The BlackCat ransomware-as-a-service group says it's selling 2 terabytes worth of military data including classified documents culled from Indian explosives and propellant manufacturer Solar Industries. Ransomware criminals say they've stolen specifications of rocket propellant and warheads.
Lacework has debuted an attack path analysis tool to help organizations understand the havoc specific threats could wreak within their cloud infrastructure, says CEO Jay Parikh. The company helps customers prioritize which risk elements inside their infrastructure should be addressed first.
The Russia-Ukraine war has had huge economic consequences for Eset, given that the Slovakian vendor was the largest cybersecurity company in Ukraine and second-largest in Russia. The decision to halt sales in Russia and a spending slowdown in Ukraine due to the war hurt Eset, says CEO Richard Marko.
Hackers stymied by Microsoft's crackdown on macros are shifting to malicious OneNote attachments. Particularly worrying is the takeup of the tactic by an initial access broker associated with various ransomware infections, say researchers from Proofpoint.
Christmastime was bleak for a number of organizations in Britain that got hit with ransomware, including car dealership giant Arnold Clark, which originally reported that no customer data had been stolen. But the business subsequently revised its assessment, after attackers dumped stolen data.
Researchers from cybersecurity firm WithSecure say they spotted a North Korean espionage campaign they dub "No Pineapple" that reveals a slew of tools in the Pyongyang hacking arsenal. They're confident the hackers were North Korean: One hacker connected to an infected server using a DPRK address.
Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking...
Attackers this week locked up the business of London-based ION Cleared Derivatives, a software firm that supports derivatives trading, forcing major European banks to process trades manually and prompting a major futures exchange to delay the settlement of trades for two hours.
North Korean hackers stole $1.7 billion in cryptocurrency during 2022, most of it from decentralized finance platforms, Chainalysis finds. North Korean hackers are "systematic and sophisticated" in hacking and laundering stolen funds, and the nation supports cryptocurrency-enabled crime.
Illumio has extended its segmentation capabilities from servers and workloads to endpoints to minimize damage in the event of a ransomware attack, CEO Andrew Rubin says. The Silicon Valley-based company can now stop the spread of breaches and ransomware inside servers, cloud workloads and endpoints.
Premiums for cyber insurance have climbed sharply along with global rates of ransomware. But signs of increased competition and capital inflows suggest the cyber insurance market may be softening, Marsh executive Sarah Stephens told a U.K. parliamentary committee.
Cybercriminals exploited the verification process for Microsoft-certified authentication apps to obtain access to the inboxes of financial and marketing companies. Among the permissions threat actors sought were access to emails and calendars, says cybersecurity firm Proofpoint.
The Identity Theft Resource Center's 2022 Annual Data Breach Report reveals a near-record number of compromises - the second-highest number in 17 years. ITRC COO James Lee worries that a sudden lack of transparency in breach notices is creating more risk for consumers.
Security researchers say they found the Russian intelligence-linked Sandworm threat actor deploying a novel disk wiper against an energy sector company located in Ukraine. Data wipers have played a key role in Russia's hacking campaign against Ukraine.
Government authorities and industry groups are warning the healthcare sector of ongoing distributed denial-of-service attacks on hospitals and other medical entities by Russian nuisance hacking group KillNet, whose name comes from a tool used to launch DDoS attacks.