The median number of days an attacker dwells in a system before detection fell from 24 days in 2020 to 21 days in 2021, according to a Mandiant report. The biggest year-on-year decline in median dwell time occurred in the APAC region, where it dropped from 76 days in 2020 to 21 days in 2021.
Has your organization been bitten by BlackCat ransomware, aka Alphv? If so, the FBI wants to hear details about how attackers broke in, cryptocurrency wallet addresses used to receive ransoms and other information that could help law enforcement authorities better track and block future attacks.
In this episode of "Cybersecurity Unplugged," Roger Sels, vice president, solution, EMEA at BlackBerry, discusses the global threat landscape one year after SolarWinds, including cyberthreats from Russia and China; the cyber impact of the Russia-Ukraine war; and the cyber call to action.
The Food and Drug Administration's decision to incorporate "quality systems regulations" into its new draft guidance for premarket medical device cybersecurity is an important development in the scope of the agency's expectations for manufacturers, says Dr. Suzanne Schwartz of the FDA.
The 2021 Dragos ICS/OT Cybersecurity Year in Review report says the number of industrial organizations with external connections to their industrial control systems has doubled, yet 86% of organizations report limited to no visibility of ICS environments. Tom Winston outlines the top challenges.
Pro-Russia threat group Killnet claims to have hit several victims with DDoS attacks in recent days. It targets victims that it believes are adversaries of Russia, and several critical infrastructure entities in the Czech Republic are known to have been successfully targeted.
Russian government hackers and cybercrime groups are teaming up to launch cyberattacks against the West in retaliation for its support of Ukraine. Some cybercrime groups have pledged to support the Russian government and threatened to go after countries providing material support to Ukraine.
Despite the recent leak of internal communications and code from the Conti ransomware group, the criminal enterprise appears to have continued operations without breaking stride, in part thanks to constant innovation, security researchers report.
Has the notorious REvil ransomware operation come back? Former developers may have restarted the server and data leak site. The original Happy Blog leak site began redirecting to the new blog, which lists both old and seemingly new victims, including Oil India Limited.
The latest edition of the ISMG Security Report analyzes how the U.S. government is offering a reward of up to $5 million for information to help it disrupt the illicit flow of funds to North Korea. The report also examines approaches to enhance banks' cyber defenses and U.S. regulatory trends.
Recent security incidents involving third-party software, including Okta and Log4j, underscore the importance of healthcare entities taking steps to enhance their vendor risk management programs, says Chris Frenz, assistant vice president of IT security at Mount Sinai South Nassau.
More than 670,000 individuals have been affected by two 2021 hacking incidents that were only recently reported to federal regulators. The breaches involve healthcare software and billing services firm Adaptive Health Integrations and urgent care provider Urgent Team Holdings.
Federal authorities are warning the healthcare and public health sectors of aggressive, financially motivated attacks by the Hive ransomware group, which has been linked to a number of attacks on healthcare sector entities. Some security experts are urging such entities to fortify their defenses.
The British government has been alerted multiple times in recent years that officials' smartphones appeared to have been infected with spyware built by Israel's NSO Group, as part of nation-state espionage campaigns targeting Britain, human rights watchdog Citizen Lab says.
The Conti ransomware gang has claimed responsibility for the March 31 cyberattack on German wind turbine manufacturer Nordex, which was forced to turn off its IT systems at multiple locations across several business units. The Russia-linked threat group has added Nordex as a victim on its leak site.