The U.S. and Israel have agreed a new joint cybersecurity program called BIRD Cyber to enhance the cyber resilience of both countries’ critical infrastructures. Grants of up to $1.5 million will be given to entities who jointly develop advanced cybersecurity applications under this program.
The Biden Executive Order was a catalyst for action, with tight delivery times for action, including promotion of SBOM and Zero Trust. The cyber-physical nexus and expanding threat surface mean it’s not easy to maintain vigilance, but recognizing that is the first step.
Ukrainian private energy firm DTEK group alleges that the Russian federation has carried out a cyberattack against its facilities, crippling its infrastructure in retaliation for its owners' support of the country in its war against Russian invaders.
The Twitter and YouTube accounts of the British Army were briefly taken over on Sunday evening by unidentified hacker(s) who posted content related to cryptocurrency and NFTs. The situation has now been resolved, but the U.K. Ministry of Defense says investigation is ongoing.
The Evilnum hacking group has updated its tactics, techniques and procedures, now uses MS Office Word documents and leverages document template injection to deliver malicious payloads to its victims' machines. First seen in 2018, the group mainly targets fintech firms in the U.K. and Europe.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
Ransomware-as-a-service gang LockBit has set up a bug bounty program for its malware and for exploitable vulnerabilities it could use to further criminal activities. Whether the program will go as planned is an open question. The gang is offering $1,000 to $1 million in remuneration.
Unlocking the data generated by ransomware attacks is helping organizations better understand the risks, adopt defensive technologies and prepare for future attacks, says Wade Baker, partner at Cyentia Institute. He discusses new data on how quickly organizations are remediating vulnerabilities.
To excel at cybersecurity incident response, start with planning, preparation and, ideally, regular tabletop exercises, say Kevin Li, CISO for MUFG Securities Americas, and Rocco Grillo, managing director of Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice.
Ransomware has changed the risk landscape for suppliers and is forcing companies to reconsider their risk relationships, says Kelly White, co-founder and CEO of RiskRecon. He discusses the correlation between cyber hygiene, ransomware and data loss.
The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.
Insurance claims being filed by ransomware victims are growing as criminals continue to hit businesses with crypto-locking malware. To avoid these claims, organizations can take a number of proven steps to better protect themselves, says Payal Chakravarty of Coalition.
A new Android malware that can steal financial data, credentials, crypto wallets, personal data and cookies; bypass multifactor authentication codes; and remotely control infected devices is targeting online banking customers and financial institutions, cybersecurity researchers at F5 Labs say.
The U.S. Department of Justice, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, has dismantled the infrastructure of a massive Russian botnet known as RSOCKS, which hacked millions of computers and other electronic devices around the world.
In his spare time, ransomware expert Allan Liska recently became a certified sommelier. Branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the deductive tasting process and threat intelligence.