In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
Healthcare entities should implement a "proactive preparedness" approach for protecting their electronic health record systems, which are an increasingly attractive target for cyberattacks and other breaches, federal authorities warn.
In the latest weekly update, four ISMG editors discuss how ransomware attacks got worse in 2021, the backlash from privacy experts sparked by the IRS' decision - now changed - to use facial recognition technology on American taxpayers, and why cybersecurity fosters competitive advantage.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Two recent hacking breaches affecting hundreds of thousands of individuals - one reported by a firm that provides services to health plans and the other by a government contractor - serve as the latest reminders of the risks involving vendors that handle sensitive personal data.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
Building a zero trust microsegmentation architecture is challenging for many organizations due to a combination of heterogeneity in compute, cloud, and networking, and the legacy use of denylist and allowlist combinations. However, with the key components of a zero trust microsegmentation architecture in place -...
By almost every measure, ransomware continues to get worse, not least in the average amount criminals receive when a victim chooses to pay a ransom. So say new reports assessing the volume and severity of ransomware attacks, the flow of cryptocurrency, attackers' target selection and more.
"All too often we hear that our industrial control systems have no security. That's not true," says Kevin Jones, group CISO of Airbus. In fact, he states, "some of these systems have been designed with security encapsulating them and security around them." He discusses enhancing cyber resilience.
Days after the Federal Bureau of Investigation and the U.S. Secret Service issued a cybersecurity advisory on the ransomware-as-a-service group BlackByte, it hit the corporate IT network of the U.S. National Football League's San Francisco 49ers team.
Security experts explain how the Rust programming language helps the BlackCat ransomware group execute targeted attacks on critical infrastructure. Compared to traditional languages like C or C++, Rust brings speed, security, stability and unparalleled detection evasion capabilities to the table.
In case anyone doubts that Russia is the epicenter of ransomware operations, follow the money, as Chainalysis finds that "roughly 74% of ransomware revenue in 2021 - over $400 million worth of cryptocurrency - went to strains we can say are highly likely to be affiliated with Russia in some way."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
