The actor behind the cyberattack targeting SolarWinds customers - Nobelium - is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says 140 resellers and tech service providers have been notified that they have been targeted by the group.
Chronic disease management firm Omada Health has been changing its approach to cloud intrusion prevention and detection, which is reducing time spent on investigating false positives, says the company's information security leader, Bill Dougherty.
While ransomware might be today's top cybercrime boogeyman, attackers aren't infallible. The latest example: Errors in DarkSide - and its BlackMatter rebrand - enabled security experts to quietly decrypt many victims' files for free, saving millions in potential ransom payments.
The latest edition of the ISMG Security Report features an analysis of whether businesses are stepping up their ransomware defenses in response to several warnings released by the U.S. and U.K. governments highlighting the threat posed to infrastructure. Also featured are the Thingiverse data breach and airline fraud...
Disturbing findings from a recent study examining the impact of ransomware attacks on patient care must serve as a wake-up call for the healthcare sector to intensify its preparedness to deal with such incidents, say Larry Ponemon of research firm Ponemon Institute and Ed Gaudet of risk management firm Censinet. The...
In a busy congressional day for cybersecurity legislation, the U.S. House of Representatives passed several bills on Wednesday, targeting both software supply chain and telecommunication system security. One observer describes them as "a win-win for the government and U.S. citizens."
When a business, government agency or other organization hit by ransomware opted to pay a ransom to its attacker in Q3, the average payment was $140,000, reports ransomware incident response firm Coveware. It says the attack landscape has seen some notable shifts since the Colonial Pipeline attack.
Is there any bigger cybercrime soap opera than the life and times of ransomware operators? Take the REvil, aka Sodinokibi, ransomware-as-a-service operation, which feels like it's disappeared and reappeared more times than the secret, identical twin of the protagonist in your favorite melodrama.
A spate of ransomware incidents affecting the education sector has led to the loss of student coursework, financial records and data relating to COVID-19 testing. Matthew Trump, senior IT security officer for the University of London, U.K., outlines incident response strategies.
After being targeted by a ransomware attack in March 2021, Acer, one of the world's largest PC and device makers, has now suffered two further cyberattacks within a week. DESORDEN threat actors are reported to have claimed responsibility for the attacks.
Sinclair Broadcast Group, Inc., which owns or operates 186 television stations across 87 U.S. markets, has been hit with a ransomware attack that has disrupted operations. The company says the attack has impacted its ability to deliver advertisements and certain programming.
U.S. federal agencies issued a joint advisory around potential cyber threats to the nation's water facilities. They cite "ongoing malicious cyber activity - by both known and unknown actors - targeting the IT and OT technology networks, systems and devices" of U.S. water and wastewater systems.
In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner's Office's recent consultation on creating an international data transfer agreement.
MITRE, the not-for-profit organization that works across governmental and federal agencies, as well as various industrial verticals and academia, has set up The Cyber Infrastructure Protection Innovation Center and The Clinical Insights Innovation Cell to protect healthcare.
The breach of text message routing giant Syniverse revealed yet another supply chain attack involving a key supplier, exacerbated by outdated communications protocols desperately in need of a security revamp and better incentives for improvement, says mobile telephony security expert Karsten Nohl.