Cybercrime
Cybercrime | News, how-tos, features, reviews, and videos
REvil ransomware explained: A widespread extortion operation
The REvil group, a.k.a. Sodinokibi, re-victimizes its targets by threatening to release stolen data even after the initial ransom demand is paid.
Twitch breach highlights dangers of choosing ease of access over security
Attackers essentially broke into the Twitch house and cleaned out everything. Following least-privilege access principles and encrypted datasets will help others avoid that scenario.
October is high season for cyberattacks, Infosec Institute study shows
A study by Infosec Institute indicates that there has been an exponential increase in cyberattacks globally in the last five years, and a major part of it happened in the month of October each year as attackers apparently exploit...
TSA to issue cybersecurity requirements for US rail, aviation sectors
New rules include reporting incidents to CISA and naming cybersecurity leads, but experts and industry representatives cite lack of input.
Top cybersecurity statistics, trends, and facts
Survey data from the past year paints a picture for what your threat landscape will potentially look like in the coming months.
Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan
The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.
FCC asks carriers to step up to stop SIM swapping, port-out fraud
The US federal agency puts pressure on telecom carriers to put better authentication, account protection safeguards in place.
How corporate data and secrets leak from GitHub repositories
Attackers constantly search public code repositories like GitHub for secrets developers might inadvertently leave behind, and any tiny mistake can be exploited.
Why today’s cybersecurity threats are more dangerous
Greater complexity and interdependence among systems gives attackers more opportunity for widespread, global damage, say government and industry experts.
4 steps to protect the C-suite from business email compromise attacks
Preventing top executives from becoming BEC victims requires a different approach. Putting the risk in business terms is key.
APT29 targets Active Directory Federation Services with stealthy backdoor
The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.
Cybercriminals bypass 2FA and OTP with robocalling and Telegram bots
The automated bots are highly successful because they effectively emulate legitimate service providers.
MITRE ATT&CK, VERIS frameworks integrate for better incident insights
The MITRE ATT&CK/VERIS collaboration aims to create a common dictionary for communicating information about security incidents.
Breach reporting required for health apps and devices, FTC says
A new policy statement makes it clear that the US Federal Trade Commission will hold healthcare app and device makers accountable for reporting data breaches.
Yes, the FBI held back REvil ransomware keys
The ransomware keys might have been acquired by an ally, which would invoke the third-party doctrine where the decision to release was not the FBI's alone.
US cryptocurrency exchange sanctions over ransomware likely not the last
The sanctions are aimed to cut ransomware gangs off from their revenue. Advisory on sanctions risks regarding ransomware payments also updated.
The Kaseya ransomware attack: A timeline
REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.
Biden sanctions Suex cryptocurrency exchange to stifle ransomware payments
In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments.
-
Data Sheet
Sponsored -
White Paper
-
Case Study
Sponsored -
White Paper
-
White Paper
BrandPosts
Learn more-
Sponsored by OpenText™
-
Sponsored by Netscout