Is Moscow using the Russian-speaking LockBit ransomware group as a tool to disrupt critical infrastructure and democracy in the West? While no publicly available evidence reveals direct ties, what are the chances that the prolific, trash-talking group has escaped authorities' attention - or demands?
Once the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.
Blue Monday arrived late this year for the LockBit ransomware-as-a-service group, after an international coalition of law enforcement agencies seized swaths of its infrastructure. Security experts said even if the down-at-the-heels group reboots, the disruption already stands as a big win.
Breathless reports claim 3 million IoT toothbrushes have been remotely compromised and used to target unsuspecting businesses via distributed denial-of-service attacks. Just one problem: This story has more holes in it than the teeth of kid with a 10-pack-a-day Gummy Bear habit.
The number of victims who opt to pay a ransom appears to have declined to a record low. During the last three months of 2023, an average of 29% of organizations hit by ransomware paid a ransom - a notable shift from what ransomware watchers saw in recent years.
The FBI announcing that it has forcibly removed "KV Botnet" Chinese nation-state malware from "hundreds" of poorly secured SOHO routers across America highlights the risk posed by the growing volume of outdated IoT devices. The FBI's fix is temporary, and we need a more permanent solution.
Social media accounts - especially those tied to government agencies, big-name companies and high-profile individuals - continue to be a top target for takeover by fraudsters and scammers, especially when it comes to X, formerly known as Twitter. What's the best way to keep these accounts secure?
Does a day ever go by without a fresh set of data breach notifications? Some organizations' breach notifications at least signal respect for the recipient. But others play it shadier, by resorting to marketing spin, minimizing the blame, and in some cases, even indulging in corporate cheerleading.
Switzerland's federal government reports that multiple federal agencies' public-facing sites were temporarily disrupted by distributed denial-of-service attacks perpetrated by a self-proclaimed Russian hacktivist group "as a means of gaining media attention for their cause."
Google Cloud's Mandiant says its account at X, formerly Twitter, was hijacked and used to link to cryptocurrency phishing pages after an attacker guessed the account password, apparently after Twitter last year deactivated the account's SMS-based two-factor authentication, leaving it unprotected.
Seeking to maximize profits no matter the cost, ransomware groups have been bolstering their technical prowess and psychological shakedowns with a fresh strategy: attempting to control the narrative. Experts are warning security researchers and journalists to beware being co-opted.
Winter in London features Hyde Park's Winter Wonderland, Christmas lights galore, and the return of the Black Hat Europe cybersecurity conference, featuring briefings on everything from quantum cryptography and router pwning to dissecting iOS zero-days and training generative AI to attack.
A scientist claims to have developed an inexpensive system for using quantum computing to crack RSA, which is the world's most commonly used public key algorithm. If true, this would be a breakthrough that comes years before experts predicted. Now, they're asking for proof.
The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report. In the lead: long-timer LockBit followed by newcomer LostTrust, with other new groups also having a notable impact.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.