The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.
The number of data breach notifications jumped 140% in 2020 from the previous year, with a surge in attacks against less-regulated industries, according to Kroll's 2021 Data Breach Outlook. Brian Lapidus and Heather Williams of Kroll analyze the report's findings.
Title insurance company First American Financial Corp. will pay the SEC a $488,000 penalty as a result of a data breach revealed two years ago. Information security staff members were aware of the vulnerability in the company's EaglePro document-sharing system for five months but failed to fix it, the SEC reports.
The global law enforcement "Anom" honeypot operation racked up impressive statistics for the number of criminals tricked into using the encrypted communications service. Psychology was at play: Officials say users flocked to the service after they disrupted rivals EncroChat and Sky Global.
Bitcoin has enabled fast payments to cybercriminals pushing ransomware. How to deal with bitcoin is the subject of a spirited debate, with some arguing to restrict it. But bitcoin doesn't always favor cybercriminals, and it may actually be more of an ally than a foe by revealing webs of criminality.
Volkswagen and its Audi subsidiary are notifying 3.3 million people in the U.S and Canada of a breach of personal information by a marketing services supplier. Volkswagen says 90,000 of those affected may have also had their driver's license number, loan data and other personal information exposed.
Based on Russian-language cybercrime chatter, "fear" likely drove the lucrative Avaddon ransomware-as-a-service operation to announce its retirement as the U.S. exerts increasing diplomatic pressure on Moscow to disrupt such activity, experts say. But are criminals simply laying low until the heat dies down?
The prolific Avaddon ransomware-as-a-service operation has announced its closure and released 2,934 decryption keys for free. Has the increased focus by Western governments on combating ransomware been driving this and other operations to exit the fray?
Fast-food giant McDonald's is acknowledging a data breach that affected some customer and company data from its locations in Korea and Taiwan. Phone numbers, delivery and email addresses were exposed. Payment data, however, has not been compromised.
The House Oversight and Reform Committee is now probing the $11 million payment that meat-producer JBS paid to a cybercriminal gang following a ransomware attack in May. Committee Chairwoman Carolyn Maloney also asked for documents related to ransom payments made by Colonial Pipeline and CNA.
Cryptocurrency has a reputation for being tough to trace - no wonder anonymity-craving criminals favor using it. In reality, cryptocurrencies don't make users anonymous. But just how did the FBI recover most of the bitcoins paid by Colonial Pipeline to the DarkSide ransomware operation?
Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
The latest edition of the ISMG Security Report features an analysis of lawmakers' grilling of Colonial Pipeline CEO Joseph Blount over his handling of the DarkSide ransomware attack. Also featured: How the FBI helped trick criminals into using an encrypted communications service that it was able to monitor.
A small U.S. nuclear weapons contractor has confirmed that it suffered a ransomware attack, resulting in the theft of data. Credit for the attack has been taken by the ransomware-as-a-service operation known as REvil, aka Sodinokibi, which the FBI recently tied to the attack against meatpacking giant JBS.