The "weaponization of data" in cyberattacks - where cybercriminals not only deploy ransomware but threaten to release stolen data on the internet - has quickly become one of the biggest threats facing many healthcare sector entities, says Adam Meyers of CrowdStrike.
On this week's "Sound Off," attorney Lisa Sotto demonstrates how Colonial Pipeline did "a lot right" in its response to the DarkSide ransomware attack that led the firm to shut down operations for nearly a week last May. She shares best practices for enterprises to improve incident response plans.
The Conti ransomware group has a new trick up its sleeve: hiring "multiple elite developers and managers" to essentially acquire the venerable TrickBot malware operation, which it has been using for the past year to better distribute its ransomware, says threat intelligence firm Advanced Intelligence.
In 2019, 23 cities across Texas were struck by one of the largest ransomware attacks ever in the U.S. The attack, which involved the REvil ransomware, started with a compromised managed service provider. While the cities recovered quickly, the MSP sustained irreparable damage.
A Seattle, Washington-based community health center operator is facing a class action lawsuit in the aftermath of a data exfiltration incident reported last year as affecting more than 650,000 individuals. The breach also involved data allegedly found posted for sale on the Marketo data leak site.
On Feb. 13, Adobe patched a critical vulnerability that affected its Commerce and Magento platforms, which customers use to manage their businesses' e-commerce. But a proof-of-concept exploit for the latest patch has resulted in yet another out-of-band patch update from Adobe for CVE-2022-24087.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
The Department of Justice has named Eun Young Choi as its first National Cryptocurrency Enforcement Team's director, and the FBI formed the Virtual Asset Exploitation Unit to assist with blockchain analysis for theft and extortion crimes that have connections to crypto.
Cisco's Email Security Appliance is affected by a high-rated vulnerability that can allow an unauthenticated remote attacker to launch a denial-of-service attack, the company says. The company and CISA advise that affected software be updated at the earliest.
Botnet attacks have affected multiple organizations recently, resulting in web scraping as well as theft of financial information. They include a massive bot attack to scrape data from a job listing site and a TrickBot malware attack targeting 60 high-profile companies.
Are data breaches getting worse? So far for 2021, the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased both in the U.S. and globally.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
The latest edition of the ISMG Security Report features an analysis of takedowns of multiple Russian-language cybercrime markets and communities by Russian authorities. It also describes the role of cryptocurrencies in the banking sector and how the identity market will evolve in 2022.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
GiveSendGo, a Christian crowdfunding website that had become the go-to platform for donors supporting the Canadian "Freedom Convoy" protests, went offline on Monday following a reported cyberattack in which donor information was allegedly leaked.