In the latest weekly update, four ISMG editors discuss important cybersecurity issues, including the trending topics at this year's RSA Conference, how security researchers are tracking a zero-day vulnerability in Microsoft Office and what Broadcom's acquisition of VMware means for security.
The 15th edition of the annual Verizon Data Breach Investigations Report examines the rapid growth in ransomware, along with other threat vectors. Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group, discusses key findings and reviews the security landscape.
The latest edition of the ISMG Security Report discusses how security researchers have warned of a new attack campaign targeting 1,200 cloud-based Elasticsearch databases. It also revisits the Kaseya supply chain attack and examines how we can mitigate mobile phone fraud.
Costa Rica's public health services agency was hit Tuesday by a ransomware attack allegedly launched by Hive. The incident comes after an April attack - reportedly by fellow Russian-backed group Conti - targeted multiple Costa Rican government agencies.
Memo to IT administrators: Don't store data in cloud in an unsecure manner. Security researchers at Secureworks have found more than 1,200 cloud-based, unsecured Elasticsearch databases that attackers wiped, leaving only a ransom note demanding Bitcoin in return for their restoration.
Obtaining threat insight is like practicing judo - you want to use your attacker's power against them, says Chris Borales, senior manager of product marketing at Gigamon. He and Tom Dager, CISO of Archer Daniels Midland Company, discuss how to keep pace with the evolving ransomware landscape.
In the aftermath of the BlackCat ransomware attack on May 24, 2022, that "severely affected" government services in Carinthia, the Austrian state has budgeted 500,000 euros to restore services and boost its cybersecurity and reinstated its passport issuance system, which was affected by the attack.
Solving this conundrum can be a challenge and some banks struggle to deploy technology environments enabling them to capitalize on data.
Fraud knows no boundaries, so organizations must also keep a constant watch on the threat landscape. But automation, and technology, alone cannot solve this problem: insights can...
The BlackCat ransomware group, aka ALPHV, which is said to be a rebrand of BlackMatter or DarkSide, has now targeted the Austrian state of Carinthia. The attack has "severely affected" government services in the state, says Gerd Kurath, a state spokesperson.
Crime has evolved over the decades and criminals always adapt their methods and techniques to match with the nature of security controls and human behaviors, in order to achieve their goal – financial gain.
How can we as security professionals keep up with criminals new and improved modern tactics that target...
If software has a dangerous security flaw, should its maker tell customers to shut it down until it’s fixed? It's a tough call, but Dutch company Hoppenbrouwers says the software vendor Kaseya should have done so last year to prevent a massive supply chain attack by the REvil ransomware gang.
In 2021, Mandiant Threat Intelligence identified 80 zero-days exploited in the wild, which is more than double the previous record volume in 2019. State-sponsored groups continue to be the primary actors exploiting zero-day vulnerabilities, led by Chinese groups.
Join Mandiant’s Erin Joe, SVP of Strategy and...
The FBI is warning the U.S. higher education sector about compromised sensitive credentials and network access information advertised for sale across various public and dark web forums. The agency states that this access to credentials could potentially lead to a cyberattack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.