An exploit has been created using critical remote code execution vulnerability CVE-2022-1388 in BIG-IP network traffic security management appliances. F5 BIG-IP admins are advised to immediately implement the patches for this vulnerability, which were released last week.
The Ukrainian CERT has issued a statement saying that a "massive" Jester Stealer malware distribution campaign, designed to steal authentication data, is currently underway. The malware, operated by an unknown attacker, self-destructs after its operation is complete, the agency's statement says.
The massive leak of internal communications from the Conti ransomware group has highlighted the extent to which cybercrime syndicates regularly beg, borrow, steal or sometimes even partner or collaborate, all in pursuit of increasing their illicit profits.
Healthcare sector organizations should prepare to deal with potential hacktivist attacks tied to controversy surrounding the U.S. Supreme Court's leaked draft ruling and eventual final decision involving Roe vs. Wade, says attorney Erik Weinick of the law firm Otterbourg PC.
The U.S. Department of State is offering rewards of up to $10 million for information that leads to the identification or location of any individual who holds a key leadership position in the Conti ransomware variant transnational organized crime group.
U.S. President Joe Biden on Thursday signed into the law the Better Cybercrime Metrics Act, which aims to improve data collection on cybercrimes. The law requires the DOJ and the FBI to compile detailed statistics about cybercrime and develop a taxonomy to help contextualize and sort this data.
New York state officials are investigating a data breach at Illuminate Education, maker of a widely used software platform for K-12 schools. More than 1 million current and former New York students' personal details were exposed, and some students in California, Colorado and Connecticut were also affected.
A new malicious campaign that siphons off intellectual property and sensitive data - including documents, blueprints, diagrams, formulas and manufacturing-related proprietary data - has been identified by researchers at Cybereason as being the work of Chinese APT Winnti, based on forensic analysis.
Two signs that the tide may finally, if slowly, be turning on ransomware: The number of victims who choose to pay continues to decline, while the amount they pay - when they choose to do so - recently dropped by one-third, reports ransomware incident response firm Coveware.
An incident commander plays a vital role in the response to major cybersecurity incidents. The sharp rise in ransomware incidents makes them increasingly important.
Most network defenders have never experienced a business-critical incident. An incident commander brings much-needed experience and knowledge to guide...
If threat actors breach your network, they can steal data, encrypt servers, eavesdrop on meetings, and send harassing messages to employees and customers. Containing the threat by severing the attacker's access is essential for a secure recovery.
Download now to find out how to avoid attackers by using the...
Between January and December 2021, Secureworks incident
responders assisted in the containment and remediation of over 450 security incidents.
The motivation and context for incident response (IR) engagements vary. For example, an
organization's decision to use IR services could be influenced by the organization's...
Arguably one of the top tools in a CISO's toolbox is the use of an incident response retainer. The
primary use of a retainer is to give security leaders peace of mind. They know that if they have an
incident response situation, they do not go to the back of the line. Conversely, they can engage with an
Kellogg Community College, or KCC, has resumed operations in all its five campuses - Battle Creek, Albion, Coldwater, Hastings and Fort Custer Industrial Park in Michigan - starting Wednesday. The college management had suspended classes on Monday as the result of a ransomware attack.
DeFi platform Fei Protocol has offered a $10 million "no questions asked" bounty to hackers in an attempt to recover some of the funds stolen from its recently merged DAO partner Rari Capital. Blockchain security firms BlockSec and CertiK say the amount of stolen funds totals about $80 million.