Ransomware has emerged as the No. 1 online threat targeting public and private organizations this year. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware." Meanwhile, many victims fail to report such crimes to police.
Death via a thousand paper cuts? The U.S. government hasn't been able to arrange a domestic court date for whistleblower Edward Snowden, but via the courts, it's successfully been awarded $5.2 million in his book royalties and revenue from speaking engagements.
With so many cybercrime markets continuing to disappear, why haven't encrypted messaging apps stepped in to fill the gap? They might seem to be the perfect solution to admins stealing buyers' and sellers' cryptocurrency - via an exit scam - or police infiltration. But encrypted apps have their own downsides.
Revisiting remote workforce security defenses, simplifying cloud access controls and pursuing risk-based vulnerability management and passwordless authentication are among the 10 security projects that all organizations should consider for this year and next, according to advisory firm Gartner.
Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.
President Donald Trump says TikTok and Oracle are close to making a deal. Don't neglect to read the fine print. While the president has demanded TikTok divest its U.S. operations - preferably to Oracle - because of national security concerns, the Chinese firm is instead offering Oracle a minority stake.
What's one of the worst things that can happen during a pandemic? The answer is anything that gives people less reason to trust in their public health system to handle the crisis. Enter a data breach that has exposed personal information for everyone who's ever tested positive for the disease in Wales.
With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one. That's because ransomware-wielding gangs continue to find innovative new ways to extort cryptocurrency from crypto-locking malware victims.
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
Message to anyone who placed or fulfilled an order via the world's largest darknet market, Empire, in recent weeks: Say bye-bye to your cryptocurrency. It's increasingly clear that Empire's administrators "exit scammed," closing up shop and leaving with a horde of digital currency.
Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.
Ransomware gangs continue to see bigger payoffs from their ransom-paying victims, driven by "big-game hunting," data exfiltration and smaller players seeking larger returns, according to ransomware incident response firm Coveware.
Who watches the penetration-testing testers? Questions are circulating over how some organizations train their employees for the CREST pen-testing certification after some leaked internal documents appeared to contain material from past tests.
One day, you may drive your Tesla Cybertruck on Cyber Monday to your cybersecurity job, backed by a cyber insurance policy as you safeguard cyberspace against the threat of cyberwar. Or cyber whatever, since we've obviously entered the era of "maximum cyber." But what does cyber even mean?