In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether Chat GPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.
As ransomware continues to pummel numerous sectors, and lately especially the manufacturing industry, how does any given organization end up becoming a target or victim? Cybercrime watchers say the answer involves initial access brokers, botnets, targets of opportunity and, above all, profit.
Two hacking breaches - one at a non-profit provider of foster care, mental health and substance treatment services, and the other at a provider of behavioral health services - have affected sensitive information of nearly 400,000 individuals.
The FBI penetrated the network of the Hive ransomware group, which has a history of attacking hospitals. A multinational operation seized the ransomware-as-a-service group's leak site and two servers located in Los Angeles. U.S. law enforcement said an investigation is ongoing.
This report is filled with forward-looking insights and commentary from several industry experts.
With 20 distinct observations, the Forecast covers topics such as:
More individual attacks by actors motivated by bragging rights not profit;
More extortion attacks especially in Europe who is poised to take the title...
57% of consumers would stop spending money with their favourite brand if they fell victim to a phishing
attack while 70% agrees it is the brand’s responsibility to protect itself from email impersonation and from fake versions of its website respectively.
Download this casestudy to learn how to protect your...
CommonSpirit was negligent in failing to protect sensitive health data, resulting in a compromise affecting at least 623,000 patients and perhaps many more, allege plaintiffs in two proposed class action lawsuits filed against the Chicago-based hospital chain after a 2022 ransomware attack.
An electronic health records vendor and a pharmacy management services firm are purportedly among the latest healthcare sector victims of ransomware-as-a-service group BlackCat, also known as Alphv. NextGen Healthcare and PharmaCare Services appeared on BlackCat's leak site late last week.
Spanish authorities arrested three senior executives of the now-defunct cryptocurrency exchange platform Bitzlato, Europol announced. The crime coordination agency says about 46% of the assets exchanged through Bitzlato, worth roughly 1 billion euros, were linked to criminal activities.
Australia started operating an international ransomware task force to facilitate information sharing and best practices worldwide. “Recent cyber incidents in Australia and around the globe are a stark reminder of the insidious nature of ransomware," said Minister for Home Affairs Clare O'Neil.
The Active Adversary Playbook 2022 details the main adversaries, tools, and attack behaviors seen in the wild during 2021 by Sophos’ frontline incident responders.
The anatomy of active attacks including root causes and main attack types
The toolsets adversaries have been employing to...
Bad news for ransomware groups: Experts find it's getting tougher to earn a crypto-locking payday at the expense of others. The bad guys can blame a move by law enforcement to better support victims, and more organizations having robust defenses in place, which makes them tougher to take down.
In the latest weekly update, ISMG editors discuss why being a CISO is like being the first family doctor in a small village, why you can't trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt from Morgan Stanley to fuel its SASE offering.
Ransomware attacks go beyond just the initial attack for MSPs clients, the average cost of downtime is $126k which could be detrimental to a small business's success. And, many of these organizations that get hit by ransomware rely on manual backup to recover their data. This leaves a large opportunity for MSPs to...
RiskRecon recently studied the impact of destructive ransomware incidents and the unique tie between ransomware susceptibility and an organization's cybersecurity posture. Kelly White of RiskRecon discusses the findings and how to use them to help secure the digital supply chain.