Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
The latest edition of the ISMG Security Report features an analysis of lawmakers' grilling of Colonial Pipeline CEO Joseph Blount over his handling of the DarkSide ransomware attack. Also featured: How the FBI helped trick criminals into using an encrypted communications service that it was able to monitor.
A small U.S. nuclear weapons contractor has confirmed that it suffered a ransomware attack, resulting in the theft of data. Credit for the attack has been taken by the ransomware-as-a-service operation known as REvil, aka Sodinokibi, which the FBI recently tied to the attack against meatpacking giant JBS.
President Joe Biden's nominees for White House cyber director and CISA director faced questions from senators during their confirmation hearing Thursday, including how the federal government should respond to a recent spate of ransomware attacks and other cyberthreats.
Is it any wonder that criminals keep flocking to ransomware when their individual haul from a well-executed digital heist can be worth $11 million? That's the amount paid to the REvil ransomware gang by meatpacker JBS USA, after its systems were crypto-locked on May 30.
Colonial Pipeline Co. CEO Joseph Blount returned to Capitol Hill on Wednesday to answer additional questions about his company's response to the ransomware attack that affected the firm's operations for nearly a week, as well as his decision to pay the attackers.
Colonial Pipeline Co. CEO Joseph Blount defended his actions during the opening hours of the May 7 DarkSide ransomware attack against his company as several lawmakers on the Senate Homeland Security and Governmental Affairs Committee grilled the executive for over two hours on Tuesday.
CISA is preparing to expand its vulnerability research and disclosure program, which is now mandatory for nearly all executive branch agencies, by creating a vulnerability disclosure platform service. As part of this effort, the cybersecurity agency is partnering with Bugcrowd and EnDyna.
The U.S. Justice Department reported it recouped $2.3 million of the $4.4 million ransom Colonial Pipeline Co. paid following a May 7 ransomware attack. The DOJ's Ransomware and Digital Extortion Task Force coordinated the effort, in which the FBI tracked payment to a bitcoin wallet it controls.
U.S. Justice Department prosecutors have charged a 55-year-old Latvian woman with helping to develop code for the Trickbot gang as well as stealing banking credentials and deploying ransomware, according to a federal indictment. Alla Witte faces more than 30 years in prison if convicted.
Australian spies should be allowed to take offensive action against some of the world's most prominent ransomware gangs, says Tim Watts, a member of Australia's Parliament who says the move, proposed under the Labor Party's push for a national ransomware strategy, would deter attackers.
A district court in Kazakhstan sentenced two unidentified Cobalt, aka Carbanak, gang members to serve eight years in prison on robbery and attempted robbery charges. The gang members are believed to have been involved in cashing out operations, according to Group-IB.
If you're a Russian cybercrime gang feeling the heat after being sanctioned by the U.S. government, why not rebrand? So goes an apparent move by Evil Corp to disguise its WastedLocker ransomware as rival gang Babuk's PayloadBin, so any ransom payers won't think they're violating U.S. sanctions.
In response to a string of high-profile and damaging ransomware attacks that took place over the past several months, the Biden administration sent an open letter to U.S. business leaders asking them to take the proper steps to protect their organizations from ransomware.
The ransomware attack that disrupted operations at meat processing giant JBS has exposed cybersecurity shortcomings in the U.S. agricultural sector and food supply chain. Experts say the industry demands the level of security scrutiny given to the electrical grid and other critical infrastructure.