Weeks after VMware issued patches to address vulnerabilities in its vSphere Client (HTML5), threat intelligence firm Bad Packets says threat actors are mass scanning for vSphere hosts vulnerable to remote code execution.
Colonial Pipeline Co. CEO Joseph Blount defended his actions during the opening hours of the May 7 DarkSide ransomware attack against his company as several lawmakers on the Senate Homeland Security and Governmental Affairs Committee grilled the executive for over two hours on Tuesday.
Amazon, Google, Spotify and Twitter were among the sites that were unreachable Tuesday morning due to a configuration error at widely used content delivery network Fastly, which said the problem was resolved after about an hour, after which the disruptions would begin to abate.
Ransomware attacks have evolved over the years as attackers have come out with new strategies for digital extortion, says Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group. He shares insight from the Verizon 2021 Data Breach Investigations Report.
The U.S. Justice Department reported it recouped $2.3 million of the $4.4 million ransom Colonial Pipeline Co. paid following a May 7 ransomware attack. The DOJ's Ransomware and Digital Extortion Task Force coordinated the effort, in which the FBI tracked payment to a bitcoin wallet it controls.
Researchers believe that a malware variant that specifically targets poorly protected or misconfigured Windows containers has been uncovered for the first time, according to a report published by Palo Alto Networks' Unit 42. A successful attack establishes a backdoor and persistence.
The Identity Theft Resource Center, a nationally recognized nonprofit organization established to support victims of identity crime, has published new research that shows nearly 30% of people who contact the ITRC are victims of more than one identity crime.
Australian spies should be allowed to take offensive action against some of the world's most prominent ransomware gangs, says Tim Watts, a member of Australia's Parliament who says the move, proposed under the Labor Party's push for a national ransomware strategy, would deter attackers.
Investigators have found that ransomware operators gained access to Colonial Pipeline via a VPN account that was no longer used and didn't have two-step verification enabled. The credentials turned up in a data breach, but security researchers say it's unclear if that's how the attackers sourced them.
If you're a Russian cybercrime gang feeling the heat after being sanctioned by the U.S. government, why not rebrand? So goes an apparent move by Evil Corp to disguise its WastedLocker ransomware as rival gang Babuk's PayloadBin, so any ransom payers won't think they're violating U.S. sanctions.
Symphony Technology Group's acquisition of FireEye Products Business in a $1.2 billion deal will set up the private equity group to better compete with security giants such as Microsoft and Cisco, while unlocking profit potential for FireEye and the now stand-alone Mandiant Solutions, analysts say.
Researchers at Google have identified a new Rowhammer exploit, dubbed Half-Double, which targets design flaws in some of the newer DRAM chips to alter their memory content.
It is particularly challenging for financial institutions to catch authorized push payment fraud. But behavioral metrics can play a big role in detecting these incidents, says Steve Ledford of The Clearing House.
Election security improvements, the push for all software to ship with a "bill of materials" and the results of a long-running investigation into a lucrative digital advertising scam are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. The move comes as the Biden administration pursues multiple strategies to combat ransomware and digital extortion, including ordering a new task force to coordinate all federal investigations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.