In the latest weekly update, ISMG editors discuss why being a CISO is like being the first family doctor in a small village, why you can't trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt from Morgan Stanley to fuel its SASE offering.
Competition between rival Russian-language darknet markets remains fierce since police shuttered Hydra last year. The latest to fall dark is Solaris, which controlled an estimated 25% of the darknet drug trade. It got hacked by newcomer rival Kraken. But that wasn't Solaris' only problem.
Ransomware attacks go beyond just the initial attack for MSPs clients, the average cost of downtime is $126k which could be detrimental to a small business's success. And, many of these organizations that get hit by ransomware rely on manual backup to recover their data. This leaves a large opportunity for MSPs to...
Cryptocurrency wallet BitKeep says it will compensate victims of a December 2022 hack that cost the users $8 million. The wallet says it will pay victims in USDT stablecoin to counter asset fluctuation. This isn't the first time BitKeep has made customers whole following a hack.
RiskRecon recently studied the impact of destructive ransomware incidents and the unique tie between ransomware susceptibility and an organization's cybersecurity posture. Kelly White of RiskRecon discusses the findings and how to use them to help secure the digital supply chain.
Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.
The United Kingdom's Royal Mail says it can again deliver simple letters to international destinations as it enters a second week of grappling with the fallout of a ransomware attack. It is testing operational workarounds to reduce its backlog of packages to be delivered.
The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
The former head of the U.K.'s National Cyber Security Centre warns that destructive ransomware targeting large enterprises is likely to surge in 2023, adding that recent attacks on Royal Mail and The Guardian newspaper are examples of these early-stage attacks.
Forter bought a bot detection startup founded by a longtime Check Point Software leader to stop malicious actors from purchasing limited-edition items and collectables. The Immue purchase will prevent malicious bots from flooding e-commerce sites with thousands of transaction attempts per second.
Ukraine's top information protection agency says Russian cyberattacks are focusing on destruction of critical information infrastructure, spying and disinformation. Although efforts are underway, it will require $1.79 billion to completely restore the telecommunication sector, it says.
An international sting operation on Tuesday shut down the operations of cryptocurrency exchange Bitzlato Ltd. as FBI agents hauled co-founder Anatoly Legkodymov into a Miami jail to face U.S. federal charges of conducting an unlicensed money-transmitting business.
Ransomware syndicates continue to earn massive profits for criminals while disrupting victims' operations worldwide. Security researchers tracking known victims say their numbers remain unchanged from 2021 to 2022, as attackers tap abundant cybercrime services to help amass fresh victims.
Sophos will execute the second-largest round of layoffs of any security company in the current economic downturn, axing 450 workers amid a shift to MDR services. Sophos plans to reduce its staff by 10% in a move to balance growth and profitability in a challenging and uncertain economic environment.
The U.S. federal government put the healthcare sector on alert for indicators of BlackCat and Royal ransomware, characterizing them as "highly capable" threats. The good news, says a cybersecurity expert, is that a solid defense-in-depth strategy can foil the ransomware-as-a-service groups.