In this in-depth blog, a long-time cybersecurity specialist who recently joined the staff of Information Security Media Group sizes up evolving ransomware risks and offers a list of 11 critical mitigation steps.
Is automation making more promises than it can keep?
Automation is still on the upward hype-cycle, according to Garner's 2019 Hype Cycle for Threat-Facing Technologies, which means that security teams too often expect stellar results from automation solutions with little expert oversight. The reality is the...
A new malware campaign uses a Trojanized version of the game Tetris to target healthcare and educational institutions for credential stealing, according to Blackberry Cylance. Analysts have observed evidence of the threat actors attempting to deliver ransomware with the 'PyXie' Trojan.
Google has directly warned more than 12,000 users across 149 countries that they have been targeted by government-backed hackers. Google says the attack attempts occurred in the third quarter of this year and targeted users of such services as Gmail, Drive and YouTube.
Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.
Corporate security teams spend a large amount of their time and resources attempting to secure
their systems from outside cyberthreats - that is, from hackers who are external to the corporate
network. According to Verizon's 2019 Data Breach Investigations Report, almost 70% of confirmed
data breaches are...
The Sophos 2020 Threat Report is out, and among the key findings: Ransomware attackers continue to leverage automated active attacks that can evade security controls and disable backups to do maximum damage in minimal time. John Shier of Sophos analyzes the trends that are most likely to shape the 2020 cybersecurity...
With all of the tools deployed for
endpoint detection and response,
enterprises today are often overwhelmed
by threat intelligence, says J.J. Thompson
of Sophos. To alleviate "analysis
paralysis," Sophos has launched its
Managed Threat Response service.
Download this eBook to learn more about:
The evolution of...
Cybercriminals are targeting users of Microsoft's Office365 subscription services with phishing campaigns that uses fake voicemail messages in an attempt to steal victims' credentials and other information, according to researchers at the security firm McAfee.
Russian attack group Turla has been named and shamed for hijacking Iranian nation-state attackers' infrastructure. The aim of GCHQ and NSA's attribution is, in part, to make Turla's future cyber espionage efforts more costly and time-consuming.
It's one thing to know your attackers. It's another to emulate some of their techniques so you can improve your own enterprise defenses. Craig Harber, CTO of Fidelis Cybersecurity, is an advocate of this "think like an attacker" defensive strategy.
The larger, underlying problem facing security teams is the general lack of visibility and context across all internal files and objects that enter and then move about, stay resident, and or leave their corporate environments.
Download this whitepaper to learn how having more visibility and greater understanding of...