This ISMG Security Report analyzes the U.S. State Department's reward offer of up to $10 million for information about Russian military hackers implicated in NotPetya. It also examines how ransomware may evolve and the new cybersecurity draft guidance issued by the Food and Drug Administration.
The U.S. government on Tuesday announced a reward of up to $10 million for information pertaining to six alleged Russian military hackers tied to the 2017 NotPetya destructive malware campaign. The malware spread globally, causing commercial damage of up to $10 billion.
The median number of days an attacker dwells in a system before detection fell from 24 days in 2020 to 21 days in 2021, according to a Mandiant report. The biggest year-on-year decline in median dwell time occurred in the APAC region, where it dropped from 76 days in 2020 to 21 days in 2021.
Tenable has agreed to purchase startup Bit Discovery for $44.5 million to help companies discover, attribute and monitor assets on the internet. The deal will allow Tenable to identify vulnerable internet-facing assets that could be attacked.
The Emotet botnet, which was disrupted by law enforcement actions in January 2021, has been making its way back in recent months. Cybersecurity researchers at Proofpoint have now recorded a brief departure from its typical behavior, indicating that the group is likely testing new attack techniques.
Has your organization been bitten by BlackCat ransomware, aka Alphv? If so, the FBI wants to hear details about how attackers broke in, cryptocurrency wallet addresses used to receive ransoms and other information that could help law enforcement authorities better track and block future attacks.
The Food and Drug Administration's decision to incorporate "quality systems regulations" into its new draft guidance for premarket medical device cybersecurity is an important development in the scope of the agency's expectations for manufacturers, says Dr. Suzanne Schwartz of the FDA.
The 2021 Dragos ICS/OT Cybersecurity Year in Review report says the number of industrial organizations with external connections to their industrial control systems has doubled, yet 86% of organizations report limited to no visibility of ICS environments. Tom Winston outlines the top challenges.
Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms. SOC.OS will allow customers to extract information sooner from non-Sophos firewalls, network proxies and endpoint security technology.
Fresh warnings are being sounded about the threat posed by semi-autonomous killing machines both on and above the battlefield, especially as lethal weapons continue to gain features that push them toward full autonomy. Experts say international norms and legal safeguards are overdue.
What do zero-day detection, alert prioritization and patching support have in common? They are all among the "must-haves" of endpoint detection and response solutions. Hiep Dang of Qualys discusses the must-haves and how to communicate the ROI of EDR.
VMware's Tom Kellermann is out with Modern Bank Heists 5.0, his latest look at the attackers and attacks targeting financial services. Subtitled "The Escalation," this report looks at the increase in destructive attacks, ransomware and hits on cryptocurrency exchanges. Kellermann shares insights.
The British government has been alerted multiple times in recent years that officials' smartphones appeared to have been infected with spyware built by Israel's NSO Group, as part of nation-state espionage campaigns targeting Britain, human rights watchdog Citizen Lab says.
New guidance provides healthcare entities and medical device makers a jump-start for negotiating critical cybersecurity issues pertaining to procurement contracts, says Jim Jacobson of device manufacturer Siemens Healthineers, co-chair of an industry group that developed the contract template.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.