Ransomware-wielding attackers are targeting unpatched versions of FTP software that is widely used by large enterprises, including government and educational organizations. A researcher released proof-of-concept exploit code for WS_FTP software just one day after Progress Software issued its patch.
The zero-day campaign underpinning the May mass attack on Progress Software's MOVEit file transfer software is now the vulnerability fueling a flotilla of attorneys, the software vendor disclosed in a regulatory filing listing pending litigation and governmental investigations.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joined ISMG editors to discuss: how Hamas is using crypto to finance operations, the latest illicit activities by North Korean actors, and how the trial of FTX's Sam Bankman-Fried could impact the industry.
A top U.S. cybersecurity official said Israel has avoided significant cyberattacks since Hamas' invasion Saturday but said that wouldn't necessarily be America's experience should armed conflict break out with China. "There have not been significant cyberattacks as of right now," said Brandon Wales.
This week: Google began phasing out passwords, Microsoft to bid VBScript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S. voter registration data stolen from the District of Columbia, and Volex reports a hack attack.
This week: A crackdown on Hamas' cryptocurrency accounts, more revelations from the trial of Sam Bankman-Fried, Voyager Capital settles with the U.S. Federal Trade Commission - while former CEO Stephen Ehrlich does not - and Elliptic says hackers have cumulatively laundered $7 billion to date.
As organizations face the constant threat of ransomware attacks, it's essential to understand the nature of this pervasive threat and how organizations can respond effectively, said Angus Clarke, vice president, BSO, Mastercard. The obvious answer is never pay a ransom - most of the time.
The violent surprise attack on Israel by Hamas and the region's escalating war spotlights the critical importance of situational awareness, and especially for healthcare organizations that rely on medical or tech products from Israeli technology firms, said Denise Anderson, president of the H-ISAC.
Amnesty International says the Vietnamese government is likely behind a wave of attempted Predator spyware infections against targets including members of the U.S. Congress and European officials. Central to the campaign was an account on social media network X (formerly Twitter).
Pentera got through the attacks on Israel with no injuries among its 180 local employees, and now 20 workers have been called up to serve in infantry or intelligence units. The automated security validation firm's CEO now only wants to do business with people who support Israel's right to defend itself.
Cybersecurity companies across the globe are now preparing for a sizable chunk of their Israel-based workforce to be drafted into the country's military reserves. They've also in recent days taken steps to support their workers or the country at large.
Self-proclaimed hacktivist groups have been attempting to insert themselves into the narrative surrounding the latest war between Israel and Hamas, claiming to have hacked organizations, leaked stolen data and disrupted websites. Experts say many but not all such hype-seeking claims are bogus.
A Chinese nation state hacking group is exploiting a zero-day flaw in Atlassian's Confluence Data Center and Server products as part a campaign spotted in mid-September, Microsoft researchers say. The company attributes the campaign to a Chinese nation-state hacking group designates Storm-0062.
Cloud compromises and supply chain attacks are overshadowing ransomware as the top cyberthreats worrying healthcare sector organizations - but all such incidents are still viewed as significant risks to patient outcomes and safety, said Ryan Witt of Proofpoint, citing new research findings.
A recent attack by a Russian ransomware-as-a-service group that stole the personal information of 2.5 million patients of McLaren Health Care has triggered at least three proposed federal class action lawsuits in recent days, claiming the healthcare company failed to protect patient privacy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.