Krebs on Security
NOVEMBER 8, 2021
The U.S. Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 million in cryptocurrency sent to another REvil affiliate, and that the U.S.
The Last Watchdog
NOVEMBER 8, 2021
There’s no doubt, the increasing use of telemedicine, the explosion of health-based cloud apps, and innovative medical IoT devices are improving the patient care experience. Related: Hackers relentlessly target healthcare providers. However, healthcare data ranks at the top of the list for needing improvements in security and privacy protections. This data is managed by different entities, such as primary care facilities, acute care facilities and within associated applications that collect, sto
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
NOVEMBER 8, 2021
We’ve now had an (unsuccessful) assassination attempt by explosive-laden drones.
Tech Republic Security
NOVEMBER 8, 2021
Europol announced new arrests during its "Operation GoldDust." The suspects may have been heavily involved in the Sodinokibi/REvil and GandCrab ransomware activities.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
NOVEMBER 8, 2021
Stock trading platform Robinhood has disclosed a data breach after their systems were hacked and a threat actor gained access to the personal information of approximately 7 million customers. [.].
Javvad Malik
NOVEMBER 8, 2021
I tried to be a bit click-baity with my headline by saying all security products are good. But I think I failed in making it very enticing. That’s typically a problem with click bait, if you don’t go big, you don’t really generate a ton of interest. And if you go too big, then you end up looking crazier than the naruto runner outside Area 51.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
We Live Security
NOVEMBER 8, 2021
Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free. The post Passwordless authentication: Is your company ready to move beyond passwords? appeared first on WeLiveSecurity.
Bleeping Computer
NOVEMBER 8, 2021
Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates, allegedly responsible for infecting thousands of victims. [.].
Security Boulevard
NOVEMBER 8, 2021
The word “hijacking” inspires a host of emotions, few of which are favorable. When associated with airlines, in particular, the word can elicit feelings ranging from concern to outright terror. For infosec professionals, that same spectrum of reactions may come into play when detecting a hijack on your domain name system (DNS). By the time. The post DNS Hijacking: What You Need to Know appeared first on Security Boulevard.
CSO Magazine
NOVEMBER 8, 2021
Mobility and remote work have transformed the modern business landscape, as well as the security risks organizations, users and devices are facing today. Threat actors are hard at work creating new threats and attack techniques designed to overwhelm and evade traditional protections to infect corporate machines. Less conventional, perimeter-based defenses and increasingly sophisticated endpoint attacks mean company devices have never been more vulnerable or valuable to cybercriminals than they a
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Boulevard
NOVEMBER 8, 2021
The FBI issued a warning focused on the threat from ransomware actors likely to use significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections. The advisory noted that between March and July 2020, at least three publicly traded U.S. companies actively involved in mergers and acquisitions were.
CyberSecurity Insiders
NOVEMBER 8, 2021
From the past two months, few of the populace living in Texas and surrounding areas are receiving a phone call from the United States Immigration and Customs Enforcement Homeland Security Investigations (HSI) Department that their passport was caught in a scam and so they need to pay a stipulated amount as a fee to delete their passport details from the criminal database.
The Hacker News
NOVEMBER 8, 2021
Romanian law enforcement authorities have announced the arrest of two individuals for their roles as affiliates of the REvil ransomware family, dealing a severe blow to one of the most prolific cybercrime gangs in history. The suspects are believed to have orchestrated more than 5,000 ransomware attacks and extorted close to $600,000 from victims, according to Europol.
CSO Magazine
NOVEMBER 8, 2021
Cybersecurity would be a lot easier if you had a magic crystal ball that could see what attackers were going to do in the future and the approaches they might take. Obviously, that's not going to happen, but we do know some basics of cybersecurity aren't going to go away either. To compete in today's ever-changing digital marketplace, you need to be flexible.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Security Affairs
NOVEMBER 8, 2021
The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP platform in July. The US Department of Justice has charged a REvil ransomware affiliate for orchestrating the ransomware attacks on Kaseya MSP platform that took place in July 4. The suspect is 22-year old Ukrainian national Yaroslav Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22), who was arrested for cybercriminal activity on October 8
Dark Reading
NOVEMBER 8, 2021
These scripts and commands provide short-term fixes for blocking the Trojan Source attack that abuses Unicode to inject malicious backdoors in source code.
Security Affairs
NOVEMBER 8, 2021
Operation Cyclone – Six alleged affiliates with the Clop ransomware operation were arrested in an international joint law enforcement operation led by Interpol. Interpol announced the arrest of six alleged affiliates with the Clop ransomware operation as part of an international joint law enforcement operation codenamed Operation Cyclone. Law enforcement authorities from South Korea, Ukraine, and the United States, joint their efforts in a 30-month investigation that was coordinated by Int
CyberSecurity Insiders
NOVEMBER 8, 2021
Earlier this year, several (ISC)² members reached out to us regarding the candidate background qualifications that we ask all individuals as part of their endorsement process after passing an (ISC)² exam. The question on our eligibility review asked candidates: “Have you ever been involved, or publicly identified, with criminal hackers or hacking?”.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
CSO Magazine
NOVEMBER 8, 2021
Cyber criminals, always a clever lot, have found a new way to evade detection when deploying malware. It’s known as “intermittent encryption” and researchers from Sophos recently discovered Lockfile encrypts alternate bundles of 16 bytes in a document to stay hidden. This novel approach helps the ransomware to avoid triggering a red flag because the new encryption method looks statistically very similar to the unencrypted original.
CyberSecurity Insiders
NOVEMBER 8, 2021
TikTok, that was developed by Chinese firm ByteDance has topped the list of most popular and downloaded apps worldwide in this year with over 57 million installs. And Douyin, a successor to the above stated Chinese short video app is also tagged as a global hit, as it has found a second place in the list with over 55.8 million downloads, followed by Instagram, a non-gaming app that has been downloaded over 54 million times between October 2020- September 2021.
CSO Magazine
NOVEMBER 8, 2021
It didn’t take long for the White House’s ransomware initiative to be fruitful , as evidenced by the successful international law enforcement efforts targeting members of the Sodinokibi/REvil criminal enterprise. The Department of Justice (DoJ) unsealed two grand jury indictments on November 8, 2021, on individuals associated with the group – Yaroslave Vasinskyi and Yevgeniy Polyanin – both with Sodinokibi/REvil ransomware.
Security Affairs
NOVEMBER 8, 2021
Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Electronics retail giant MediaMarkt was a victim of a ransomware attack that forced the company to shut down its IT infrastructure to contain the threat and disrupted store operations in the Netherlands and Germany. Media Markt is a German multinational chain of stores selling consumer electronics with over 1000 stores in Europe.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
CSO Magazine
NOVEMBER 8, 2021
The metaverse. It’s kind of a big deal. It’s even hit the point where major news outlets are writing about it. But what is it? And why should a CSO care about it? The metaverse is essentially the next iteration of the internet. And while the mainstream press might say that no one knows what it will look like, that’s only partially true. There are plenty of people who know what pieces of it will look like, because they’re building them now.
Webroot
NOVEMBER 8, 2021
Discover how cybercriminals find their targets on the dark web: For the average internet user, the dark web is something you only hear about in news broadcasts talking about the latest cyberattacks. But while you won’t find yourself in the dark web by accident, it’s important to know what it is and how you can protect yourself from it. Afterall, the dark web is where most cybercrimes get their start.
Security Boulevard
NOVEMBER 8, 2021
Biometrics are increasingly becoming a part of everyday life, from unlocking your phone with your face to iris recognition for e-government services or airport security and voice recognition when you talk to Siri or Alexa. For the financial services industry, biometrics are quickly forming a crucial part of future regulatory requirements, especially with the advent [.].
Threatpost
NOVEMBER 8, 2021
The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
McAfee
NOVEMBER 8, 2021
The holiday season is upon us, and many are preparing to celebrate with family and friends both near and far. While we tend to look at consumer tendencies during the holidays, the season also presents a significant challenge to industries coping with the increase in consumer demands. McAfee Enterprise and FireEye recently conducted a global survey of IT professionals to better understand their cyber readiness, especially during peak times like the holiday season, and the impact the pandemic has
Bleeping Computer
NOVEMBER 8, 2021
Japanese tech giant SoftBank is planning to trial wireless charging of smartwatches and earbuds using power transmitted through 5G antennas. [.].
PCI perspectives
NOVEMBER 8, 2021
In this blog we explore the challenges around security of payment data during the hectic holiday season and provide tips and best practices to help retailers better secure their payment data.
Security Boulevard
NOVEMBER 8, 2021
The long arm of the law just reached out and dragged Yaroslav Vasinskyi into the American criminal justice system, readying charges against the Ukrainian man for a REvil ransomware attack against a U.S. company, Kaseya, in July. Law enforcement also relieved another operative of $6 million in ransom payments. Vasinskyi, who was arrested in Poland. The post Gotcha!
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
282 
Let's personalize your content