Australia's data regulator says organizations hit by ransomware may be underreporting data breaches because they haven't thoroughly figured out if data was taken. But an "absence of evidence" of a data breach in a ransomware attack isn't sufficient to declare that no data was taken.
As ransomware-as-a-service operations continue to compete for affiliates, the operators behind LockBit have unveiled a new version of their crypto-locking malware boasting fresh features, some borrowed from rivals. Separately, a relatively unsophisticated newcomer called Hive has debuted.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the evolution of fraud trends and the challenges in implementing the "zero trust" framework in the OT environment.
The latest edition of the ISMG Security Report features an analysis of the cybercrime-as-a-service model and how law enforcement could potentially disrupt it. Also featured: T-Mobile probes a massive data breach; tackling abuse in the workplace.
A Nigeria-based ransomware gang is conducting a campaign that dangles a $1 million bribe - or a portion of any ransom collected - to employees of targeted organizations if they will install DemonWare ransomware on their corporate network.
The Brazilian government has confirmed that its National Treasury fell victim to a ransomware attack on Aug. 13. The scope of the incident remains unclear, although officials say it did not damage structural systems.
The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
Security researchers are tracking several ransomware gangs that are attempting to exploit a series of bugs in Microsoft Windows collectively called "PrintNightmare." Meanwhile, Microsoft has published an out-of-band alert about another zero-day flaw related to the PrintNightmare vulnerabilities.
What are the latest cybersecurity issues? Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.
The recent ransomware attack that disrupted Scripps Health's IT systems and patient care for nearly a month has so far cost the San Diego-based organization nearly $113 million, including $91.6 million in lost revenue, according to a financial report the nonprofit entity filed this week.