Security experts say the notorious REvil - aka Sodinokibi - ransomware-as-a-service operation, which went dark in July, appears to be back in business. The group's data leak site and payment portal are back online, and one expert says the group appears to have begun amassing new victims.
The Pysa ransomware gang has created a new Linux version of its malware designed to target Linux hosts with the ChaChi backdoor, using its Windows counterpart's characteristics, according to a new report.
The U.S. Department of Commerce this week announced the establishment of an artificial intelligence advisory committee set to counsel President Joe Biden and other federal agencies on issues ranging from privacy concerns to data security, along with global competition and inherent biases.
A Ukrainian national was extradited from Poland to the U.S. this week and now faces charges of conspiracy, trafficking in unauthorized access devices and trafficking in computer passwords, according to the Justice Department.
Nine months after discover of the attack that targeted SolarWinds and clients of its network monitoring tool, the incident continues to spur investigations into what happened. The SEC is reportedly probing those businesses involved, and lawmakers want answers about the breach of DOJ emails.
To start with, yes, the ransomware threat really is as serious as depicted in the news. But Adam Kujawa of Malwarebytes Labs believes there are actions – beyond endpoint protection – that organizations can take to reduce their risk of being the next high-profile victim.
A recently discovered backdoor named Sidewalk has been linked to Grayfly, the espionage arm of the China-linked group called APT41, and used to strike telcos and other organizations in the U.S., Taiwan, Vietnam and Mexico, Symantec researchers say.
Microsoft has disclosed details of a vulnerability that researchers at Palo Alto Networks have named "Azurescape" because the attacks start from a container escape technique. The flaw "could potentially allow a user to access other customers’ information in the ACI service," Microsoft says.
Bobby Ford of Hewlett Packard Enterprise says that too often when an organization engages with security, it happens in an ad hoc way. He describes his mission to create a Cybersecurity Center of Excellence to streamline the organization's security incident management and response processes.
In the 20 years since the Sept. 11, 2001, al Qaida terrorist attacks on targets in the U.S., the need to shore up critical infrastructure and build resilience into systems remains a priority. But over the past two decades, concerns about physical threats have been displaced by cyber concerns.
The possibility of a terrorist group launching a massive Sept. 11, 2001-scale cyberattack against the U.S. or an ally has been a concern for years, but cybersecurity pros with a background in intelligence and military affairs say such worries are likely unwarranted.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.
The United Nations says its networks were accessed by attackers earlier this year, leading to follow-on intrusions. One cybercrime analyst reports that he'd alerted NATO after seeing access credentials for one of its enterprise resource planning software systems for sale via the cybercrime underground.
The latest edition of the ISMG Security Report features an analysis of the most sought-after type of victim for ransomware-wielding attackers. Also featured: fighting extortion schemes and stress management tips.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.