CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.
Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt their files for free, thanks to a decryptor released by security firm Bitdefender.
The latest edition of the ISMG Security Report features an analysis of the state of the Biden administration's efforts to disrupt ransomware attackers, as well as how a newly patched Apple iMessage flaw was being targeted by Pegasus spyware to effect zero-click exploits.
Regarding the recent tactical innovation by the Grief ransomware gang that is threatening to wipe a victim's data and decryption key if the victim engages a ransom negotiator, analysts are calling this a desperate ploy to scare a target into paying the ransom demand.
A pair of House committees this week said they want to spend additional millions on cybersecurity by injecting funds into CISA and the FTC, as part of the debate over the Biden administration's $3.5 trillion budget proposal for 2022. Part of the money would help fulfill Biden's executive order.
Senior U.S. officials say that there have been no signs that Moscow has begun to crack down on ransomware-wielding criminals operating from inside Russia's borders. President Biden has called on Russia to act responsibly, and U.S. intelligence has been sharing information on top suspects.
Insikt Group, the threat research division of threat intelligence firm Recorded Future, says it has discovered Chinese hackers have breached the internal records of at least 10 Indonesian government agencies, including Indonesia’s primary intelligence service, the Badan Intelijen Negara.
Security experts say the notorious REvil - aka Sodinokibi - ransomware-as-a-service operation, which went dark in July, appears to be back in business. The group's data leak site and payment portal are back online, and one expert says the group appears to have begun amassing new victims.
Nine months after discover of the attack that targeted SolarWinds and clients of its network monitoring tool, the incident continues to spur investigations into what happened. The SEC is reportedly probing those businesses involved, and lawmakers want answers about the breach of DOJ emails.
In the 20 years since the Sept. 11, 2001, al Qaida terrorist attacks on targets in the U.S., the need to shore up critical infrastructure and build resilience into systems remains a priority. But over the past two decades, concerns about physical threats have been displaced by cyber concerns.
The possibility of a terrorist group launching a massive Sept. 11, 2001-scale cyberattack against the U.S. or an ally has been a concern for years, but cybersecurity pros with a background in intelligence and military affairs say such worries are likely unwarranted.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.
The latest edition of the ISMG Security Report features an analysis of the most sought-after type of victim for ransomware-wielding attackers. Also featured: fighting extortion schemes and stress management tips.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Despite a recent slowdown in incidents and some cybercriminals claiming they have stopped or abandoned ransomware attacks, National Cyber Director Chris Inglis says it's "too soon to tell," if the behavior of these groups has changed permanently or if they are waiting for an opportunity to return.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.