Cisco says it fell victim to a successful hack attack and data breach in May. While an attacker wielding Yanluowang ransomware claimed to have exfiltrated data and crypto-locked systems, Cisco says nothing sensitive was stolen and no systems were infected by ransomware.
As ransomware attacks continue to pummel organizations, Rapid7 Chief Scientist Raj Samani says victims must identify how the attacker broke in and if they've given themselves persistent ways to regain access. Otherwise, he says, "They'll hit you again and again."
The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
The cybercriminals behind BlackCat ransomware have upgraded their arsenal by adding Brute Ratel, a pen-testing tool with remote access features that are used by attackers. The group targets large corporations in different industry segments across the U.S., Europe and Asia.
Ukrainian private energy firm DTEK Group alleges that the Russian Federation has carried out a cyberattack against its facilities, crippling its infrastructure in retaliation for its owners' support of the country's fight against Russian invaders.
The Evilnum hacking group has updated its tactics, techniques and procedures and now uses MS Office Word documents and leverages document template injection to deliver malicious payloads to its victims' machines. First seen in 2018, the group mainly targets fintech firms in the U.K. and Europe.
It should come as no surprise that email remains the most popular way to communicate in business, and it’s why many cyberattacks target email. Email security needs to be an essential part of an organization’s cybersecurity policy. Not only are email attacks popular, but there are many ways to achieve an email...
Unlocking the data generated by ransomware attacks is helping organizations better understand the risks, adopt defensive technologies and prepare for future attacks, says Wade Baker, partner at Cyentia Institute. He discusses new data on how quickly organizations are remediating vulnerabilities.
Nearly 20,000 attacks. An average loss of $120,000 per attack. Billions of dollars sent to cybercriminals each year. Business email compromise is no joke, and it’s continuing to increase—despite increased awareness of the issue.
Why? Because the people behind these scams know how to trick humans, relying on...
Ransomware has changed the risk landscape for suppliers and is forcing companies to reconsider their risk relationships, says Kelly White, co-founder and CEO of RiskRecon. He discusses the correlation between cyber hygiene, ransomware and data loss.
The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.
A new Android malware that can steal financial data, credentials, crypto wallets, personal data and cookies; bypass multifactor authentication codes; and remotely control infected devices is targeting online banking customers and financial institutions, cybersecurity researchers at F5 Labs say.
In his spare time, ransomware expert Allan Liska recently became a certified sommelier. Branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the deductive tasting process and threat intelligence.
As the Russia-Ukraine war continues, many commentators continue to highlight the lack of Russian cyberattacks. But The Chertoff Group's Chad Sweet says Russian cyberattacks remain fast and furious, although Moscow continues to publicly downplay both the attacks and their relative failure.
Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology. He also discusses recruiting and retaining new talent.