further educate yourself on this rapidly...
Ekans, a recently discovered ransomware variant that's designed to target industrial control systems, appears to have some of the same characteristics found in Megacortex, malware that struck several high-profile targets in 2019, according to the security firm Dragos.
The intellectual property, including research results, of biotechnology companies and other medical organizations is increasingly a target for hackers, who sometimes dump data on hacker forums or public websites. That's why breach detection and prevention is even more critical.