REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators. And the operators are constantly improving the malware, including porting it to Linux to target network-attached storage and hypervisors.
The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.
In a multinational effort led by the Dutch National Police, authorities seized servers and web domains used by DoubleVPN, a Russia-based company that allegedly provided a safe operating infrastructure for cybercriminals, according to Europol.
Deputy national security adviser Anne Neuberger says the White House is preparing to release additional details, including attribution, about the attacks that targeted vulnerable on-premises Microsoft Exchange email servers at government agencies and other organizations earlier this year.
The legitimate security penetration testing tool Cobalt Strike is increasingly being used by threat groups, especially those that are less technically proficient, according to a Proofpoint report. The security firm says the number of attacks using the tool rose by 161% from 2019 to 2020.
The Department of Health and Human Services needs to improve collaboration among several of its internal entities, as well as with external partners, in order to bolster cybersecurity threat intelligence sharing in the healthcare and public health sector, says a watchdog agency report.
The U.S. Secret Service has published a Most Wanted Fugitives list featuring 10 suspects wanted in connection with financial cybercrimes The agency is offering rewards of up to $1 million for information on two Ukrainian suspects who allegedly targeted the SEC in 2016.
With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.
President Joe Biden's nominees for White House cyber director and CISA director faced questions from senators during their confirmation hearing Thursday, including how the federal government should respond to a recent spate of ransomware attacks and other cyberthreats.
The ransomware attack that disrupted operations at meat processing giant JBS has exposed cybersecurity shortcomings in the U.S. agricultural sector and food supply chain. Experts say the industry demands the level of security scrutiny given to the electrical grid and other critical infrastructure.
The Department of Justice announced Tuesday that it has seized two domains that were used during a recent phishing campaign that targeted a marketing firm used by the U.S. Agency for International Development - USAID - to send malicious messages to thousands of potential victims.