Owners of Western Digital My Book Live devices have seen their data remotely wiped by attackers targeting a flaw first detailed in 2019. But WD stopped supporting these devices in 2015, which is a reminder that the best way to secure some types of internet of things devices may be to discard them.
The Russian-linked cyberespionage group behind the supply chain attack against SolarWinds targeted Microsoft's customer support system as part of a new campaign, the company disclosed in a report. The group, called Nobelium, has been linked to recent attacks against a marketing firm used by USAID.
What is the life cycle of a ransomware attack, and how can organizations better detect and block them? Peter Mackenzie of Sophos, says that while many victims assume attackers first struck when systems got crypto-locked, the intruders had actually been in the network for "days or weeks."
Security specialists are offering preliminary feedback on Microsoft's sneak peek at the new security measures to be included in the Windows 11 operating system, which is slated for release in December.
The U.S. Secret Service has published a Most Wanted Fugitives list featuring 10 suspects wanted in connection with financial cybercrimes The agency is offering rewards of up to $1 million for information on two Ukrainian suspects who allegedly targeted the SEC in 2016.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including open-source software vulnerabilities, and provides insights on updating SOCs and communicating effectively with the board.
The FBI is requesting $40 million in additional funding for its fiscal 2022 budget to help combat and counter ransomware attacks and other cyberthreats. The bureau is also requesting $15 million to help strengthen its internal security infrastructure as well as address network vulnerabilities.
Wolfe Eye Clinic, which operates diagnostic and surgical centers in 40 Iowa communities, is notifying 500,000 current and former patients that their data may have been inappropriately accessed during a recent ransomware attack. But the organization refused to pay a ransom.
Two cybercrime ecosystem cornerstones today are high-end bulletproof hosting services and ransomware, says Mark Arena, CEO of Intel 471. He notes that ransomware-as-a-service operations don't function like gangs or the Mafia, but rather as individuals collaborating "based on a culture of mistrust."
Advanced persistent threat actors will continue to "up their game," including taking advantage of the COVID-19 pandemic even as its impact diminishes, says Kelvin Coleman, executive director of the National Cyber Security Alliance.
The U.S. has seized the domains of 36 websites linked with Iran and Iraq for allegedly publishing disinformation and running malicious influencing campaigns targeting Americans. Those running the sites violated sanctions by not obtaining a license to buy domain names from U.S. companies.
The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.
How do criminal affiliates of ransomware-as-a-service operations think? Craig Williams and Matt Olney of Cisco Talos describe insights shared - accidentally and otherwise - by "Aleks," a Russian affiliate of the LockBit ransomware-as-a-service operation.
CISA is moving its Einstein intrusion detection system deeper into federal networks in an effort to better detect supply chain attacks after its failure to detect the espionage campaign that targeted SolarWinds and its customers, including federal agencies.