The U.S. Department of State is now offering rewards of up to $10 million for information about cyberthreats to the nation's critical infrastructure. Meanwhile, the government has launched a StopRansomware website offering a central repository of resources.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.
The Iranian advanced persistent threat group TA453 has been conducting a series of spear-phishing attacks in an attempt to steal sensitive information from scholars who study the Middle East, according to Proofpoint.
The REvil, aka Sodinokibi, ransomware gang's infrastructure, including its darknet sites, were offline Tuesday, numerous security specialists report. The reason for the sudden disappearance is far from clear.
Attackers have been exploiting a zero-day flaw in SolarWinds' Serv-U Managed File Transfer Server and Serv-U Secured FTP software, the security software vendor warns. The company has released patched versions that mitigate the flaw, discovered by Microsoft, and is urging users to update.
Researchers at the security firm ESET have uncovered an ongoing espionage campaign using an updated variant of Bandook spyware to target corporate networks in Venezuela and other nations in Latin America.
As the Biden administration attempts to force Russia to crack down on its domestic cybercriminals, one challenge will be the sheer diversity of attack code being wielded and individuals involved. Another is that any proactive moves Moscow makes would likely require many months to take effect.
Software developer Kaseya has released patches for its remote monitoring software, which had been exploited by REvil ransomware attackers to infect up to 60 MSPs and 1,500 of their clients. The patches mitigate the final three vulnerabilities out of seven that researchers reported to Kaseya in early April.
A 30-year-old Greek national has been indicted on charges of selling insider trading tips and other proprietary financial data on darknet sites. Apostolos "The Bull" Trovias faces securities fraud and money laundering charges.
Interpol has announced that it will boost the role of country-specific National Central Bureaus to fight ransomware and other cybercrimes. The announcement from the agency comes in the wake of rising ransomware threats to supply chains and critical infrastructure across the world.
A campaign that uses remote access Trojans and malware-as-a-service infrastructure for cyberespionage purposes has been targeting large international energy companies for at least a year, according to cybersecurity company Intezer.
Spammers posing as software vendor Kaseya are waging a malspam campaign to target users of the company's VSA remote IT management software that was hit by a ransomware attack, the security firm Malwarebytes reports.
Acting CISA Director Brandon Wales, Rep. Jim Langevin and many others will discuss the government's top priorities in addressing cybersecurity challenges at ISMG's Virtual Cybersecurity Summit: Government, to be held July 13 and 14.
This edition of the ISMG Security Report features three segments on battling ransomware. It includes insights on the Biden administration's efforts to curtail ransomware attacks, comments on risk mitigation from the acting director of CISA, plus suggestions for disrupting the ransomware business model.