Cyber adversaries are embracing defense evasion, triple extortion, wiper malware and the accelerated exploit chain, and that is significantly reshaping the threat landscape that CISOs have to deal with, according to Derek Manky, head of Fortinet's FortiGuard Labs.
The Cuba ransomware group, which has previously targeted U.S. critical infrastructure firms, has updated its malware to "optimize" execution and "minimize" unintended system behavior, says Trend Micro. Researchers at Elastic Security Labs also share malware analysis, TTPs and detection techniques.
Greg Murphy, CEO of Ordr, says there are three topics healthcare senior leaders and board members keep asking about: ransomware, ransomware … and ransomware. He discusses how healthcare entities are addressing their biggest threats, IoT devices, and the implications of the PATCH Act.
SSNDOB, a darknet marketplace selling stolen Social Security numbers and birthdates, has been shut down, says the U.S. Department of Justice. The takedown was the result of a multiagency effort involving the IRS-CI, the FBI, the DOJ, and law enforcement agencies of Cyprus and Latvia.
As the dwell time between when hackers compromise a system and when they trigger a ransomware attack has grown, victims have a little more precious time to detect and stop these attacks "before the worst happens," says Chet Wisniewski, principal research scientist at Sophos.
The broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine on Sunday was interrupted in Ukraine by a cyberattack that targeted OLL.TV, a Ukrainian online broadcaster. Traffic was rerouted to a Russian propaganda-based channel, the SSSCIP says.
The U.S. is on "borrowed time" for a major cyberattack that could potentially seriously disrupt critical infrastructure, but the nation can secure its systems and resources to avoid such cybersecurity disasters, says Rep. Eric Swalwell, D-California.
A cyberattack on the municipality of Palermo, which began on Thursday, reportedly continues to cripple the southern Italian city on Monday. The attack caused the municipality's systems and dependent services to be shut down and isolated, and local citizens and tourists alike have been affected.
The Cyber Threat Alliance just celebrated its fifth birthday, and President and CEO J. Michael Daniel says the membership and information sharing both are growing at an impressive pace. He discusses the surge in ransomware and how organizations should respond.
The new Expel Quarterly Threat Report provides even more data on what we’re seeing, detection opportunities, and resilience recs to help protect your organization — now on a quarterly basis.
The U.S. Department of Justice and FBI announced the seizure of three domains after an investigation that found these domains selling stolen personal information and providing access to conduct distributed denial-of-service attacks. The domain includes weleakinfo.to, ipstress.in and ovh-booter.com.
U.S. government agencies have issued a warning to organizations in the country against paying ransom to the Karakurt data extortion group. The threat actor's promises to delete stolen data and not disclose the security incident to the public if its demands are met are false, the agencies say.
Android spyware FluBot's infrastructure was disrupted by the Dutch police as part of a multinational law enforcement operation in May, rendering this strain of malware inactive, Europol says. The agency is continuing its probe into identifying the actors responsible for the malware campaign.
In the latest weekly update, four ISMG editors discuss important cybersecurity issues, including the trending topics at this year's RSA Conference, how security researchers are tracking a zero-day vulnerability in Microsoft Office and what Broadcom's acquisition of VMware means for security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.