Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.
This year's massive exploitation of managed file transfer products such as Fortra's GoAnywhere and Progress Software's MOVEit proves that MFTs are a hacker's paradise. Research by John Dwyer of IBM Security X-Force shows why and also reveals a path toward protecting MFTs in the future.
Microsoft identified a new variant of BlackCat ransomware malware that uses an open-source communication framework tool to facilitate lateral movement. BlackCat, also known as Alphv, is a Russian-speaking criminal group suspected of being a successor to DarkSide and BlackMatter.
This week, Raccoon Stealer returned, hackers used QR codes, Belarus ISPs were used to spy on diplomats, Geico reported a MOVEit breach, an Israeli hospital dealt with ransomware extortion, Clorox took systems offline after an attack, and researchers found flaws in AudioCodes phones and Zoom's ZTP.
The Play ransomware group is targeting security managed service providers to gain initial access and using up to a half-decade-old vulnerabilities in security appliances, warn security researchers with Adlumin. The gang is also using intermittent encryption in a bid to avoid setting off defenses.
The LockBit ransomware-as-a-service group may have become a victim of its own success, having grown "too fast and too quick," to the point where its infrastructure and ability to handle affiliates' requests is lagging, leading many to desert the operation, says ransomware researcher Jon DiMaggio.
U.S. authorities seized a web-hosting company used by ransomware hackers in a joint operation with Polish authorities that resulted in the arrest of five individuals and the indictment of the site's owner. The site, LolekHosted, now displays a banner showing its seizure by the FBI and the IRS.
A nonprofit firm that administers government dental programs in Canada paid a "substantial" ransom for a decryptor key and the destruction of data stolen in a recent ransomware attack. But the company is now notifying nearly 1.5 million individuals that the hack compromised their data.
At least 637 organizations have now confirmed that they were affected by the zero-day attack on MOVEit file-sharing servers that began in late May, collectively affecting 41 million individuals, report cybersecurity researchers who've been tracking the impact of Clop's data-theft campaign.
Ransomware incidents are down, but the volume and impact of targeted attacks are on the rise. These are among the findings of the new Global Threat Landscape Report from Fortinet's FortiGuard Labs. Fortinet's Derek Manky shares analysis of this report and insights on the cybersecurity trends that will influence how we...
In 2022, a typical organization secured 227 BETB of data with averages of 155 BETB on-premises, 63 BETB for cloud, and 10 TB for SaaS.1 Given this data volume, how can you identify risks to all of it?
Watch this webinar to learn how to:
Determine the scope of ransomware attacks using machine learning to detect...
The Biden administration says it wants to get ahead of ransomware attacks against schools before K-12 education resumes in the fall. "We must take cyberattacks on our schools just as seriously as we take physical attacks on critical infrastructure," said Cindy Marten, education deputy secretary.
Small and medium-sized businesses (SMBs) are often ill-prepared to deal with the impact of ransomware and have limited resources to detect and prevent an attack. But there are a variety of techniques that can prevent ransomware – with the resources and staff that you have today.
In this guide, you’ll...
Authorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recently had mainly focused on entities in other industries.
A ransomware attack has forced a California-based hospital chain to divert ambulances from its emergency rooms and cancel appointments for services. The group of 17 hospitals, 166 outpatient clinics and various doctor practices is still recovering after an IT systems shutdown.