Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.
Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety. Success is measured by the number of partners and "who is using the platform," he says.
Recorded Future has signed an agreement with Ukraine's Ministry of Digital Transformation to help protect the county's critical infrastructure against Russian physical and cyberattacks. The company can help detect novel strains of malware and command-and-control infrastructure run by the Russians.
IronNet is just days away from insolvency and its board of directors says it will investigate allegations that company executives misled investors over growth projections. The firm was founded and is helmed by retired Army Gen. Keith Alexander, the former NSA director and U.S. Cyber Command chief.
From the cyberwar in Ukraine to ongoing ransomware threats and emerging global data regulations, 2022 has been a taxing year for CISOs. And they can expect more of the same in 2023, says Rodman Ramezanian of Skyhigh Security. He offers predictions and advice for the new year.
With the surge in ransomware and other major hacking incidents affecting third-party suppliers, it is more critical than ever for healthcare sector entities to diligently scrutinize threats and risks involving their vendors, says Denise Anderson, president and CEO of the Health-ISAC.
Ransomware-wielding attackers have myriad tactics for extorting victims, including demanding a stand-alone ransom for a promise to delete stolen data. But Coveware's Bill Siegel urges victims to never pay for such promises, in part because they rarely - if ever - get honored.
The latest edition of the ISMG Security Report discusses why too few organizations admit to being victims of ransomware attacks, how delayed enterprise subscription start dates forced CrowdStrike to cut sales forecasts, and leveraging threat intelligence to protect critical infrastructure.
As the U.S. celebrates Thanksgiving, let's give thanks for this cybercrime karma: For more than two years, law enforcement and security experts have been exploiting flaws in the crypto-locking malware to help victims decrypt their systems without paying a ransom.
ReliaQuest customers have tailored Digital Shadows' threat intelligence to their organizations to ensure conversations about their brands or products are being captured, says CEO Brian Murphy. The security operations firm says the Digital Shadows deal has fortified its detection and response muscle.
Convergence of the threat landscape looms large for defenders, and Cybercrime as a Service potentially will enable more destructive attacks at scale. These are among the 2023 threat landscape predictions of Derek Manky of Fortinet's FortiGuard Labs. He shares these and other insights.
The latest edition of the ISMG Security Report discusses how Australian health insurer Medibank is deliberating on whether to pay a ransom to extortionists, analyzes the growing number of layoffs in the security vendor space, and shares a tribute to threat intelligence researcher Vitali Kremez.
Tributes are being paid to Vitali Kremez, who has died at the age of 34 in a suspected scuba-diving accident. The renowned threat intelligence expert, born in Belarus, had long tracked Russian cybercrime syndicates and was part of an ad hoc group established to counter ransomware and help victims.
The Google-Mandiant marriage will combine Google's security monitoring tools with Mandiant's threat intel and attack surface management solutions, plus new SOAR and file and URL analyzer capabilities, to create an "end-to-end threat intelligence and cybersecurity operations suite."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.