Ransomware continues to prove a reliable moneymaker for criminals, with the average cyber extortion payoff rising to $220,298, reports ransomware incident response firm Coveware. Zero-day attacks and shakedowns targeting Accellion File Transfer Appliance users helped boost criminals' profits.
The FBI and CISA are warning of continued cyberthreats stemming from Russia's Foreign Intelligence Service, or SVR, which the Biden administration formally accused of carrying out the SolarWinds supply chain attack. A joint alert describes how Russian attackers are targeting vulnerable networks.
An "update" pushed out earlier this year by law enforcement agencies, including Europol, on Sunday began erasing Emotet malware from infected devices worldwide, Malwarebytes reports. The move comes after the FBI recently remotely removed web shells from vulnerable on-premises Microsoft Exchange servers.
Attackers implanted malware into Click Studios' Passwordstate password manager update process, potentially exposing 29,000 users to exfiltration of passwords and other data, the company reports.
The Office of the Public Defender in southwestern Florida says malware attackers may have compromised the personally identifiable information of its staff and clients.
Does the West want to have its digital existence defined by adversaries, or is it ready to devote the time, resources, expertise and planning required to more fully take control of its evolving destiny? That's the techno-Darwinian call to arms issued by Jeremy Fleming, the director of Britain's GCHQ intelligence...
One consistent theme in Andrea Szeiler's career: She’s always been drawn to "the challenge." And in her roles as global CISO for Transcom and president of WITSEC, she’s currently tackling some meaningful ones.
Following news reports of ransomware attackers targeting QNAP Systems' network-attached storage appliances, encrypting users' data and then demanding a ransom, the company is urging users to immediately install a malware remover and run a malware scan.
Cisco recently released the 2021 Security Outcomes Study - Small and Midsize Business (SMB) Edition, which revealed a number of somewhat surprising findings about SMBs and how they compare to their larger counterparts.
The Justice Department is creating a task force to tackle the growing threat of ransomware and related extortion schemes. The new group will target the "ransomware criminal ecosystem as a whole," which means prosecuting those behind the attacks as well as those who launder money that's extorted.
More use cases are emerging for self-sovereign identity, which gives individuals more control over their digital identities, according to Heather Dahl and Ken Ebert of Indicio.tech.
The economics of vulnerability discoveries and exploits is always evolving, and knowing those dynamics can provide insights into what attackers are doing, says Casey Ellis of Bugcrowd.
Law enforcement agencies use forensics tools from Israeli company Cellebrite to gain access to locked mobile devices and extract data. But the creator of encrypted messaging app Signal says he's found vulnerabilities in Cellebrite's tools, raising questions about whether the extracted data can be trusted.
The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability and three other recently patched flaws in Pulse Connect Secure VPN products.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.