Bad news for ransomware groups: Experts find it's getting tougher to earn a crypto-locking payday at the expense of others. The bad guys can blame a move by law enforcement to better support victims, and more organizations having robust defenses in place, which makes them tougher to take down.
Legislation requiring vendors to design cybersecurity into their medical devices is a great first step to help healthcare entities, but organizations will still face major risks involving legacy medical gear for many years to come, says Daniel dos Santos, research leader at security firm Forescout.
The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
Essential reading for network defenders: CircleCI's report into its recent breach, which began when malware infected an engineer's laptop. After stealing "a valid, 2FA-backed" single sign-on session cookie, attackers stole customers' secrets and gained unauthorized access to third-party systems.
Sophos will execute the second-largest round of layoffs of any security company in the current economic downturn, axing 450 workers amid a shift to MDR services. Sophos plans to reduce its staff by 10% in a move to balance growth and profitability in a challenging and uncertain economic environment.
Cybereason has gone all-in on helping customers mitigate threats beyond the endpoint to minimize the impact of ongoing SOC staffing challenges, CEO Lior Div says. The company's focus on tracking and following malicious operations sets Cybereason's approach to XDR apart from rivals.
Pity the overworked ransomware gang - say, LockBit - that just "discovered" one of its affiliates hit Britain's postal service. But until Western governments find a way to truly disrupt the ransomware business model, operators remain free to keep spouting half-truths and lies at victims' expense.
A high-severity vulnerability patched by Google Chrome a few months ago allowed hackers to steal sensitive files such as crypto wallets. Hackers increasingly are targeting individuals and organizations that hold cryptocurrencies, writes Imperva security researcher Ron Masas, who discovered the flaw.
The prolific ransomware group LockBit has been tied to the recent disruption of Britain's national postal system, as Royal Mail reports it remains unable to send international letters or parcels. While LockBit has enjoyed unusual longevity, could this attack be its undoing?
Twitter says a massive collection of purported user data being sold and then leaked via cybercrime markets was not amassed by exploiting a vulnerability in its systems but is instead "likely a collection of data already publicly available online through different sources."
Microsoft fixed an actively exploited zero-day vulnerability in 2023's first Patch Tuesday dump. The Redmond giant also issued fixes for 98 other vulnerabilities, including 11 classified as critical and 87 as important. The zero-day vulnerability could be used as part of a ransomware attack.
Darknet markets offering illegal drugs and fraudster tools and services are thriving, despite the constant threat of law enforcement infiltration, disruption, takedown and arrests. In response, multiple drug markets have launched customized Android apps to handle buying, selling and fulfillment.
Anytime critical infrastructure gets disrupted, the first question inevitably seems to be: Was a cyberattack to blame? So it went Wednesday when the Federal Aviation Administration announced a "ground stop," prohibiting all U.S. flights from taking off, due to an overnight system failure.
Although small to medium enterprises - SMEs - do not have the security resources larger enterprise possess, they face the same risks. Here are five reasons you should consider consolidating your tech as you strive to find an effective, sustainable security stack that also keeps costs in check.
Industrial control vendors such as Honeywell are increasingly adopting Nozomi Networks within their security portfolio, says CEO Edgard Capdevielle. Firms such as Siemens can actually run Nozomi's products inside their platform, while others have incorporated its tool into a managed service bundle.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.