Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation's brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.
Why do so many HIPAA -covered entities and their vendors do such a poor job managing security risk and safeguarding patient's protected health information? Many critical factors come into play, say Roger Severino, ex- director of HHS OCR, and Bob Chaput, founder of security consultancy Clearwater.
International law enforcement officials on Tuesday announced that some 150 suspects have been arrested globally for buying or selling illegal goods, following a 10-month sting operation, code name "Operation DarkHunTOR," targeting the dark web.
In preparation for the relaunch of ISMG’s education platform, CyberEd.io, Ron Ross of the National Institute of Standards and Technology and Brian Barnier, who is designing a course on critical thinking and design thinking, discuss the need for reorienting toward systems thinking in cybersecurity.
The operators behind Groove ransomware are calling on other extortion gangs to join forces to attack the U.S. public sector, according to chatter seen on underground forums, reports malware research organization vx-underground, citing a blog posted by the gang on a Russian site.
Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.
Who's been launching distributed denial-of-service attacks against ransomware operators' sites and cybercrime markets? Disrupting ransomware operations that rely on Tor-based data leak sites and payment portals for double extortion is an obvious move for cutting into their profits.
Several characteristics of the Hive ransomware group make the threat actor particularly menacing to its victims, which include healthcare sector targets, says Adam Meyers, vice president of intelligence at security firm CrowdStrike.
The actor behind the cyberattack targeting SolarWinds customers - Nobelium - is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says 140 resellers and tech service providers have been notified that they have been targeted by the group.
Following an outage of the REvil - aka Sodinokibi - ransomware operation due to coordinated law enforcement efforts involving the U.S. and foreign partners, the operators behind DarkSide ransomware have moved bitcoin worth almost $7 million to multiple new wallets, making it more difficult to track.
While ransomware might be today's top cybercrime boogeyman, attackers aren't infallible. The latest example: Errors in DarkSide - and its BlackMatter rebrand - enabled security experts to quietly decrypt many victims' files for free, saving millions in potential ransom payments.
In his second Rant of the Day for the CyberEdBoard Profiles in Leadershop blog, Ian Keller, security director and CyberEdBoard executive member, talks about what a CISO does - and what a CISO should do.
CoinMarketCap says it has found no evidence of a data beach despite the circulation of a list of 3.1 million email addresses that correlates with accounts on its service. Regardless of the source, the list would be useful for attackers to launch phishing attacks against those interested in cryptocurrency.
Two Senate leaders on Thursday introduced legislation that would form a working group charged with monitoring the security of AI data obtained by federal contractors. This body would also ensure that the data adequately protects national security and recognizes privacy rights, the lawmakers say.
Threat group FIN7 has set up a website posing as a security company to recruit talent, according to fraud intelligence company Gemini Advisory. The aim of the scam was to lure security researchers who could help the group with penetration testing-related activities to enable ransomware attacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.