Based on Russian-language cybercrime chatter, "fear" likely drove the lucrative Avaddon ransomware-as-a-service operation to announce its retirement as the U.S. exerts increasing diplomatic pressure on Moscow to disrupt such activity, experts say. But are criminals simply laying low until the heat dies down?
The prolific Avaddon ransomware-as-a-service operation has announced its closure and released 2,934 decryption keys for free. Has the increased focus by Western governments on combating ransomware been driving this and other operations to exit the fray?
A small U.S. nuclear weapons contractor has confirmed that it suffered a ransomware attack, resulting in the theft of data. Credit for the attack has been taken by the ransomware-as-a-service operation known as REvil, aka Sodinokibi, which the FBI recently tied to the attack against meatpacking giant JBS.
Some 26 million passwords were exposed in a 1.2 terabyte batch of data found by NordLocker, a security company. It's workaday botnet data, but it highlights a hostile malware landscape, particularly for people still inclined to download pirated software.
ExtraHop announced Tuesday it has entered into a definitive agreement to be acquired by the private equity firms Bain Capital Private Equity and Crosspoint Capital Partners for $900 million. The transaction is expected to close in the summer of 2021.
The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. The move comes as the Biden administration pursues multiple strategies to combat ransomware and digital extortion, including ordering a new task force to coordinate all federal investigations.
Former customers of the now-defunct encrypted communications service EncroChat, which was infiltrated by police last year, continue to get busted, including members of a crime syndicate that operated "an industrial-scale cocaine laboratory" in the Netherlands, Europol says.
Ransomware attacks are stuck on repeat: Criminal syndicates have found an extremely profitable business model, and they're milking it for all it's worth. So give the city of Tulsa, Oklahoma, credit for having in place robust disaster recovery capabilities and vowing to remediate, rather than pay criminals.
You can see it in the latest high-profile attacks: Security requirements are ever more complex, exceeding the capacity of current protection capabilities. Enterprises need a new strategy for defending entry points, and Tom Sego of BlastWave believes he has it.
As enterprises adjust to the new threat landscape, how must they also adjust their approach to detection? Bassam Khan of Gigamon discusses the visibility challenge and the promise of new network detection and response solutions.
Welcome to RSA Conference 2021. By virtue of being virtual, we've brought our entire global team to bear on gathering the very latest cybersecurity trends, technologies and takeaways from our industry's leading thinkers via ISMG's largest and most diverse set of video interviews to date.
The FTC rejected arguments from major technology companies and trade groups that independent repair shops increase risks to data security. That could help propel the "right to repair" movement, which contends manufacturers use anticompetitive tactics to lock consumers and independent repairers out.
"It's not personal ... It's strictly business." That line from "The Godfather" encapsulates the mindset of criminals who extort businesses using ransomware and other tools: Their imperative is profits, no matter any disruption they might cause to critical services, such as those provided by Colonial Pipeline.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.