For combating ransomware, doing the security basics is essential, including keeping systems updated and patched. Don't follow in the footsteps of one technology firm, which Sophos found got hit by Cring ransomware after attackers exploited ColdFusion software that hadn't been patched in 11 years.
Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.
Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.
The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.
A new and still little-known ransomware group called Karma has been pursuing a novel strategy to pressure victims into paying: Get journalists to publicize businesses hit by the ransomware operation, adding pressure on victims to pay the ransom demand.
As the Senate Homeland Security Committee considers new cyber rules and regulations for U.S. critical infrastructure, lawmakers heard testimony from CISA's Jen Easterly and National Cyber Director Chris Inglis on Thursday in support of these measures, which include updates to FISMA.
The pace of Conti ransomware attacks has been increasing, with more than 400 organizations globally having fallen victim, warns a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency, which details essential defenses.
U.S. FBI and Department of Homeland Security leaders fielded several cybersecurity questions from House lawmakers Wednesday, particularly around the surge in ransomware attacks, diplomatic efforts to curb ransomware's financial model, and the nation-states that harbor cybercriminals.
Microsoft Security on Tuesday issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription all the tools needed to conduct a campaign. The gang remains operational.
A Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed, Cisco Talos report. Victims include U.S., German and Afghan organizations.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the role of cyber insurers in supporting ransomware victims' incident response, and how to build a successful bug bounty program.
The U.S. Department of the Treasury has blacklisted Russia-based cryptocurrency exchange Suex for allegedly laundering tens of millions of dollars for ransomware operators, scammers and darknet markets. It is the first such designation for a virtual currency exchange.
Marketron Broadcast Solutions was hit over the weekend by a ransomware attack launched by the BlackMatter gang, and the attack has taken down a number of the marketing firm's products. Marketron is currently in talks with its attacker.
If your solution is out at sea, it’s time to learn more about improving integration. Micro-segmentation can allow security architects to divide data centers into unique security segments (as far down as individual workload levels) but requires integration.
Join us in this webinar where Illumio’s Field CTO...
FBI Director Christopher Wray faced questions during a Senate hearing Tuesday concerning a published report that the bureau for almost three weeks withheld a decryption key that agents obtained from the ransomware gang that targeted software firm Kaseya.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
