In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. and U.K., demanding ransom payments as high as $1.6 million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.
The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency.
While some organizations are improving their ability to share threat intelligence with other entities within the same sector, cross-sector cyber info collaboration is still often a hurdle. But cyber fusion centers can help to automate that process, say Errol Weiss of the H-ISAC and Anuj Goel of Cyware.
This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.
The U.S. Department of State is now offering rewards of up to $10 million for information about cyberthreats to the nation's critical infrastructure. Meanwhile, the government has launched a StopRansomware website offering a central repository of resources.
Facebook's threat intelligence team says it has disrupted an Iranian advanced persistent threat group that was using the social network as part of an effort to spread malware and conduct cyberespionage operations, primarily in the U.S.
Security software firm NortonLifeLock says it is in "advanced discussions" to acquire Avast, a rival security firm known for its freemium antivirus software. NortonLifeLock was formerly Symantec's consumer-focused business.
SonicWall is urging users of its Secure Mobile Access 100 series and its Secure Remote Access products running unpatched and end-of-life 8.x firmware to immediately apply patches or disconnect the devices because a ransomware campaign using stolen credentials is targeting the them.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
The FCC has finalized a $1.9 billion plan that will help smaller, rural telecommunications carriers pay to rip and replace technology from the Chinese firms Huawei and ZTE. The commission says using the gear poses a threat to U.S. national security.
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.
Some security experts are questioning the findings of a recent report by the International Institute for Strategic Studies, a London-based think tank, that concludes China is 10 years behind the United States in "cyber capacity."
The Forrester Tech Tide is a report that examines the maturity of an ecosystem of technologies and helps organizations decide which technologies to invest in and when. A Forrester Tech Tide classifies software or hardware based on maturity and business value into one of the following categories: experiment, invest,...
The REvil, aka Sodinokibi, ransomware gang's infrastructure, including its darknet sites, were offline Tuesday, numerous security specialists report. The reason for the sudden disappearance is far from clear.