What is the life cycle of a ransomware attack, and how can organizations better detect and block them? Peter Mackenzie of Sophos, says that while many victims assume attackers first struck when systems got crypto-locked, the intruders had actually been in the network for "days or weeks."
The security firm Proofpoint says a cybercrime group that it calls "TA543" is deploying a new variant of a malware loader to target victims as part of a phishing campaign.
Security specialists are offering preliminary feedback on Microsoft's sneak peek at the new security measures to be included in the Windows 11 operating system, which is slated for release in December.
The U.S. Secret Service has published a Most Wanted Fugitives list featuring 10 suspects wanted in connection with financial cybercrimes The agency is offering rewards of up to $1 million for information on two Ukrainian suspects who allegedly targeted the SEC in 2016.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including open-source software vulnerabilities, and provides insights on updating SOCs and communicating effectively with the board.
The FBI is requesting $40 million in additional funding for its fiscal 2022 budget to help combat and counter ransomware attacks and other cyberthreats. The bureau is also requesting $15 million to help strengthen its internal security infrastructure as well as address network vulnerabilities.
Wolfe Eye Clinic, which operates diagnostic and surgical centers in 40 Iowa communities, is notifying 500,000 current and former patients that their data may have been inappropriately accessed during a recent ransomware attack. But the organization refused to pay a ransom.
Two cybercrime ecosystem cornerstones today are high-end bulletproof hosting services and ransomware, says Mark Arena, CEO of Intel 471. He notes that ransomware-as-a-service operations don't function like gangs or the Mafia, but rather as individuals collaborating "based on a culture of mistrust."
Advanced persistent threat actors will continue to "up their game," including taking advantage of the COVID-19 pandemic even as its impact diminishes, says Kelvin Coleman, executive director of the National Cyber Security Alliance.
The U.S. has seized the domains of 36 websites linked with Iran and Iraq for allegedly publishing disinformation and running malicious influencing campaigns targeting Americans. Those running the sites violated sanctions by not obtaining a license to buy domain names from U.S. companies.
The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.
How do criminal affiliates of ransomware-as-a-service operations think? Craig Williams and Matt Olney of Cisco Talos describe insights shared - accidentally and otherwise - by "Aleks," a Russian affiliate of the LockBit ransomware-as-a-service operation.
CISA is moving its Einstein intrusion detection system deeper into federal networks in an effort to better detect supply chain attacks after its failure to detect the espionage campaign that targeted SolarWinds and its customers, including federal agencies.
Republican and Democratic lawmakers have recently introduced several cybersecurity-related bills seeking to address issues ranging from imposing tougher penalties for cybercriminals to improving protection of school districts.
Fraudsters falsely claiming to be the now-shuttered DarkSide ransomware gang are targeting organizations in the food and energy sectors by sending hoax emails that attempt to extort ransoms from victims, the security firm Trend Micro reports. None of the victims has detected a data compromise so far.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.