The Cyber Threat Alliance just celebrated its fifth birthday, and President and CEO J. Michael Daniel says the membership and information sharing both are growing at an impressive pace. He discusses the surge in ransomware and how organizations should respond.
Billions of dollars have already been lost in crypto exchanges, and some of the some losses have been due to "basic" security failures, including third parties not implementing common controls, says Troy Leach, security executive in residence at Cloud Security Alliance.
The new Expel Quarterly Threat Report provides even more data on what we’re seeing, detection opportunities, and resilience recs to help protect your organization — now on a quarterly basis.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management, and the CyberEdBoard is posting draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter - the last in the series - is titled "Building an Effective Defense."
Novartis says no sensitive information was compromised in an alleged attack involving the drugmaker's data showing up for sale on the dark web. The incident comes as new reports warn of a surge in cyberattacks on healthcare sector entities and the return of Emotet malware.
Undisclosed attackers have likely stolen $1.7 million by deploying Clipminer, a cryptomining and clipboard hijacking malware, on compromised systems, says the Symantec Threat Hunter Team. According to the team, Clipminer is a copycat or an evolved version of cryptomining Trojan KryptoCibule.
The website of the Russian Ministry of Construction, Housing and Utilities was reportedly hacked and defaced on Sunday. The attacker demands a 1-million-ruble ransom be paid by Tuesday to ensure the security of stolen data. A ministry spokesperson told a state news agency that all data is protected.
The U.S. Department of Justice and FBI announced the seizure of three domains after an investigation that found these domains selling stolen personal information and providing access to conduct distributed denial-of-service attacks. The domain includes weleakinfo.to, ipstress.in and ovh-booter.com.
Atlassian has issued a patch for its Confluence workspace collaboration tool, which is being targeted in the wild with a zero-day vulnerability that gives attackers unauthenticated remote code execution privileges. The vulnerability has a CVSS score of 10 out of 10 for criticality.
U.S. government agencies have issued a warning to organizations in the country against paying ransom to the Karakurt data extortion group. The threat actor's promises to delete stolen data and not disclose the security incident to the public if its demands are met are false, the agencies say.
A zero-day vulnerability in Atlassian Confluence, a workspace collaboration tool that serves millions of daily active users, is being targeted in the wild. The flaw, according to the company's security advisory, gives attackers unauthenticated remote code execution privileges.
Android spyware FluBot's infrastructure was disrupted by the Dutch police as part of a multinational law enforcement operation in May, rendering this strain of malware inactive, Europol says. The agency is continuing its probe into identifying the actors responsible for the malware campaign.
In the latest weekly update, four ISMG editors discuss important cybersecurity issues, including the trending topics at this year's RSA Conference, how security researchers are tracking a zero-day vulnerability in Microsoft Office and what Broadcom's acquisition of VMware means for security.
Boston Children's Hospital thwarted a cyberattack by government-backed Iranian hackers last summer after U.S. authorities received intelligence about the pending assault and alerted the hospital, says FBI Director Christopher Wray, who called Iran's planned cyberattack "despicable."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.