As the United States heads into a holiday weekend, experts are warning that ransomware-wielding attackers are sure to unleash crypto-locking chaos in the coming days, with Conti ransomware attacks in particular having been rising sharply in recent weeks.
Citing damaging ransomware attacks that it, along with the FBI, has observed over recent holidays, the Cybersecurity and Infrastructure Security Agency issued an alert warning organizations to be prepared as the Labor Day holiday nears. CISA, however, is not tracking any immediate threats.
The healthcare sector has been reshaped by the forces of digital transformation and virtual health. But it also has been besieged by the shifting threat landscape and the escalation of destructive ransomware attacks. What role can zero trust play? Jack Miller of Menlo Security shares insight.
After a string of high-profile hits, many of the largest and most notorious ransomware operations recently disappeared. But the pace of ransomware attacks hasn't diminished because of a steady influx of new operations, existing operations getting more sophisticated and old players rebranding.
The Biden administration is hosting a White House meeting Wednesday with technology, banking, insurance and education executives to focus on cybersecurity and national security issues, such as protecting critical infrastructure from attacks and how to hire more security professionals to meet demand.
Security researchers at AT&T Alien Labs say they've discovered a cluster of Linux ELF executables, identified as modifications of the open-source PRISM backdoor, that attackers have been using in several campaigns for more than three years.
Microsoft security researchers say the operators of the well-established Mozi IoT botnet have upgraded the malware, enabling it to achieve persistence on network gateways manufactured by Netgear, Huawei and ZTE.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
The notorious AlphaBay darknet marketplace appears to be getting rebooted by "DeSnake," who claims to have been the security administrator for the previous iteration, which law enforcement officials took down in 2017. Whether buyers and sellers will trust it, or the site will survive any takedown efforts, remains to...
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
The decision by the Russian-speaking darknet forums XSS and Exploit to ban all chatter relating to ransomware attacks has had a limited impact on cyber gangs' ability to communicate, according to the threat intelligence firm Digital Shadows.
The U.S. Cybersecurity and Infrastructure Security Agency is creating the Joint Cyber Defense Collaborative to build a national cybersecurity defense strategy based on collaboration between the public and private sectors, CISA Director Jen Easterly said at the Black Hat 2021 conference Thursday.