Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds last December. These second-stage malware variants appear to have been deployed after organizations downloaded the "Sunburst" backdoor hidden in a software update.
In financial services, there is a stark difference between defending against authorized versus unauthorized fraud incidents. James Hunt of Bottomline Technologies discusses the schemes and how to respond with a more dynamic prevention strategy.
Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.
...
There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organisation’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once...
Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a backdoor called ThreatNeedle that moves laterally through networks and can overcome network segmentation, according to researchers at Kaspersky.
French authorities are warning the country's healthcare sector of the discovery of a glut of stolen credentials, apparently belonging to hospital workers, that were found for sale on the dark web. The alert comes amid a recent rise in ransomware attacks on hospitals and other healthcare entities.
SonicWall was recently attacked via a zero-day flaw in one of its own products. Curiously, SonicWall hasn't said much about the extent and damage of the breach since its announcement. But there are strong indications it may have been targeted by an extortion attempt.
Individuals suspected of providing hacking, logistical and financial support to the Egregor ransomware-as-a-service operation have been arrested by police in Ukraine as part of a joint operation with French cybercrime police coordinated by Europol, according to a French media report.
Researchers at the security firm Lookout have identified two new Android spyware tools used for cyberespionage campaigns in South Asia which they say are linked to "Confucius," an pro-India advanced persistent threat group.
The ongoing lockdown may be complicating the path of Cupid's arrows. But as another Valentine's Day rolls around, authorities are warning that romance scammers - and other types of fraudsters - are alive and well and have been increasingly preying on unsuspecting victims around the world.
The latest edition of the ISMG Security Report features an analysis of the persistent threat of ransomware. Also featured: Sorting out breaches tied to Accellion’s File Transfer Appliance; an update on fraud trends in 2021.
A cyberespionage campaign is targeting game developers in Asia using an infected Android emulator app as part of a supply chain attack, a report by security firm ESET finds.
To take down bigger targets more easily and quickly, ransomware gangs are increasingly tapping initial access brokers, who sell ready access to high-value networks. Economically speaking, it's a no-brainer move for cybercrime gangs.
Ransomware attacks continue to pummel organizations, but fewer victims have been paying a ransom, and when they do, on average they're paying less than before, says ransomware incident response firm Coveware, which traces the decline to attackers failing to honor their data deletion promises.
Trickbot appears to be making a comeback with a fresh campaign that is targeting insurance companies and legal firms in North America, according to an analysis by Menlo Security. Researchers had warned the malware might surface again after a coordinated takedown of the botnet's infrastructure in 2020.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.