Indian passenger airline SpiceJet says an attempt at a ransomware attack was made against its IT infrastructure on Tuesday night. The airline says the attack was "contained," and it has resumed regular operations. Passengers continued to complain about takeoff delays until noon local time.
Ransomware has grown 13% year on year in 2022, a jump greater than the past five years combined, a Verizon Business 2022 Data Breach Investigations Report published on Tuesday shows. It says financial gain continues to be the primary motive for attacks, followed by espionage.
WhiteSource has renamed itself Mend as the company pushes beyond software composition analysis to become a broad application security platform with automated remediation. The name WhiteSource didn't have any negative connotations when the company was founded, but some people today find it offensive.
Software is running the world – and it is everywhere. More and more elements of major businesses and industries are being run on software and delivered as online services. So much of the software on which the world depends is open source software.
Explore this white paper to understand dependency integrities...
Today, organizations must acknowledge the lists of well-known software risks provided by OWASP, SANS, and others, but an entirely new set of risks also emerge in Modern Application Development (MAD) initiatives.
This eBook expands on each of these risks. Check out this eBook to know in depth about:
The interconnectedness and interdependence of today’s world has led to incredible growth, innovation and benefits across the technology sector. But when considering cybercrime and cyberattacks, that interconnectedness and interdependence could lead to more disruption, destruction and broad-reaching collateral...
The U.S. is setting up a Joint Ransomware Task Force, headed by the Cybersecurity and Infrastructure Security Agency and the FBI, as well as two international initiatives, chaired by the Department of Justice, to tackle illegal cryptocurrency activities related to ransomware.
In this edition, Ari Redbord and Grant Schneider join ISMG editors to discuss the challenges ahead for the U.S. government as it plans to roll out EDR deployments at more than half of federal agencies this year, how stable the stablecoin economy really is and how to improve industry collaboration.
Accelerated digital transformation has only complicated the identity verification challenge for enterprises. But Chuck Moore of Early Warning has behavioral analytics and anomaly detection can combine to both reduce fraud and friction that often comes with traditional authentication methods.
In a world that has evolved on the physical and logical underpinnings of the internet, we’re completely dependent on software applications (apps) that run nearly every aspect of our lives.
Amid the obligations to revolutionize, modern application development (MAD) was spawned and has since grown beyond its...
Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDdos. First discovered in 2014, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.
There has been a rise in crypto fraud, and a substantial portion of it can be attributed to stimulus funding and paycheck protection programs, says David Britton, vice president of strategy, global ID and fraud at Experian. He discusses new authentication methods and stricter regulations.
In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.
When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
The U.S. Department of Justice has revised its policy on who it charges with violations under the Computer Fraud and Abuse Act. The DOJ now specifies that good-faith security research and researchers cannot be charged under the CFAA because they help improve cybersecurity standards.