SecureList

NOVEMBER 23, 2021

Further evolution of cyberthreats as a response to infosec tools and measures. Extortion and ransomwaring of those able and willing to pay up. In 2021, for instance, we have seen many industries brought to a standstill and tens of millions of dollars paid out to ransomwarers. Building on the success of 2021. But not all.

Spyware 138

Spyware Phishing Cybercrime Energy and Utilities 138

The State of Security

APRIL 4, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of March 28, 2022. I’ve also included some comments on these stories.

InfoSec 89

InfoSec Cybersecurity Data breaches Ransomware 89

The State of Security

APRIL 11, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 4, 2022. Borat RAT, a new RAT that performs ransomware […]… Read More.

InfoSec 75

InfoSec Cybersecurity Ransomware 75

The State of Security

MAY 2, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 25, 2022. I’ve also included some comments on these stories.

InfoSec 86

InfoSec Cybersecurity VPN Ransomware 86

SecureWorld News

MARCH 3, 2023

The City of Oakland recently experienced a ransomware attack that disrupted services and caused the city to declare a state of emergency, displaying the real-world consequences that cyberattacks can have. The hackers behind Play Ransomware claim to have access to a "master key" that can decrypt all files affected by their malware.

Ransomware 98

Ransomware Encryption InfoSec Manufacturing 98

Krebs on Security

JUNE 15, 2023

CISA’s mandate follows a slew of recent attacks wherein attackers exploited zero-day flaws in popular networking products to conduct ransomware and cyber espionage attacks on victim organizations.

Risk 279

Risk VPN Internet Internet 279

Security Boulevard

MAY 21, 2022

Our sincere thanks to BSides Prishtina for publishing their Presenter’s BSides Prishtina 2022 Information Security Conference videos on the organization’s’ YouTube channel.

Ransomware 75

Ransomware Information Security Education InfoSec 75

SecureWorld News

JANUARY 4, 2023

In a surprising turn of events, the ransomware gang responsible for targeting Toronto's SickKids Hospital has apologized for the attack and offered a free decryptor to the hospital. It was then two days after this statement that LockBit decided to reverse course on the ransomware attack. December 31, 2022. Healthcare ].

Ransomware 98

Ransomware Healthcare InfoSec Cybercrime 98

Security Affairs

JANUARY 7, 2023

The Hive ransomware gang just leaked 550 GB of data stolen from the Consulate Health Care, including customer and employee PII data. The Hive ransomware gang this week added the company to its Tor leak site, threatening to publish the stolen data. Negotiations fell apart and 3 days quickly turned into 3 hours. Pierluigi Paganini.

Ransomware 98

Ransomware Insurance Data breaches InfoSec 98

McAfee

OCTOBER 31, 2021

McAfee Enterprise and FireEye recently released its 2022 Threat Predictions. In this blog, we take a deeper dive into the continuingly aggressive role Nation States will play in 2022. The post Nation States Will Weaponize Social and Recruit Bad Guys with Benefits in 2022 appeared first on McAfee Blogs. By Raj Samani.

Cybercrime 115

Cybercrime Government Malware Backups 115

Malwarebytes

FEBRUARY 14, 2022

The San Francisco 49ers has confirmed that it has been hit by a ransomware attack. The BlackByte ransomware gang has already claimed responsibility for the attack by leaking a small number of files it claims to have been stolen. On the eve of the #SuperBowl the #49ers get posted as a #Blackbyte #ransomware victim.

Ransomware 98

Ransomware Backups Encryption InfoSec 98

Security Affairs

MAY 29, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. If you want to also receive for free the newsletter with the international press subscribe here.

InfoSec 137

InfoSec Spyware DDOS Firewall 137

Digital Guardian

JUNE 4, 2021

A behind the scenes look at ransomware, advances in quantum computing, and potential cybersecurity funding in 2022 - catch up on all of the week's infosec news with the Friday Five!

InfoSec 82

InfoSec Ransomware Cybersecurity 82

Security Affairs

OCTOBER 9, 2022

Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. In March 2022, the Everest ransomware operators published a notice announcing the sale of “South Africa Electricity company’s root access” for $125,000. Is having some server issues.

Energy and Utilities 102

Energy and Utilities Ransomware InfoSec Hacking 102

Security Boulevard

FEBRUARY 14, 2025

And get the latest on ransomware trends and on cybercrime legislation and prevention! Cybersecurity News) How to mitigate buffer overflow vulnerabilities (Infosec Institute) How to prevent buffer overflow attacks (TechTarget) VIDEOS What is a Buffer Overflow Attack? Dive into six things that are top of mind for the week ending Feb.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Malwarebytes

DECEMBER 11, 2022

There’s been a lot of weird and frankly bizarre attacks over the course of 2022, nestled in amongst the usual ransomware outbreaks and data breaches. To be more precise, 2010, 2016, and now 2022 with a whole new astronaut to recover. So yes, it’s weird…but it’s just a one off. See you in 2026?

Scams 92

Scams Social Engineering Engineering Accountability 92

SecureWorld News

AUGUST 22, 2022

This started me down the InfoSec path and I found that I liked specializing in a challenging area. A : Stopping multiple ransomware attacks and recovering within 2-3 hours. Q : What is an industry-wide change you would like to see happen in 2022? A : Talking about topics other than ransomware and phishing.

Cybersecurity 98

Cybersecurity InfoSec Retail Manufacturing 98

Security Affairs

MARCH 21, 2022

On Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM. SOSIntel @LawrenceAbrams pic.twitter.com/X5FmgajJcz — Tom Malka (@ZeroLogon) March 20, 2022.

Hacking 98

Hacking InfoSec Telecommunications Cybercrime 98

Security Boulevard

APRIL 11, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 4, 2022. Borat RAT, a new RAT that performs ransomware […]… Read More.

InfoSec 52

InfoSec Cybersecurity Ransomware 52

Security Boulevard

JULY 7, 2022

Thu, 07/07/2022 - 15:26. Many InfoSec teams don’t have the visibility into what their software development teams are doing. However, InfoSec teams need to understand that significant risks exist around poor code signing hygiene. In years past, InfoSec may have been the central keeper of code signing. brooke.crothers.

Risk 98

Risk InfoSec Software Digital transformation 98

CyberSecurity Insiders

FEBRUARY 26, 2022

Nearly 80 percent of infosec personnel who responded to the survey said that XDR should be a top security priority for their organization. In support of this viewpoint, 68 percent of survey participants also said that their organizations were planning to implement XDR in 2022. XDR Addresses the Security Skills Shortage.

Data breaches 116

Data breaches InfoSec Threat Detection Ransomware 116

Security Affairs

AUGUST 22, 2022

LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. The Lockbit ransomware gang claimed to have hacked the company and is threatening to leak the stolen files. Curiously, the LockBit ransomware’s Tor leak sites were unreacheable due to a DDoS attack. Entrust Corp.

DDOS 98

DDOS Hacking InfoSec Ransomware 98

Security Boulevard

DECEMBER 6, 2023

Taking a Proactive Approach to Mitigating Ransomware Part 1: You Can’t Neglect the Application Layer ltabo Wed, 12/06/2023 - 18:42 Ransomware continues to dominate cybersecurity news. Recovery costs for ransomware attacks have also continued to increase year-over-year, up 30% from 2022 to 2023.

Ransomware 64

Ransomware Digital transformation InfoSec Risk 64

SecureWorld News

DECEMBER 13, 2021

Marcus Hutchins, who stopped the global WannaCry ransomware attack, tweeted details about how widespread this vulnerability is, and how simple it is to take advantage of it: Other cybersecurity professionals warned the community about what they were seeing threat actors do: #log4j jokes and memes: tweets as infosec therapy.

InfoSec 98

InfoSec Cyber Risk Cybersecurity Risk 98

Herjavec Group

MARCH 7, 2022

Welcome to 2022! Ransomware was more pervasive and more disastrous than ever before. CISOs and infosec professionals are finally getting a seat at the table at an executive and board level. As the new security solutions powerhouse, we are perfectly positioned to take on the cyber challenges of 2022 and beyond.

InfoSec 98

InfoSec Digital transformation Cybersecurity Cyber Attacks 98

SecureWorld News

DECEMBER 29, 2022

Here's a compilation of a dozen solid trend pieces looking back at the year that was 2022 and the year ahead in 2023. Top 10 Challenges Facing CISOs in 2023 – "While 2022 was certainly no walk in the park, strong cybersecurity investments and institutional support suggest a light at the end of the tunnel.

Cybersecurity 97

Cybersecurity CISO Artificial Intelligence Cyber Insurance 97

SecureWorld News

MARCH 17, 2022

While cyberattacks have shifted over the last decade, email is still the primary attack vendor even in 2022. For example, don't underestimate for a second how valuable targeting data and how much targeting data that the ransomware actors obtain when they hack into one of their victims and steal all their internal data.

InfoSec 97

InfoSec Social Engineering Phishing Cybercrime 97

Security Boulevard

MAY 15, 2022

Watch the LogicHub Monthly Security RoundUp - May 2022. CVE-2022-27588 Once again, very little on this vulnerability besides its critical score. This section contains some interesting reading related to the state of infosec today. Watch the LogicHub Security RoundUp: May 2022 Edition video. More information.

Social Engineering 52

Social Engineering Ransomware Internet Internet 52

Security Boulevard

JUNE 14, 2022

Tue, 06/14/2022 - 16:02. Finally, regarding the biggest cybersecurity threats that their organizations face, 50% said ransomware, while 40 percent said cloud security and 35% said remote work. SolarWinds: Should Security Live in InfoSec or DevOps? brooke.crothers. Ask the Experts]. Shelley Boose. UTM Medium. UTM Source.

Cybersecurity 98

Cybersecurity InfoSec Risk Encryption 98

Security Boulevard

JUNE 8, 2022

Ransomware Trends Show Lockbit Most Active, New Tactics, Healthcare Hit Hard. Wed, 06/08/2022 - 16:03. LockBit replaced Conti as the most active ransomware gang and continued to evolve its operations in the first quarter, according to a report (PDF) from KELA Cybercrime Intelligence. brooke.crothers. New tactics.

Healthcare 52

Healthcare Ransomware Encryption Cybercrime 52

Security Boulevard

NOVEMBER 8, 2022

Can Code Signing Macros Help Your Company Thwart Ransomware Attacks? Tue, 11/08/2022 - 16:20. This impact was amplified when the company decided to take down all the virtual servers infected by the ransomware and restore them from previous backups rather than comply with the attacker’s demands of a multimillion-dollar payoff.

Ransomware 52

Ransomware InfoSec Backups Architecture 52

Threatpost

FEBRUARY 24, 2022

Sonya Duffin, ransomware and data-protection expert at Veritas Technologies, shares three steps organizations can take today to reduce cyberattack fallout.

Cybersecurity 64

Cybersecurity Technology Ransomware InfoSec 64

Threatpost

FEBRUARY 9, 2022

Sonya Duffin, ransomware and data-protection expert at Veritas Technologies, shares three steps organizations can take today to reduce cyberattack fallout.

Cybersecurity 65

Cybersecurity Technology Ransomware InfoSec 65

SecureWorld News

OCTOBER 19, 2023

recorded in October 2022, yet it is still painfully elevated. Economic effects, including inflationary pressures, have had a broad impact across the InfoSec landscape," Smeaton said. Reanna Schultz is a cybersecurity professional and frequent SecureWorld speaker whose day job is as Team Leader of InfoSec at Garmin. and Europe.

Cybersecurity 104

Cybersecurity CISO Phishing Education 104

Security Boulevard

JULY 25, 2022

Mon, 07/25/2022 - 16:03. InfoSec teams are charged with securing the company’s information and data, including code signing credentials. One reason for this is that code signing is frequently performed and managed by developers, not InfoSec teams. Lack of InfoSec visibility into code signing activities. brooke.crothers.

InfoSec 52

InfoSec Internet Internet Government 52

Digital Shadows

OCTOBER 23, 2024

This English-speaking collective previously served as an affiliate for ransomware group “ALPHV” and now partners with “RansomHub.” We attributed the incident with high confidence to “Scattered Spider,” an English-speaking collective acting as an affiliate for the ransomware group “RansomHub.”

Social Engineering 122

Social Engineering Engineering Accountability Backups 122

Security Boulevard

MARCH 1, 2023

EclecticIQ analysts observed 20 emails using CAB files to deliver Agent Tesla, targeting the maritime industry or related entities from 21 October 2020 until 2 May 2022. The last email distributing Formbook was observed on 21 December 2022. User execution was required to launch and install the executable. hyshippingcn[.]com bafaqroup[.]com

Phishing 75

Phishing Social Engineering Ransomware InfoSec 75