There's another twist in the REvil ransomware saga: A decryption key released Friday on a Russian-language cybercrime forum unlocks files encrypted in the attack against Miami-based software developer Kaseya. Why it was released, however, is unknown, and its utility at this point is questionable.
Microsoft's Patch Tuesday rollout addressed two additional security issues within Windows Print Spooler, including one zero-day. Microsoft's August security update covers 44 vulnerabilities, with seven rated critical. Intel and Adobe also made security fixes.
For the fifth consecutive year, the supply of those with cybersecurity skills is far too low to meet the demand, according to a new report. Cybersecurity pros offer insights on how to change that.
With more than 61% of breaches attributed to stolen passwords, a password manager can go a long way in helping enterprises enhance security, say Chandan Pani, CISO at Mindtree, and Lloyd Evans, identity lead, JAPAC, at LogMeIn.
Taiwan-based network-attached storage device manufacturer Synology says the StealthWorker botnet is targeting its products with brute force attacks that could lead to ransomware intrusions.
A hacker breached the blockchain-based Poly Network platform to steal more than $600 million in cryptocurrency, the platform announced Tuesday. But Wednesday, it appeared the hacker had returned some of the stolen assets.
On Tuesday, the Senate, by a vote of 69-30, passed a $1 trillion infrastructure spending bill that would provide additional money for cybersecurity over the next several years, including extra funds for the Department of Homeland Security and its Cybersecurity and Infrastructure Security Agency.
NIST is updating "cyber resiliency" guidance to focus on mitigating modern cyberthreats to IT networks, especially ransomware and nation-state attacks. A draft encourages security defenders to move away from a perimeter-based defense to building resilient IT systems.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
Faster payments between enterprises pose different fraud-fighting challenges than faster payments involving consumers because of the large size of the payment amounts, says Peter Tapling, board member at U.S. Faster Payments Council.
Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. The Conti ransomware group is now leveraging backdoors that persist, cybersecurity consulting firm Pondurance reports.
Two Latvian men tied to an extensive international money laundering operation that aided prominent cybercriminals have pleaded guilty to conspiracy charges.
The Federal Trade Commission has issued a warning about a new smishing scheme targeting millions of smartphones nationwide that impersonates state workforce agencies in an attempt to obtain personal data.
Flaws uncovered in tractor manufacturer John Deere's systems underscore the cyber risks that come with the productivity gains from high-tech farming. John Deere claims the issues would not affect machines in use, but a researcher who presented at the Def Con security conference disagrees.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.