The latest edition of the ISMG Security Report describes why firewalls and VPNs don't belong in Zero Trust design. It also discusses cybercriminals' evolving ransomware tactics and the devastating price of responding to a ransomware attack, as experienced by Travelex in 2019.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
Ransomware-as-a-service gang LockBit has set up a bug bounty program for its malware and for exploitable vulnerabilities it could use to further criminal activities. Whether the program will go as planned is an open question. The gang is offering $1,000 to $1 million in remuneration.
Unlocking the data generated by ransomware attacks is helping organizations better understand the risks, adopt defensive technologies and prepare for future attacks, says Wade Baker, partner at Cyentia Institute. He discusses new data on how quickly organizations are remediating vulnerabilities.
Putting banners in email to alert recipients to the potential dangers lurking in messages is a highly effective way to keep employees safe from phishing attacks. A lot of specialists in anti-phishing technology fall into a category analyst firm Gartner calls Cloud Email Security Supplements (CESSs). Every one of these...
Ransomware group AvosLocker made use of unpatched VMWare Horizon applications to hack into an unidentified organization’s systems, says analysis from Cisco Talos. The race between systems administrators working to patch the Log4j vulnerability and hackers trying to exploit it is ongoing.
The Conti ransomware group officially pulled the plug on its operation in May. But experts say the group's activities have continued in the form of numerous already-launched subsidiaries or spinoffs, which appear to include Alphv/BlackCat, AvosLocker, Black Basta and HelloKitty, among others.
The accelerated shift to digital banking has led to a surge in online fraud of all types. Recent studies have shown that 33% of U.S banks’ fraud costs in 2021 came from online banking – a 26% increase from 2020. The increased complexity, volume, and speed of today’s online transactions mean that organizations...
Ransomware has changed the risk landscape for suppliers and is forcing companies to reconsider their risk relationships, says Kelly White, co-founder and CEO of RiskRecon. He discusses the correlation between cyber hygiene, ransomware and data loss.
The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.
Having to decide whether to pay a ransom to cybercriminals is a decision no one wants to make. But Gartner's Paul Furtado and Hearing Australia CISO Daniel Smith say practitioners should stay objective and leave the decision - and the subsequent moral implications - to the business.
In the latest "Proof of Concept," Lisa Sotto of Hunton Andrews Kurth LLP and former CISO David Pollino of PNC Bank join ISMG editors to discuss the many new privacy laws in the U.S., current ransomware and scam trends, and handling the potential corporate risk of sharing information on social media.
Insurance claims being filed by ransomware victims are growing as criminals continue to hit businesses with crypto-locking malware. To avoid these claims, organizations can take a number of proven steps to better protect themselves, says Payal Chakravarty of Coalition.
Ransomware struck global currency exchange and remittance company Travelex on New Year's Eve 2019. Don Gibson, a security architect at Travelex, became publicly linked with the incident, and the undesired attention he received contributed to a health situation that nearly led to a tragic outcome.
Abnormal Security is out with new financial crimes research, and it
shows that traditional business email compromise is evolving into
new forms of financial supply chain compromise. Crane Hassold
shares insights on the crimes and how best to detect, deter and
respond to them.
In a video interview with Information...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
