Yet another ransomware-wielding gang has threatened to steal and leak the data of any victims who refuse to pay a ransom: The operators of Avaddon ransomware have created a dedicated data-leak site that already lists a construction firm victim, and the gang continues to recruit new affiliates.
The Maze ransomware group has posted on its darknet website some data it claims it stole during a recent attack against Canon USA, according to the security firm Emsisoft.
While the exposure of insecure databases on the internet is relatively common, a recent incident featured an unusual twist - the data was mysteriously deleted.
The operators behind the AgentTesla remote access Trojan have upgraded the infostealer with additional capabilities, including the ability to steal credentials from VPNs, web browsers, FTP files and email clients, Sentinel Labs reports. The low-cost malware is used in BEC scams and other campaigns.
Cybercriminals have shifted their focus from individuals and smaller businesses to target governments, critical health infrastructure and major corporations to maximize their profits and disruption during the COVID-19 pandemic, a new Interpol report warns.
Several Canon USA corporate websites remained offline Friday after the company reportedly sustained a ransomware attack. Earlier, the imaging company reported user data was missing from a cloud database.
Quantity of threat intelligence isn't an issue. Quality of intel and integrating it effectively into security programs - that's where many organizations struggle. Casey Martin of ReliaQuest shares insight on the keys to a mature threat intel program.
WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos.
A trio of U.S. government agencies is warning organizations about a hacking campaign using a malware strain that has previously been tied to Chinese hackers. The Taidoor RAT, which has been around for over 10 years, has recently been spotted in several campaigns against IT service providers.
Christopher Leone, assistant special agent in charge, United States Secret Service, offers advice to organizations on forging relationships with law enforcement as part of their cybersecurity incident preparedness plans.
The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says.
The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky.
The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.
The Threat Intelligence Spotlight: Hunting Evasive Malware report draws on data gathered from the 650-plus organizations that eSentire protects and VMware Carbon Black's extensive endpoint protection install base.
A global pandemic, distributed workforces and rapid migration to more cloud services have altered...
Security experts say that ransomware victims too often treat the malware infection as an isolated event, when they should instead assume that attackers remain in their network until proven otherwise. Here are eight tips for dealing with ransomware and other intrusions and making a full recovery.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
