As the dwell time between when hackers compromise a system and when they trigger a ransomware attack has grown, victims have a little more precious time to detect and stop these attacks "before the worst happens," says Chet Wisniewski, principal research scientist at Sophos.
The broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine on Sunday was interrupted in Ukraine by a cyberattack that targeted OLL.TV, a Ukrainian online broadcaster. Traffic was rerouted to a Russian propaganda-based channel, the SSSCIP says.
The U.S. is on "borrowed time" for a major cyberattack that could potentially seriously disrupt critical infrastructure, but the nation can secure its systems and resources to avoid such cybersecurity disasters, says Rep. Eric Swalwell, D-California.
Abnormal Security is out with new financial crimes research, and it shows that traditional business email compromise is evolving into new forms of financial supply chain compromise. Crane Hassold shares insights on the crimes and how best to detect, deter and respond to them.
Cyberwarfare has emerged as the bridge between espionage and kinetic conflict. "It's here," says Chase Cunningham of Ericom Software. He discusses how enterprise cybersecurity leaders should now think more deeply about their adversaries' motivations and capabilities.
A cyberattack on the municipality of Palermo, which began on Thursday, reportedly continues to cripple the southern Italian city on Monday. The attack caused the municipality's systems and dependent services to be shut down and isolated, and local citizens and tourists alike have been affected.
The Cyber Threat Alliance just celebrated its fifth birthday, and President and CEO J. Michael Daniel says the membership and information sharing both are growing at an impressive pace. He discusses the surge in ransomware and how organizations should respond.
The website of the Russian Ministry of Construction, Housing and Utilities was reportedly hacked and defaced on Sunday. The attacker demands a 1-million-ruble ransom be paid by Tuesday to ensure the security of stolen data. A ministry spokesperson told a state news agency that all data is protected.
The U.S. Department of Justice and FBI announced the seizure of three domains after an investigation that found these domains selling stolen personal information and providing access to conduct distributed denial-of-service attacks. The domain includes weleakinfo.to, ipstress.in and ovh-booter.com.
Atlassian has issued a patch for its Confluence workspace collaboration tool, which is being targeted in the wild with a zero-day vulnerability that gives attackers unauthenticated remote code execution privileges. The vulnerability has a CVSS score of 10 out of 10 for criticality.
U.S. government agencies have issued a warning to organizations in the country against paying ransom to the Karakurt data extortion group. The threat actor's promises to delete stolen data and not disclose the security incident to the public if its demands are met are false, the agencies say.
A zero-day vulnerability in Atlassian Confluence, a workspace collaboration tool that serves millions of daily active users, is being targeted in the wild. The flaw, according to the company's security advisory, gives attackers unauthenticated remote code execution privileges.