In his spare time, ransomware expert Allan Liska recently became a certified sommelier. Branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the deductive tasting process and threat intelligence.
As the Russia-Ukraine war continues, many commentators continue to highlight the lack of Russian cyberattacks. But The Chertoff Group's Chad Sweet says Russian cyberattacks remain fast and furious, although Moscow continues to publicly downplay both the attacks and their relative failure.
Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology. He also discusses recruiting and retaining new talent.
The public-private Ransomware Task Force last year issued numerous recommendations for battling ransomware, and task force member Marc Rogers of Okta says that while the problem persists, better mechanisms are helping to blunt such criminal activity.
Ransomware continues to pummel organizations, with the average ransom payment reaching $925,000 so far this year, but the aggregate financial impact of business email compromise attacks is even worse, says Wendi Whitmore, head of Unit 42 at Palo Alto Networks.
Ransomware groups such as Conti are beginning to move away from encrypting systems. Instead, they are stealing data, especially from public companies, and threatening to leak it publicly to extort ransom payments, says cybercrime expert Vitali Kremez, CEO of AdvIntel.
As Russia's invasion of Ukraine continues, it's notable that Ukraine's government - and much of the country - has remained connected to the internet. That's happening despite fierce Russian cyberattacks, says cybersecurity expert Mikko Hypponen, who highlights Ukraine's defensive mojo.
Personal data allegedly obtained during a cyberattack using BlackCat ransomware was published on a typosquatted open internet website. This new extortion technique shows an escalation by ransomware groups in their willingness to use personal data to bludgeon victims into paying extortion money.
The disruption of the Netwalker ransomware group in January 2021 by U.S. and Bulgarian authorities highlights how blockchain can be an Achilles' heel for cryptocurrency-using criminals, says Jackie Burns Koven, cyberthreat intelligence lead at Chainalysis.
The dangers associated with compromising critical infrastructure assets burst into public view with the May 2021 Colonial Pipeline ransomware attack, prompting significant investment from both the government and the private sector, according to Claroty Chief Product Officer Grant Geyer.
As the Russia-Ukraine war continues, and analysts watch for retaliatory cyberattacks against Ukraine's allies, cybercrime tracker Jon DiMaggio of Analyst1 says there's good news, in that Russian cybercriminals seem to have little or no incentive to move against U.S. critical infrastructure.
Darknet markets continue to thrive despite regular disruption by law enforcement agencies and exit scams by administrators because they offer easy access to services such as tools for laundering cryptocurrency, says Kimberly Grauer, head of research at blockchain analytics firm Chainalysis.
The Uptycs Threat Research team publishes this quarterly bulletin as a 3-month lookback, summarizing the trends and findings of their original threat intel across the three major operating systems: Linux, Windows and macOS.
The Threat Research Team regularly monitors the TTPs (tactics, techniques and...
An operator deploying BlackCat ransomware, also known as ALPHV, appears to have claimed the University of Pisa as its latest victim. University officials reportedly face a ransom demand of $4.5 million, a "discount price" that will jump to $5 million after Thursday.
Since joining Forescout 15 months ago as CEO, Wael Mohamed has aggressively pursued acquisitions, scooping up CyberMDX in February to safeguard internet of medical things devices and Cysiv in June to help OT and IoT customers analyze, detect and respond to threats using cloud-native data analytics.