So far this year, we've seen heightened tensions between the U.S. and adversaries in Russia, North Korea and Iran. How do these tensions manifest on the cyber stage? Tom Kellermann of Strategic Cyber Ventures talks about the cyberwar risks brewing below the surface.
A look at a Russian-speaking hacker offering novice cybercriminals a cheap way to conduct ransomware attacks leads the latest edition of the ISMG Security Report. Also, hear U.S. Homeland Secretary John Kelly address the cybersecurity challenges the federal government confronts.
Ransomware is the largest underground cybercriminal business. And like any business, entrepreneurs continue to find new ways to innovate. A Russian hacker has cobbled together a low-end ransomware kit costing just $175, aimed at anyone who seeks a file-encrypting payday.
When she first joined the Los Angeles County district attorney's office, Maria Ramirez prosecuted street gangs. Now she's cracking down on cyber gangs and is opening her case file to share lessons learned from cases involving business email compromise and ransomware.
Spanish police arrested Russian computer programmer Pyotr Levashov, apparently while he was vacationing with his family. Authorities say his arrest relates to alleged Kelihos spam botnet and pump-and-dump stock campaigns, not to Russia's alleged interference in the 2016 U.S. presidential election.
A scareware campaign has been locking iOS devices with faux ransomware, demanding a payoff via virtual iTunes gift cards, security researchers warn. A fix for the exploited iOS flaw is included in a massive batch of product patches and updates released by Apple.
Microsoft's docs.com service has been an open window to viewing people's personal data. The company appears to have taken some steps to contain the exposure, but those watching closely say sensitive data can still be found via search engines.
One of the world's biggest botnets, Necurs, is back. But instead of flinging banking Trojans and ransomware, this time it's spouting spam aimed at influencing the price of cheap stocks, say security researchers from Cisco's Talos group.
With ransomware attackers having already launched attack code with themes ranging from horror movies and Pokemon to Hitler to cats, it was only a matter of time before they decided to beam Star Trek's Kirk and Spock direct to would-be victims' PCs.
Hackers have been targeting the likes of AOL and Yahoo, in part, because a certain generation of users - including many senior U.S. officials - continue to use the services to send and store state secrets. Let's make sure future generations don't make similar mistakes.
Little is known about Evgeniy M. Bogachev, the alleged hacker and Gameover Zeus botnet mastermind. There are clues, however, that he's been helping Russian intelligence agencies, according to a new report. If true, that wouldn't be a surprise.
A look at the return of the Crypt0L0cker ransomware leads the latest edition of the ISMG Security Report. Also, assuring the security of medical devices; and U.S. federal prosecutors drop charges against a child porn suspect rather than reveal the hacking technique used to ensnare him.
Crypt0L0cker ransomware - originally tied to the Gameover Zeus gang - has returned, researchers warn, and in some cases is digitally signed to make it appear legitimate. Other attack campaigns are spreading Cerber and Sage Locker via spam emails sent via short-lived domain names.
To meet the increasing customer demands for effective solutions, security vendors must ensure their products work together well, says Dr. Mike Lloyd of RedSeal. This is particularly essential to achieving "digital resilience," the ability to promptly detect and respond to network intrusions, he says.
Déjà vu "smart toy" information security fail: Spiral Toys, maker of internet-connected CloudPets, is under fire for exposing 821,000 user records online - now being ransomed - as well as links to 2.2 million parents' and children's voice recordings.