Security experts say the notorious REvil - aka Sodinokibi - ransomware-as-a-service operation, which went dark in July, appears to be back in business. The group's data leak site and payment portal are back online, and one expert says the group appears to have begun amassing new victims.
To start with, yes, the ransomware threat really is as serious as depicted in the news. But Adam Kujawa of Malwarebytes Labs believes there are actions – beyond endpoint protection – that organizations can take to reduce their risk of being the next high-profile victim.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.
The United Nations says its networks were accessed by attackers earlier this year, leading to follow-on intrusions. One cybercrime analyst reports that he'd alerted NATO after seeing access credentials for one of its enterprise resource planning software systems for sale via the cybercrime underground.
The latest edition of the ISMG Security Report features an analysis of the most sought-after type of victim for ransomware-wielding attackers. Also featured: fighting extortion schemes and stress management tips.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Apparent Babuk ransomware operation spinoff Groove, self-described as being an "aggressive financially motivated criminal organization," has launched as part of the new RAMP cybercrime forum, and is promising affiliates a bigger share of profits than traditional ransomware-as-a-service operations.
Effectively managing the cybersecurity of thousands of medical devices takes a highly collaborative approach and "delicate balance" between IT security leaders, biomedical staff and others, say Baptist Health Care's CISO, Thad Philips, and the senior manager of the biomedical program, Tony Williams.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
New Zealand's Computer Emergency Response Team says it is aware of ongoing distributed denial-of-service attacks that have disrupted services at several organizations in the country, including some financial institutions and the national postal service.
Howard University canceled classes Tuesday in the wake of a ransomware attack it first detected on Friday, the university has announced. There is no evidence the attackers accessed or exfiltrated personal information, the school says.
Google has identified three critical vulnerabilities affecting several Netgear smart switch products that, if exploited, give the attacker complete control over the compromised device. Netgear has issued a security advisory confirming that it has issued patches for 20 impacted products.
A Russian citizen, alleged to be working as a developer for the malware-spreading organization Trickbot, reportedly has been arrested at Seoul-Incheon International Airport. He was questioned by Korean authorities following an extradition request from the U.S.
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
Several security vulnerabilities in infusion pump products from B. Braun could collectively allow malicious actors to modify the dose of medicines delivered to patients, says Douglas McKee, a security researcher on a McAfee Enterprise team that recently discovered the flaws.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.