The healthcare sector has been reshaped by the forces of digital transformation and virtual health. But it also has been besieged by the shifting threat landscape and the escalation of destructive ransomware attacks. What role can zero trust play? Jack Miller of Menlo Security shares insight.
How can XDR help mitigate ransomware risks? Two experts - Assad Arabi, managing director, gulf cluster region, at Trend Micro, and Andrew Philp, sales leader at the company - offer insights.
Security researchers at AT&T Alien Labs say they've discovered a cluster of Linux ELF executables, identified as modifications of the open-source PRISM backdoor, that attackers have been using in several campaigns for more than three years.
The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.
Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason. As in other Chinese cyberattacks, these APT campaigns exploited flaws in Microsoft Exchange servers.
The new BlackMatter ransomware operation claimed to have incorporated "the best features of DarkSide, REvil and LockBit." Now, a security expert who obtained a BlackMatter decryptor reports that code similarities suggest "that we are dealing with a Darkside rebrand here."
Researchers at the security firm RiskIQ have uncovered about 35 active command-and-control servers connected with an ongoing malware campaign that has been linked to a Russian-speaking attack group known as APT29 or Cozy Bear.
The Biden administration formally accused China's Ministry of State Security of conducting a series of attacks against vulnerable Microsoft Exchange servers earlier this year that affected thousands of organizations. This group is also accused of carrying out ransomware and other cyber operations.
A leak of 50,000 telephone numbers and email addresses led to the "Pegasus Project," a global media consortium's research effort that discovered how Pegasus spyware developed by NSO Group is being used in the wild.
Threat intelligence researchers are looking closely at REvil, the ransomware gang that infected up to 1,500 companies in a single swoop. A look at the group's online infrastructure shows clear lines to Russian and U.K. service providers that, in theory, could help law enforcement agencies but don't appear eager to...
Acting CISA Director Brandon Wales, Rep. Jim Langevin and many others will discuss the government's top priorities in addressing cybersecurity challenges at ISMG's Virtual Cybersecurity Summit: Government, to be held July 13 and 14.
The Kaseya VSA ransomware attack was discussed exhaustively over the Fourth of July holiday weekend. But there's one big question that hasn’t been answered, says Tom Kellermann, head of cybersecurity strategy at VMware Carbon Black: "Who gave REvil the zero-day?"
The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.
In a multinational effort led by the Dutch National Police, authorities seized servers and web domains used by DoubleVPN, a Russia-based company that allegedly provided a safe operating infrastructure for cybercriminals, according to Europol.
Deputy national security adviser Anne Neuberger says the White House is preparing to release additional details, including attribution, about the attacks that targeted vulnerable on-premises Microsoft Exchange email servers at government agencies and other organizations earlier this year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.