Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.
A forensic examination of an email hosting service offered by subsidiaries of Australian telecom firm TPG revealed an intrusion affecting up to 15,000 customers, the company disclosed Wednesday. The breach adds to a growing list of cyber incidents experienced by Australia's telecommunication sector.
It’s a considerable challenge to defend organizations against rapidly evolving, increasingly complex cyberthreats. Attackers are continuously adapting and evolving behaviour-wise and are also leveraging new vulnerabilities and everyday IT infrastructure to evade detection and stay one step ahead of security...
James Foster has been swimming against the current for months, taking ZeroFox public by merging with a special-purpose acquisition company despite the worsening economic conditions. The Nasdaq Stock Exchange listing makes ZeroFox the first cybersecurity company to go public in all of 2022.
Google will buy cybersecurity firm Mandiant for $5.4 billion, an acquisition Google says will give it new capabilities to respond to cybersecurity threats and bolster its cloud platform. Mandiant will be folded into Google's Cloud Platform.
It’s a challenging time for organizations and security professionals charged with defending their organization against breaches and incidents. Investigations are multiplying and diversifying–there are more of them, and new types of cases arise all the time. Spurred by global trends and challenges, such as COVID-19...
In response to high-profile data breaches, staggering fines, and rapidly evolving privacy and data requirements, CIOs and CISOs are facing a critical mandate: to enable their investigative teams with the tools and solutions needed to quickly, easily and securely investigate external cyber threats, internal security...
The threats have multiplied, tools have maxed out and the staff lacks capacity for real-time detection, investigation and response. Enter: MDR. John Irvine of eSentire discusses the power of MDR and the role of digital forensics.
Indianapolis, Indiana-based Eskenazi Health has acknowledged that hackers stole some data and posted it on the darkweb after a ransomware attack. But the organization says it's not yet determined if individuals need to be notified because its investigation is still underway.
The latest edition of the ISMG Security Report features an analysis of the cybercrime-as-a-service model and how law enforcement could potentially disrupt it. Also featured: T-Mobile probes a massive data breach; tackling abuse in the workplace.
Nearly three weeks ago, Iran's state railway company was hit with a cyberattack that was disruptive and - somewhat unusually - also playful. Security firm SentinelOne says analyzing the wiper malware involved offers tantalizing clues about the attackers' skills, but no clear attribution.
The Israeli government paid a visit on Wednesday to NSO Group, the company whose spyware is alleged to have been covertly installed on the mobile devices of journalists and activists. The visit comes as Israel faces growing pressure to see if NSO Group's spyware, called Pegasus, has been misused.
Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."
Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
Ransomware attacks have evolved over the years as attackers have come out with new strategies for digital extortion, says Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group. He shares insight from the Verizon 2021 Data Breach Investigations Report.