Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.
As ransomware gangs attempt to boost their illicit profits, the RagnarLocker ransomware gang has brought a new tactic to bear: installing a full virtual machine on victims' systems to hide their crypto-locking malware while it forcibly encrypts files, security firm Sophos warns.
The increasing use of internet-connected devices in manufacturing facilities is opening up new ways for hackers to target so-called "smart" factories with unconventional attack methods, according to an analysis by security firm Trend Micro and the Polytechnic University of Milan.
Australian shipping giant Toll Group has vowed to again not pay a ransom after suffering its second ransomware attack of the year. In the latest incident, however, the company warns that attackers also stole corporate data - and it may get leaked.
Falcon Delivers 316 % ROI with Payback in < 3 Months
Forrester Consulting was commissioned by CrowdStrike® to conduct a Total Economic Impact™ (TEI) study that examines the return on investment (ROI) organizations may realize by deploying CrowdStrike Falcon® the leading cloud-delivered endpoint...
As damaging breaches continue to occur, more organizations are considering endpoint detection and response (EDR) solutions to address the incidents that aren't being handled adequately by their existing defenses. However, EDR solutions come in a wide variety of implementations and can vary significantly in scope and...
MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) has served as a model through which interested parties can learn to identify and map digital intrusions against their existing security technologies allowing them to shore up their gaps and prevent more intrusions on endpoints.
But what about the...
The need for speed is at the heart of why business implement digital transformation strategies. Security professionals charged with protecting digital assets feel the pressure to keep up with the speed of business, but moving fast introduces challenges and uncertainties about where attacks/vulnerabilities are hiding...
Increasingly complex and sophisticated cyber-attacks are evading
traditional defenses, forcing firms to seek solutions beyond traditional
threat blocking and prevention mechanisms. Threat actors have had
success with phishing, zero-day malware/exploits, and fileless attacks and
are now cashing in on ransomware and...
Connected IoT devices are expected to reach more than 75 billion by 2025. Because of that, reducing cyber risk is increasingly becoming a critical focal point for network and security professionals.
Download the IoT eBook to learn more about:
The new risks posed by consumer-grade IoT devices
Anti-virus giant Avast is shuttering Jumpshot, its data collecting side business that has been funneling detailed internet browsing activity from the company's security products and browser extensions to marketers, after a probe by PCMag and Motherboard found the company was failing to fully anonymize data.
Bad news on the ransomware front: Victims that choose to pay attackers' ransom demands - in return for the promise of a decryption tool - last quarter paid an average of $84,116, according to Coveware. But gangs wielding Ryuk and Sodinokibi - aka REvil - often demanded much more.
Mitsubishi Electric says hackers exploited a zero-day vulnerability in its anti-virus software, prior to the vendor patching the flaw, and potentially stole trade secrets and employee data. The Japanese multinational firm announced the breach more than six months after detecting it in June 2019.
Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers, and it's issued mitigation guidance. Security firm Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.
By design, Active Directory (AD) will readily exchange information with any member system
it manages. Attackers can also leverage this access to extract information on the entire domain quickly. Security teams may not realize that attacks on AD are occurring because the activities will appear as if AD is providing...