A North Korean hacking group tracked by cybersecurity firm Proofpoint as TA444 in December unleashed a torrent of spam in a bid to harvest credentials - evidence of a hacking group that mirrors "startup culture in its devotion to the dollar and to the grind."
The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
The notorious LockBit 3.0 ransomware group runs just like a business, focusing on recruiting top talent and maintaining an advanced product - which has led to the group's longevity. But the operators' insecurities could be key to the group's undoing, says security researcher Jon DiMaggio.
Trend Micro spotted operators of the Gootkit malware loader targeting the Australian healthcare sector. Trend Micro doesn't assert the Gootkit campaign is behind a ransomware attack against the country's largest private health insurer but says the "recent campaign might remind us of this incident."
Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.
Modern organizations often have complex cloud and on-premise environments often managed with siloed security tools. This situation leads to fragmented visibility, an inability to prioritize risks for remediation and a lack of business-level reporting.
In this webinar, security leaders will learn how cloud security...
Researchers uncovered thousands of Citrix servers that are vulnerable to two critical flaws, one of which is being actively exploited by nation-state hackers. Netgear also warned its customers about a denial-of-service vulnerability affecting some of its devices.
Many healthcare sector organizations would raise their security maturity levels if more CISOs and their teams approached security with business enablement as the objective, says Taylor Lehmann, director for the office of the CISO at Google Cloud.
Many ransomware-wielding attackers are expert at preying on their victims' compulsion to clean up the mess. Witness victims' continuing willingness to pay a ransom - separate to a decryptor - in return from a promise from extortionists that they will delete stolen data. As if.
According to Accenture Security's Cyber Threat Intelligence team, information stealer malware - malicious software designed to steal information, including passwords - became one of the most discussed malware types on the cybercriminal underground in 2022.
One of Europe's busiest ports is added to the list of LockBit ransomware victims. The hacking group targeted Portugal's Port of Lisbon on Christmas Day, giving the facility a deadline of Jan.18 to pay a ransom of $1.5 million in exchange for deletion of their data.
Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
One of the primary healthcare systems in the northwestern Italian city of Alessandria has been listed as a recent victim of the Ragnar Locker ransomware group, which has leaked stolen data and appears to be continuing to try and extort the organization.
Hackers stole and leaked personal data for nearly 270,000 patients and employees of Louisiana's Lake Charles Memorial Health System as part of a ransomware attack for which Hive claimed credit. Patients and regulators have just been informed about the October attack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
