Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.
A new and still little-known ransomware group called Karma has been pursuing a novel strategy to pressure victims into paying: Get journalists to publicize businesses hit by the ransomware operation, adding pressure on victims to pay the ransom demand.
The U.S. Federal Reserve said Wednesday it is continuing to evaluate the creation of a central bank digital currency, or CBDC, and that it intends to publish research on the subject shortly, according to Chair Jerome Powell.
The COVID-19 crisis has posed an unparalleled challenge for cybersecurity. Like COVID-19, cyberattacks spread fast and far - creating more and more damage. But the pandemic has also had a positive impact on the cybersecurity function, which Tarun Kumar, CISO at Nissan, describes here.
U.S. FBI and Department of Homeland Security leaders fielded several cybersecurity questions from House lawmakers Wednesday, particularly around the surge in ransomware attacks, diplomatic efforts to curb ransomware's financial model, and the nation-states that harbor cybercriminals.
U.S.-based cryptocurrency exchange Coinbase has contracted with the U.S. Department of Homeland Security to provide its blockchain monitoring software, according to government tracking sites. The U.S.-based exchange also withdrew plans to launch a crypto lending program amid tensions with the SEC.
With automotive standard ISO 21434 just around the corner, this tutorial focuses on how it will form a key protective component against the cyber threats facing automation software developers.
In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork announced Sunday it had been hacked for 277 pBTC, a form of wrapped bitcoin, with losses worth over $12 million at current value.
Earlier this month, McAfee Enterprise's Advanced Threat Research team, working with McAfee's Professional Services IR team, reported that an APT campaign dubbed Operation Harvest had been in operation for years. Their analysis provides insight into the group's tools, tactics and techniques.
The Mirai botnet is actively exploiting the known vulnerability CVE-2021-38647, which is part of a quarter of vulnerabilities dubbed OMIGOD, in Microsoft's Azure Linux Open Management Infrastructure framework, according to Kevin Beaumont, head of the security operations center for Arcadia Group.
CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.
Amid growing calls for cryptocurrency regulations, the U.S. acting comptroller of the currency has made a definitive statement on safeguarding investors and how cryptocurrency should intersect with traditional financial institutions.
Amid digital transformation initiatives, the application shift to the cloud has been happening at a historic pace. James Brotsos of Checkmarx and James Ferguson of AWS discuss what this shift means for securing cloud DevOps and what each of their organizations brings to their partnership.
The Republican Governors Association was one of several U.S. organizations targeted in March when a nation-state group took advantage of vulnerabilities in Microsoft Exchange email servers, according to a breach notification letter filed with Maine authorities. It appears some PII was exposed.
New York officials won a court order shuttering cryptocurrency trading platform Coinseed, after it allegedly defrauded thousands of investors out of millions of dollars, according to State Attorney General Letitia James. The court also awarded a $3 million judgment against Coinseed and its CEO.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.