Police in Ukraine have seized servers operated by the Intellect Service, which develops the M.E. Doc accounting software used by 80 percent of Ukrainian businesses. Attackers backdoored the software to launch XData, NotPetya and fake WannaCry - aka FakeCry - malware campaigns.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.
The latest edition of the ISMG Security Report leads with an analysis exploring how artificial intelligence can be used by hackers to threaten IT systems and by organizations to defend critical digital assets. Also, a deep dive into the NotPetya ransomware attack.
The Cyber Threat Alliance is developing playbooks that will show organizations how to stop hackers from causing havoc. Alliance President Michael Daniel explains how the playbook could help to disrupt a cyber attacker's business model and processes.
The latest ISMG Security Report leads off with a look at the growing industry of mobile spyware designed exclusively for governments, but often misused to track citizens and activists. Also, Australia's push to get allies to adopt tools to counter encryption.
When asked, "What's your container strategy?" the majority of CISOs will respond by asking: "What's a container?" So says Tenable's Gavin Millard, who sees ongoing confusion about how containers can help organizations not only move to the cloud but stay secure, provided they're correctly managed.
Rapid patching and adoption of updated software has long been a "must do" security imperative. But as WannaCry demonstrated, many organizations have yet to master the patch-management challenge, says Jack Huffard, president and COO of Tenable.
What factors are security leaders weighing today when making decisions about investments to protect their organizations tomorrow? Neustar's Joseph Loveless comments on results of ISMG's new Strategic Cybersecurity Investments Study.
A former Qualys customer for more than a decade, Mark Butler is now the company's CISO. And one of his jobs is to help spread the word to other security leaders about the vendor's vulnerability management solutions.
Defense starts with awareness. And Dr. Paul Vixie of Farsight Security says awareness begins with tactical observations that can be gleaned from scanning Internet traffic. Vixie details how real-time contextual data can bolster security.
Members of Parliament in Britain have had their remote email access suspended following an apparent brute-force hack attempt aimed at exploiting weak passwords to gain access to their accounts. Officials say fewer than 90 email accounts appear to have been breached.