Despite the recent leak of internal communications and code from the Conti ransomware group, the criminal enterprise appears to have continued operations without breaking stride, in part thanks to constant innovation, security researchers report.
Has the notorious REvil ransomware operation come back? Former developers may have restarted the server and data leak site. The original Happy Blog leak site began redirecting to the new blog, which lists both old and seemingly new victims, including Oil India Limited.
Fresh warnings are being sounded about the threat posed by semi-autonomous killing machines both on and above the battlefield, especially as lethal weapons continue to gain features that push them toward full autonomy. Experts say international norms and legal safeguards are overdue.
Speaking about his role as managing director, business information security, at financial giant State Street, TJ Hart says, "I wake up nervous, and I go to bed nervous." But he channels that energy into trying to better understand the threat landscape and use that data to make better business risk decisions.
The latest edition of the ISMG Security Report analyzes how the U.S. government is offering a reward of up to $5 million for information to help it disrupt the illicit flow of funds to North Korea. The report also examines approaches to enhance banks' cyber defenses and U.S. regulatory trends.
Lynn Peachey, the director of business development at Arete Incident Response, says that insurance companies have made "a pretty quick turnaround in terms of trying to respond to the ransomware epidemic." She discusses the changes they are making, which include leveraging data quantification.
The Conti ransomware group has been targeting the U.S. and its allies since the beginning of the Russia-Ukraine war. But in the latest large-scale attack on a single country, Conti has reportedly targeted at least five Costa Rican government agencies and leaked nearly 40GB of exfiltrated data.
More than 670,000 individuals have been affected by two 2021 hacking incidents that were only recently reported to federal regulators. The breaches involve healthcare software and billing services firm Adaptive Health Integrations and urgent care provider Urgent Team Holdings.
VMware's Tom Kellermann is out with Modern Bank Heists 5.0, his latest look at the attackers and attacks targeting financial services. Subtitled "The Escalation," this report looks at the increase in destructive attacks, ransomware and hits on cryptocurrency exchanges. Kellermann shares insights.
Hours after global cryptocurrency exchange Currency.com announced it was halting operations in Russia, it faced - and thwarted - a distributed denial-of-service attack. The company's founder, Viktor Prokopenya, says the firm's "servers, systems and client data remained intact and uncompromised."
Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
Federal authorities are warning the healthcare and public health sectors of aggressive, financially motivated attacks by the Hive ransomware group, which has been linked to a number of attacks on healthcare sector entities. Some security experts are urging such entities to fortify their defenses.
A multistage information stealer malware is targeting Windows users and stealing their data from browsers and crypto wallets by using fake domains masquerading as a Windows 11 upgrade. The CloudSEK researchers who discovered the malware have not attributed it to any particular group.
Decentralized credit-based stablecoin protocol Beanstalk was the victim of "a theft of about $76 million in non-Beanstalk user assets." The Ethereum-based protocol did not specify what those assets included, but blockchain security firm PeckShield says the total losses are likely $182 million.
During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.