The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key.
Cybercriminals are continuing to take advantage of unsecured Amazon S3 buckets, with RiskIQ researchers recently finding card skimming code and redirects to a long-running malvertising campaign infecting several websites.
The operators behind the Kingminer botnet have recently started targeting vulnerable Microsoft SQL Server databases using brute-force methods in order to mine cryptocurrency, according to research from Sophos. In addition, the botnet operators have attempted to exploit the EternalBlue vulnerability.
Europe is targeting financial and economic crime, including fraud and money laundering, via the new European Financial and Economic Crime Center, hosted by the EU's law enforcement intelligence agency Europol. Officials say the launch of such a center during the COVID-19 pandemic is no accident.
Surveillance researchers at Citizen Lab have tied thousands of "Dark Basin" corporate espionage phishing attacks to a small Indian cybersecurity firm called BellTroX InfoTech 新万博彩票注册. It's led by Sumit Gupta, who was indicted by the U.S. in 2015 for criminal hacking on behalf of private investigators.
Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.
The prolific Maze ransomware gang has been tied to yet more attacks, including against Singapore-based defense contractor ST Engineering's North American subsidiary, VT San Antonio Aerospace. Separately, the ransomware gang breached systems at nuclear missile contractor Westech.
A sophisticated strain of ransomware called Tycoon has been selectively targeting education and software companies since December 2019, according to a joint report released by BlackBerry and KPMG. Due to its unique development, this crypto-locking malware can target both Windows and Linux systems.
The Maze ransomware gang is hosting and promoting data stolen by other ransomware operators on its "Maze News" website, according to IBM researchers, who are concerned this could be a sign of growing collaboration among cybercrime groups.
Ransomware-wielding criminals are growing increasingly ruthless, based on the size of their extortion demands, their increasing propensity to leak data in an attempt to force victims to pay and their greater focus on taking down big targets. These tactics, unfortunately, appear to be working.
Two years after it was last seen in February 2018, ZLoader banking malware has resurfaced, with cybercriminals wielding a new version that gets distributed via email campaigns, security firm Proofpoint warns.
The number of darknet forum ads offering full access to corporate networks jumped almost 70% during the first quarter of 新万博彩票注册, compared to the previous quarter, posing a significant potential risk to corporations and their now remote workforces, according to security firm Positive Technologies.
Australian shipping giant Toll Group recently suffered its second ransomware outbreak of the year, with Thomas Knudsen, the company's managing director, branding the latest attack as being "serious and regrettable." But was it preventable?
Today's security executives are looking to shore up their defenses with a more proactive approach - one that can signal unknown threats steps ahead of the impact. Behavioral analytics adds that level of sophistication to network traffic analysis (NTA). This advanced breed of NTA software can spot out-of-norm patterns...
This white paper covers four ways machine learning, applied in a practical and focused way, can strengthen cybersecurity defense.
Download now and learn how to:
Improve detection capabilities with network behavioral analytics, complemented by cyber analysts who can validate and rate alerts;