The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
The data leak and negotiation sites for the Ragnar Locker ransomware group went offline Thursday after an international law enforcement operation, backed by the FBI and police in Europe, seized its infrastructure. Whether the disruption spells the end for Ragnar Locker remains unclear.
The biggest challenges in threat detection and response today are the inability to cover the entire attack surface and a lack of insight into who is attacking and why. To address these issues, Cisco introduced Breach Protection, a suite of products that combines email, endpoint and XDR protection.
The Kansas Supreme Court said it is probing a "security incident" that has disrupted access to IT systems also used by the state's Court of Appeals and every District Court but one, leaving them unable to accept electronic filing of documents or process some cases.
A British financial regulator fined American credit reporting agency Equifax 11 millions pounds ($13.4 million) for its role in one of the world's largest data breaches. Chinese military hackers in 2017 exploited a well-known vulnerability in the company's online dispute portal.
This week: Google began phasing out passwords, Microsoft to bid VBScript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S. voter registration data stolen from the District of Columbia, and Volex reports a hack attack.
How did Israeli intelligence fail to spot and stop the deadly assault on Saturday by Hamas militants? Experts suggest planners used offline tactics and extreme compartmentalization to prevent leaks and evade well-known Israeli cyberespionage and digital surveillance capabilities.
Hotel and casino giant MGM Resorts says the recent hack attack against it cost $110 million in lost revenue and mitigation expenses. The publicly traded company expects to recoup losses and costs to date via cyber insurance. MGM Resorts says that its investigation remains ongoing.
Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S. Department of Justice's case against him.
Hacktivists who hit healthcare or otherwise target civilians are violating international humanitarian law, warns the International Committee of the Red Cross. As many self-proclaimed hacktivists appear to be Russian government cutouts, will legal threats make them rethink their life choices?
Discover the crucial insights and predictions from experienced hackers about the intersection of Generative AI and cybersecurity, including emerging risks, vulnerabilities, and innovative approaches to safeguarding data and systems in this brave new world.
This week, Johnson Controls suffered a ransomware attack, the Philippine state health insurance program was recovering from ransomware, Air Canada reported a cyberattack, an APT group used the American Red Cross as bait, new malware targeted Bitwarden, and a LATAM cybersecurity conference occurred.
A data security startup led by a Microsoft and Google veteran and backed by Samsung and CrowdStrike could soon be acquired by Palo Alto Networks. The company is in advanced talks to buy data security posture management startup Dig Security for between $300 million and $400 million.
The count of organizations affected by the Clop ransomware group's most recent mass targeting of Progress Software's secure file transfer software doubled last week. National Student Clearinghouse warned that data tied to nearly 900 colleges and universities had been stolen from its MOVEit server.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.