Memo to IT administrators: Don't store data in cloud in an unsecure manner. Security researchers at Secureworks have found more than 1,200 cloud-based, unsecured Elasticsearch databases that attackers wiped, leaving only a ransom note demanding Bitcoin in return for their restoration.
Obtaining threat insight is like practicing judo - you want to use your attacker's power against them, says Chris Borales, senior manager of product marketing at Gigamon. He and Tom Dager, CISO of Archer Daniels Midland Company, discuss how to keep pace with the evolving ransomware landscape.
In the aftermath of the BlackCat ransomware attack on May 24, 2022, that "severely affected" government services in Carinthia, the Austrian state has budgeted 500,000 euros to restore services and boost its cybersecurity and reinstated its passport issuance system, which was affected by the attack.
The BlackCat ransomware group, aka ALPHV, which is said to be a rebrand of BlackMatter or DarkSide, has now targeted the Austrian state of Carinthia. The attack has "severely affected" government services in the state, says Gerd Kurath, a state spokesperson.
If software has a dangerous security flaw, should its maker tell customers to shut it down until it’s fixed? It's a tough call, but Dutch company Hoppenbrouwers says the software vendor Kaseya should have done so last year to prevent a massive supply chain attack by the REvil ransomware gang.
The FBI is warning the U.S. higher education sector about compromised sensitive credentials and network access information advertised for sale across various public and dark web forums. The agency states that this access to credentials could potentially lead to a cyberattack.
The City of Quincy, Illinois' administrative systems were hit by a ransomware attack on May 7, confirmed Mayor Mike Troup in a press conference held on Tuesday. Consulting fees and a ransom were paid but critical services continued to operate throughout the incident.
Ransomware gang Black Basta, which came to prominence in April, has claimed responsibility on its leak site for a ransomware attack on AGCO. An AGCO spokesperson confirmed to ISMG that employee data was exfiltrated during an attack but did not comment on Black Basta's claims of responsibility.
Indian passenger airline SpiceJet says an attempt at a ransomware attack was made against its IT infrastructure on Tuesday night. The airline says the attack was "contained," and it has resumed regular operations. Passengers continued to complain about takeoff delays until noon local time.
Ransomware has grown 13% year on year in 2022, a jump greater than the past five years combined, a Verizon Business 2022 Data Breach Investigations Report published on Tuesday shows. It says financial gain continues to be the primary motive for attacks, followed by espionage.
In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.
When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
The Russian-language criminal syndicate behind the notorious Conti ransomware has retired that brand name, after having already launched multiple spinoffs to make future operations more difficult to track or disrupt, threat intelligence firm Advanced Intelligence reports.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.