The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: Discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
The economics of vulnerability discoveries and exploits is always evolving, and knowing those dynamics can provide insights into what attackers are doing, says Casey Ellis of Bugcrowd.
The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability and three other recently patched flaws in Pulse Connect Secure VPN products.
The REvil - aka Sodinokibi - ransomware gang is threatening to release stolen Apple device blueprints unless it receives a massive payoff. The extortion threat - with a reported $50 million opening demand - was unveiled hours before Apple made a series of major new product announcements.
The Lazarus group, an offensive hacking team with ties to North Korea, rolled out a new weapon during a recent phishing campaign targeting South Koreans: Image-laden documents containing malicious bitmap files, reports security firm Malwarebytes.
Ransomware attacks now routinely feature multifaceted extortion efforts, and defenses need to evolve, says Stuart McKenzie of FireEye, who offers an analysis of the findings of the FireEye M-Trends 2021 report.
The telemedicine landscape continues to flourish – but so does medical fraud. Dean Nicolls of Jumio Corp. discusses the most prevalent forms of fraud and how identity verification can help ensure all populations are both included and secured.
Nicolls says there are many fraud schemes flourishing, but one still...
The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that federal agencies and other entities have been compromised by two attack groups, with one possibly acting on behalf of the Chinese government. The groups are exploiting vulnerabilities in Ivanti's Pulse Connect Secure.
A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.
Criminals continue to target ATMs with black boxes to run cash-out attacks and use explosives to get cash out of machines. But during the pandemic, most other types of attacks used to target ATMs, payment terminals and point-of-sale devices sharply declined, a new European study shows.
The Babuk ransomware gang launched a public relations campaign Saturday, posting a message on its website saying it had repaired a defect in the decryptor it provides to victims who pay the ransom demand.
The new world of “work from anywhere” is all about
connecting users to applications. “It’s just different,”
says iboss CEO Paul Martini. Yet, many enterprises still
approach this new dynamic with the wrong security
mindset. Martini outlines what they’re missing.
In this eBook, you'll learn more...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
