In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. and U.K., demanding ransom payments as high as $1.6 million, according to Palo Alto Networks' Unit 42, which says the group leverages open-source tools.
This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.
The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency.
The U.S. Department of State is now offering rewards of up to $10 million for information about cyberthreats to the nation's critical infrastructure. Meanwhile, the government has launched a StopRansomware website offering a central repository of resources.
Facebook's threat intelligence team says it has disrupted an Iranian advanced persistent threat group that was using the social network as part of an effort to spread malware and conduct cyberespionage operations, primarily in the U.S.
Security software firm NortonLifeLock says it is in "advanced discussions" to acquire Avast, a rival security firm known for its freemium antivirus software. NortonLifeLock was formerly Symantec's consumer-focused business.
SonicWall is urging users of its Secure Mobile Access 100 series and its Secure Remote Access products running unpatched and end-of-life 8.x firmware to immediately apply patches or disconnect the devices because a ransomware campaign using stolen credentials is targeting the them.
Rob Clyde of ISACA discusses his ideas for how to raise up the next generation of "cyberwarriors" to serve on the front lines of active defense against cyberthreats.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Lt. Gen (retired) Rajesh Pant, the national cybersecurity coordinator at India's Prime Minister’s Office, explains in an interview why the government is requiring telecom service providers to only use equipment that’s been certified as trustworthy.
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.
Extended detection and response, or XDR, can play an important role in improving the detection of ransomware and supply chain attacks, says Peter Firstbrook of Gartner.
Microsoft on Tuesday released patches for four zero-day vulnerabilities that are being exploited in the wild, including an official patch for a critical remote code vulnerability dubbed "PrintNightmare" for which an out-of-band fix was issued earlier.
Some security experts are questioning the findings of a recent report by the International Institute for Strategic Studies, a London-based think tank, that concludes China is 10 years behind the United States in "cyber capacity."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.