The financial sector is under increasing threat from cybercrime syndicates, and the distributed nature of today's predominantly Russian-speaking attackers is making them tough to disrupt, says Rob Wainwright, director of Europol.
Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices. But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.
"Are we vulnerable to the attacks that are being reported in the media?" All CEOs and boards of directors should be asking that question of their information security team to ensure they don't suffer the same fate - especially when it comes to ransomware outbreaks, says David Stubley of 7 Elements.
Following the WannaCry outbreak, the British government says it's increased cybersecurity funding for England's national health service. But in addition to funding shortfalls and poor cybersecurity practices, experts have also blamed management failures, in part by the U.K. government.
The National Health Service in England should have been able to block the "unsophisticated" WannaCry ransomware outbreak, U.K. government auditors have found. Security experts say the findings should be studied by senior executives across all industries to "learn from the mistakes of others."
Malware is widely available in an "as-a-service" model on the cybercriminal underground to anyone with criminal intent and a bit of money, says John Shier, senior security adviser at Sophos, who explains exactly how the model works in this in-depth interview.
The BadRabbit ransomware attack appears to have been designed for smokescreen, disruption or extortion purposes, if not all of the above. So who's gunning for Ukraine and how many organizations will be caught in the crossfire?
New ransomware called BadRabbit is directly targeting at least 200 organizations, primarily in Russia and Ukraine. The crypto-locking malware demands a ransom, payable in bitcoins, in exchange for a decryption key, and it appears to borrow code from NotPetya ransomware.
Spammers wielding Locky ransomware have a new trick up their sleeves: the ability to infect PCs via malicious Microsoft Word documents that use the Dynamic Data Exchange application-linking feature built into Windows to push ransomware onto victims' systems.
A Belgian security researcher has discovered a "serious weakness" in the WPA2 security protocols used to encrypt many WiFi communications. Attackers can exploit the flaws to eavesdrop as well as potentially inject code such as malware or ransomware into WiFi-connected systems. Prepare for patches.
The Dark Overlord, a hacking group that hijacks data from businesses and holds it for ransom, is now threatening school districts. The apparent intent isn't to get ransoms from schools per se, but to create a fear campaign designed to scare big businesses into paying the group's ransoms.
All the key players of a company's management group, including the CISO, need to be involved in the decision about whether to invest in cyber insurance, says Greg Markell of Ridge Canada Cyber Solutions, a cyber insurer.
Freedom of Information requests sent to 430 U.K. local government councils by Barracuda Networks found that at least 27 percent of councils have suffered ransomware outbreaks. Thankfully, almost none have paid ransoms, and good backup practices appear widespread.
In cryptocurrency we trust: The government of North Korea has been turning to bitcoin exchange heists and cryptocurrency mining - potentially using malware installed on other countries' systems - to evade sanctions and fund the regime, security experts say.
PrincessLocker ransomware is back, although it's less demanding than it used to be, with attackers decreasing the quantity of bitcoins they require to unlock forcibly encrypted files. Unusually, the ransomware is being spread by the RIG exploit kit.