A newly uncovered ransomware variant dubbed 'Epsilon Red' is targeting organizations in the U.S. hospitality sector, with the threat actor successfully extorting $210,000 from one of its victims, a new report by security firm Sophos notes.
The White House officially released its fiscal year 2022 budget proposal on Friday. The Biden administration is seeking to spend billions on cybersecurity, including $750 million for "lessons learned" from the SolarWinds attack. Officials also want to boost CISA's budget by $110 million.
A Russian group that was behind the massive SolarWinds supply chain attack has returned with a fresh phishing campaign, according to Microsoft. This new campaign compromised a marketing firm used by the U.S. Agency for International Development - USAID - to send malicious messages to thousands.
Two China-linked threat groups are still exploiting unpatched flaws in Ivanti's Pulse Connect Secure VPN products, using additional malware variants to support cyberespionage, FireEye's Mandiant Threat Intelligence team says.
In this week's panel discussion, four editors at Information Security Media Group discuss cyber insurance, persistent ransomware attacks and whether ransom payments should be banned.
The latest edition of the ISMG Security Report features an analysis of the city of Tulsa's decision to refuse to pay a ransom following an attack. Also featured: Johnson & Johnson's CISO on shifting priorities; mitigating quantum computing risks.
Another big wave of large breaches stemming from hacking incidents, including ransomware attacks, has flooded the federal tally of major health data breaches in recent weeks.
The Department of Homeland Security has issued a cybersecurity directive that requires the operators of oil and gas pipelines to report ransomware attacks and other security incidents to the government and take other security steps.
Belgium's interior ministry, Federal Public Service Interior, is investigating an attack against its network that appears to have the hallmarks of a cyberespionage campaign.
A threat group likely operating from Iran has been attacking Israeli targets for more than a year with the wiper variants Apostle and Deadwood, masking the intrusions as ransomware attacks to confuse defenders, according to SentinelOne.
Canada Post, the nation's primary postal operator, reports that personal information on almost 1 million of its customers was compromised when one of its vendors suffered a ransomware attack last year.
More than five months after the SolarWinds supply chain attack came to light, federal agencies continue to struggle with supply chain security, according to a top GAO official who testified before a House committee.
Network intrusion displaced phishing as the leading hack-attack tactic last year, while ransomware continued to surge as the pandemic complicated incident response efforts, says BakerHostetler's Craig A. Hoffman, who describes trends from the 1,250 incidents his firm helped manage.
The Hydra darknet marketplace, which initially focused on narcotics sales, now also offers stolen credit cards, SIM cards, VPN access and cryptocurrency laundering services, with annual sales exceeding $1 billion, according to a new research report, which explains the market's tactics.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.