The latest edition of the ISMG Security Report discusses how security researchers have warned of a new attack campaign targeting 1,200 cloud-based Elasticsearch databases. It also revisits the Kaseya supply chain attack and examines how we can mitigate mobile phone fraud.
The BlackCat ransomware group, aka ALPHV, which is said to be a rebrand of BlackMatter or DarkSide, has now targeted the Austrian state of Carinthia. The attack has "severely affected" government services in the state, says Gerd Kurath, a state spokesperson.
The FBI is warning the U.S. higher education sector about compromised sensitive credentials and network access information advertised for sale across various public and dark web forums. The agency states that this access to credentials could potentially lead to a cyberattack.
Ransomware gang Black Basta, which came to prominence in April, has claimed responsibility on its leak site for a ransomware attack on AGCO. An AGCO spokesperson confirmed to ISMG that employee data was exfiltrated during an attack but did not comment on Black Basta's claims of responsibility.
Ransomware has grown 13% year on year in 2022, a jump greater than the past five years combined, a Verizon Business 2022 Data Breach Investigations Report published on Tuesday shows. It says financial gain continues to be the primary motive for attacks, followed by espionage.
The tumultuous experience of Symantec under Broadcom's control presents a cautionary tale for CISOs currently using VMware's security technology. Symantec saw massive customer and employee attrition following deal close, and the company's technology doesn't fare as well in reviews by Gartner.
Welcome to ISMG's compendium of RSA Conference 2022. The 31st annual conference covered a wide range of topics including cybercrime, cyberwarfare, zero trust, supply chain risk, ransomware, OT security, cyber insurance and jobs. Access 150+ interviews with the top speakers and influencers.
Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDdos. First discovered in 2014, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.
In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.
When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
The Russian-language criminal syndicate behind the notorious Conti ransomware has retired that brand name, after having already launched multiple spinoffs to make future operations more difficult to track or disrupt, threat intelligence firm Advanced Intelligence reports.
Poor security configurations, weak controls and gaps in authentication protocols are among the common initial access vectors "routinely exploited" by threat actors, the Five Eyes cybersecurity alliance says. Firms offering cybersecurity services weigh in on the gaps and implementation challenges.
Criminals are doubling down on their use of information-stealing malware, such as Cryptobot, RedLine Stealer and QuilClipper, to steal private keys and siphon off cryptocurrency being stored in internet-connected hot wallets or to raid cryptocurrency holders' online exchange accounts.
The U.S. Cybersecurity and Infrastructure Security Agency has announced that it is temporarily removing a Windows protection defect from its Known Exploited Vulnerability Catalog because of a risk of authentication failures after the recent Microsoft patch update.
Ransomware group Conti, which has been holding to ransom crypto-locked Costa Rican government systems since April, has claimed on its leak site Conti News that it has "insiders" in the country's government, and that they are working toward the compromise of "other systems."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.