In just a month, the BlackCat cybercrime group has carried out high-impact ransomware attacks on international organizations and risen to seventh place in Unit 42's ranking of global ransomware groups. A key factor, researchers say: the use of the Rust language for coding its malware.
In 2021, there were 1,862 data compromises - a 68% increase over 2020, according to the Identity Theft Resource Center's Annual Data Breach Report. "In this past year, there were more cyberattack-related data breaches than there were all forms of data breaches in 2020," says ITRC COO James E. Lee.
In a report published Monday, Symantec's Threat Hunter Team outlines a specific Russian cyberespionage campaign conducted on a Ukrainian network in 2021 - which comes as Russia has amassed 100,000 or more troops at Ukraine's eastern border while it reportedly mulls invasion
U.S. authorities have mixed news for the healthcare and public health sector. The good news: The threat level posed by ransomware-as-a-service gang BlackMatter is reduced. The bad news: Other cybercriminals will undoubtedly fill the gap - if they haven't already.
North Korean advanced persistent threat group Lazarus - an entity sanctioned by the U.S. and the United Nations - has emerged with a fresh spear-phishing campaign that exploits Windows Updates to execute a malicious payload, using GitHub as a command-and-control server.
Change is afoot at Trellix, which is the new name of the cybersecurity software business formed from the merger of McAfee Enterprise and FireEye. CEO Bryan Palma says the extended detection and response - aka XDR - software imperative for his customers is to do more, but with fewer suppliers and management overhead.
In the first of a planned series of articles looking at strategies that have helped her and her teams over the years to not just survive a stressful environment, but thrive in it, cybersecurity executive and CyberEdBoard executive member Kerissa Varma offers this: Be a human, not a terminator.
The decentralized money market platform Qubit Finance, which runs on the Binance Smart Chain, has been hacked for more than $80 million, it confirmed via tweet on Friday. Blockchain security experts say it's the largest DeFi hack of 2022.
Attack scans and attempts related to the Log4j flaw may have declined, but some security experts believe the attack vectors will continue to pose a problem up to two years. Also, the Ukraine Computer Emergency Response Team reports Log4j could be a possible attack vector in recent cyberattacks.
A memory corruption vulnerability has been uncovered in Polkit’s pkexec, a SUID root program that is installed by default on every major Linux distribution, allowing any unprivileged user to gain root privileges on the vulnerable host.
Four ISMG editors discuss: how too many organizations fail to implement basic cybersecurity defenses - such as MFA; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
All organizations in Britain are being urged by the government to immediately bolster their business resilience capabilities due to an increased risk of fallout from cyberattacks targeting Ukraine. In the past, such attacks have amassed victims outside Ukraine, causing billions in commercial damages.
Eva Velasquez, CEO of the Identity Theft Resource Center, shares six predictions for 2022 that show a shift from identity theft to identity fraud as cybercriminals continue to refine who they target, what information they steal and what they do with it.
The latest edition of the ISMG Security Report features an analysis of whether a new ransomware operation is a spinoff of the notorious REvil or simply copying the group's moves; how Maersk responded to the NotPetya wiper malware attack; and essential incident response skills.
Healthcare organizations must carefully scrutinize any implementation of applications, software suites and other technology platforms that could contain open-source code because of the risks - including potential patient safety issues - posed by these components, says attorney Steven Teppler.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.