A Nigeria-based ransomware gang is conducting a campaign that dangles a $1 million bribe - or a portion of any ransom collected - to employees of targeted organizations if they will install DemonWare ransomware on their corporate network.
The Brazilian government has confirmed that its National Treasury fell victim to a ransomware attack on Aug. 13. The scope of the incident remains unclear, although officials say it did not damage structural systems.
Memorial Health System in Ohio is the latest healthcare entity to be hit with an apparent ransomware incident that is disrupting patient care services.
The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
Security researchers are tracking several ransomware gangs that are attempting to exploit a series of bugs in Microsoft Windows collectively called "PrintNightmare." Meanwhile, Microsoft has published an out-of-band alert about another zero-day flaw related to the PrintNightmare vulnerabilities.
What are the latest cybersecurity issues? Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.
The recent ransomware attack that disrupted Scripps Health's IT systems and patient care for nearly a month has so far cost the San Diego-based organization nearly $113 million, including $91.6 million in lost revenue, according to a financial report the nonprofit entity filed this week.
The answer to the increasing volume of challenges is not to just add another tool into the mix, it's to add the tools the organization is already using into an integrated cohesive mix.
The consultancy Accenture, which offers cybersecurity services, confirmed Wednesday it had been hit by a cyber incident. The ransomware gang LockBit took credit for the attack.
There's another twist in the REvil ransomware saga: A decryption key released Friday on a Russian-language cybercrime forum unlocks files encrypted in the attack against Miami-based software developer Kaseya. Why it was released, however, is unknown, and its utility at this point is questionable.
Taiwan-based network-attached storage device manufacturer Synology says the StealthWorker botnet is targeting its products with brute force attacks that could lead to ransomware intrusions.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. The Conti ransomware group is now leveraging backdoors that persist, cybersecurity consulting firm Pondurance reports.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.