The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
Essential reading for network defenders: CircleCI's report into its recent breach, which began when malware infected an engineer's laptop. After stealing "a valid, 2FA-backed" single sign-on session cookie, attackers stole customers' secrets and gained unauthorized access to third-party systems.
Cybereason has gone all-in on helping customers mitigate threats beyond the endpoint to minimize the impact of ongoing SOC staffing challenges, CEO Lior Div says. The company's focus on tracking and following malicious operations sets Cybereason's approach to XDR apart from rivals.
Darknet markets offering illegal drugs and fraudster tools and services are thriving, despite the constant threat of law enforcement infiltration, disruption, takedown and arrests. In response, multiple drug markets have launched customized Android apps to handle buying, selling and fulfillment.
Although small to medium enterprises - SMEs - do not have the security resources larger enterprise possess, they face the same risks. Here are five reasons you should consider consolidating your tech as you strive to find an effective, sustainable security stack that also keeps costs in check.
Staying one step ahead of both threat actors and competitors is a tall task for Palo Alto Networks given the breadth of its cybersecurity portfolio. Palo Alto Networks has committed to having best of breed features and functionality in each of the technology categories where it chooses to play.
As the world looks into adapting 5G and studying 6G, satellite IoT is opening a new front for connectivity. There will be a demand for more LEO-based satellites for low-power communication, and these satellites will require completely new kinds of security, says Krishnamurthy Rajesh of GreyOrange.
Apple is advancing plans to allow Europeans to access third-party app stores via their iPhone and iPad, as will soon be required under European law. What this means in practice for its vaunted walled garden security model, and whether most users will bother, remains unclear.
Black Hat Europe returns to London, offering deep dives into the latest cybersecurity research and trends, including how to build an open, transparent, but also secure internet; harvesting zero-day flaws before attackers; what we can learn from "metaparasitical" scammers who scam scammers; and more.
Data breaches are tricky to cover, and we want to report on them in an ethical way. That requires picking what should be reported for informed public discourse but avoiding topics that may encourage attackers' efforts to shame victims into paying a ransom and anything resembling data dump voyeurism.
The stark consequences of ransomware became painfully clear in Australia this week as attackers began releasing data from health insurer Medibank, one of the country's largest health insurers. Also, leaked chat logs reveal how the attackers accessed Medibank's systems.
Who is attempting to extort Australian health insurer Medibank? Why did Medibank tell its attackers it wouldn't pay a ransom? Will this deter future cyber extortionists? Here are a few thoughts on the high cybercrime drama playing out.
If remote access to corporate networks is only as secure as the weakest link, only some dreadfully weak passwords now stand between hackers and many organizations' most sensitive data, according to new research from Rapid7 into the two most widely used remote access protocols - SSH and RDP.
Should the now-former CSO of Uber have reported a security incident to authorities after discovering signs of unusual behavior? That's one of the big questions now being asked in the closely watched trial of Joe Sullivan, who's been charged with covering up a data breach and paying off hackers.