Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.
Has the cry of the Qakbot come to an end? While the pernicious, multifunction malware fell quiet last week thanks to Operation "Duck Hunt," lucrative cybercrime operations have a history of rebooting themselves. Rivals also offer ready alternatives to ransomware groups and other criminal users.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
A new healthcare-focused research agency is seeking proposals for innovative cybersecurity technologies that can apply a national security approach to protecting this highly targeted civilian industry. Today's off-the-shelf software is falling short, the agency said.
A likely Russian toolkit dubbed Telekopye by security researchers lets thieves focus on honing their social engineering skills without having to worry about the technical side of online scamming. Users dub victims "Mammoths," leading security firm Eset to christen Telekopye customers "Neanderthals."
With the rampant surge of fraudulent schemes hitting the world at the moment - including the creation of fake cryptocurrencies, bank websites and investment scams - a more dynamic and holistic approach to detection and prevention is mission-critical for banks and regulators.
Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.
Researchers say a proxy service is routing internet traffic through unsuspecting users' systems that it turns into residential exit nodes, luring them into downloading the proxy application through offers of cracked software and games. Antivirus engines don't detect the application.
The LockBit ransomware-as-a-service group may have become a victim of its own success, having grown "too fast and too quick," to the point where its infrastructure and ability to handle affiliates' requests is lagging, leading many to desert the operation, says ransomware researcher Jon DiMaggio.
An international law enforcement operation took down a phishing-as-a-service website that security researchers say was responsible for more than 150,000 phishing domains. The site, 16shop, sold phishing kits that targeted more than 70,000 people in 43 countries.
A little-known cloud infrastructure provider called Cloudzy has been facilitating nation-state hackers, commercial spyware operations and ransomware affiliates' attacks by failing to keep a close eye on what its customers are doing, researchers at cybersecurity firm Halcyon warn.
Spanish law enforcement officers scored several recent wins against cybercriminals this month. Police nabbed a Ukrainian hacker on the run for 10 years, arrested a fraudster known to have run a smishing campaign that amassed 1.2 million euros, and broke up a phishing nexus - all in two weeks.
Granting third parties access to sensitive data introduces inherent risks that organizations must address effectively. So how does an organization best manage that third-party risk while balancing an organization's inherent need for usability?.
Cyber crooks are performing server hijacking or proxyjacking to make money from the sale of their victims' compromised bandwidth on proxy networks, a new report by security firm Akamai finds. "The attacker doesn't just steal resources but also leverages the victim's unused bandwidth," it says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.