Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground.

Cryptocurrency 295

Cryptocurrency Cybercrime Computers and Electronics Scams 295

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A The group claims to have also stolen data from the Banco Pichincha bank and infected a system at Ministry of Finance using for training purposes with PHP-based ransomware.

Hacking 144

Hacking Banking Ransomware Passwords 144

SecureWorld News

JANUARY 4, 2023

In a surprising turn of events, the ransomware gang responsible for targeting Toronto's SickKids Hospital has apologized for the attack and offered a free decryptor to the hospital. It was then two days after this statement that LockBit decided to reverse course on the ransomware attack. RELATED: Royal Ransomware Targeting U.S.

Ransomware 98

Ransomware Healthcare InfoSec Cybercrime 98

SecureWorld News

MARCH 3, 2023

The City of Oakland recently experienced a ransomware attack that disrupted services and caused the city to declare a state of emergency, displaying the real-world consequences that cyberattacks can have. The hackers behind Play Ransomware claim to have access to a "master key" that can decrypt all files affected by their malware.

Ransomware 98

Ransomware Encryption InfoSec Manufacturing 98

Security Affairs

JANUARY 7, 2023

The Hive ransomware gang just leaked 550 GB of data stolen from the Consulate Health Care, including customer and employee PII data. The Hive ransomware gang this week added the company to its Tor leak site, threatening to publish the stolen data. Negotiations fell apart and 3 days quickly turned into 3 hours. Pierluigi Paganini.

Ransomware 98

Ransomware Insurance Data breaches InfoSec 98

Security Affairs

OCTOBER 17, 2021

The public information about the attack suggests that the bank was the victim of a ransomware attack, sources in the cybersecurity industry confirmed it to BleepingComputer. breach #infosec #deepwebnews @FinanzasEc @EcuCERT_EC pic.twitter.com/WTbXz8EYLx — Security Chronicle (@SecurChronicle) February 23, 2021.

Banking 123

Banking InfoSec Cyber Attacks Cybercrime 123

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 130

DDOS VPN Data breaches Cybercrime 130

Security Affairs

MAY 29, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

InfoSec 136

InfoSec Spyware DDOS Firewall 136

Security Affairs

MARCH 21, 2022

Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. campuscodi @vxunderground #cybersecurity #infosec @Microsoft pic.twitter.com/FAYl9Y29QT — Dominic Alvieri (@AlvieriD) March 20, 2022.

Hacking 98

Hacking InfoSec Telecommunications Cybercrime 98

SecureWorld News

OCTOBER 6, 2021

From ransomware to the social media power outage, our news feeds are already full to the brim and this is just the beginning of October. cybersecurity #technology #security #cyber #cybercrime #informationsecurity #cybersecurityawareness #cybersecuritybusiness pic.twitter.com/T2wR194qoz — CYBER RANGES (@cyberranges). October 5, 2021.

InfoSec 98

InfoSec Passwords Cybersecurity Media 98

SecureWorld News

JULY 6, 2021

While the United States was celebrating the 4th of July holiday weekend, a Russia-based cybercrime group launched a ransomware attack against a piece of the IT security supply chain. The ransomware attack target: Kaseya software. Kaseya ransomware attack: updates reveal timing and scope. experienced ransomware and?receive

Ransomware 94

Ransomware Retail Software InfoSec 94

Webroot

AUGUST 18, 2021

The infosec researcher Matt Tait, who spoke at this year’s Black Hat on the topic of supply chain attacks, called the Codecov compromise an instance of high-volume disruption based on indiscriminate targeting. The firm counts among its clients giants like IBM, Hewlett Packard and Atlassian. This is bad news for MSPs.

InfoSec 137

InfoSec Backups Software Small Business 137

SecureWorld News

MARCH 17, 2022

For example, don't underestimate for a second how valuable targeting data and how much targeting data that the ransomware actors obtain when they hack into one of their victims and steal all their internal data. Key takeaway #3: Social engineering is the most powerful attack vector against InfoSec protocols.

InfoSec 97

InfoSec Social Engineering Phishing Cybercrime 97

Security Boulevard

JUNE 14, 2021

One look at all the ransomware attacks from the past few years, and it’s clear that crypto-malware actors are attempting to maximize their financial gain. The post Ransomware Attacks are Evolving: What You Need to Know appeared first on Security Boulevard. Here are a few tactics that stood out to us.

Ransomware 89

Ransomware Malware Antivirus Backups 89

McAfee

OCTOBER 31, 2021

In the past, fake social profiles were relatively easy to spot, however in the case of DPRK, the cybercriminals spent time to setting up a profile, get hooked up into the infosec scene, gain followers and connections through LinkedIn, making it more difficult than before to detect a fraudulent account. Techniques & Tactics. Prevention.

Cybercrime 115

Cybercrime Government Malware Media 115

SecureList

NOVEMBER 23, 2021

Further evolution of cyberthreats as a response to infosec tools and measures. The debate about which threats pose the most danger to industrial enterprises often revolves around comparisons between APTs and cybercrime. Extortion and ransomwaring of those able and willing to pay up. Actions of various attacker categories.

Spyware 139

Spyware Phishing Cybercrime Energy and Utilities 139

SC Magazine

JULY 3, 2021

Kaseya ransomware attacks strike at software at the center of the enterprise: the remote monitoring and management (RMM) platform. (“Server room” by torkildr is licensed under CC BY-SA 2.0 ). The scope of the ransomware outbreak leveraging Kaseya VSA remains fluid, but the number of customers impacted could be significant.

Ransomware 73

Ransomware Software InfoSec Media 73

Thales Cloud Protection & Licensing

AUGUST 11, 2021

No Soup For You, Ransomware! Ransomware campaigns such as WannaCry and Petya attacks made this malware type a top threat to all organizations worldwide. This is of particular relevance when it comes to ransomware. Even the most critical damages caused by ransomware are repairable as long as you have a solid backup strategy.

Ransomware 71

Ransomware Insurance Encryption Cyber Insurance 71

Security Boulevard

JUNE 8, 2022

Ransomware Trends Show Lockbit Most Active, New Tactics, Healthcare Hit Hard. LockBit replaced Conti as the most active ransomware gang and continued to evolve its operations in the first quarter, according to a report (PDF) from KELA Cybercrime Intelligence. Another notable Ransomware trend: new methods of intimidation.

Healthcare 52

Healthcare Ransomware Encryption Cybercrime 52

Herjavec Group

MARCH 7, 2022

Ransomware was more pervasive and more disastrous than ever before. CISOs and infosec professionals are finally getting a seat at the table at an executive and board level. I’ve been in infosec for over 30 years and have had the great privilege of evolving and learning as a cybersecurity executive in a space I love.

InfoSec 98

InfoSec Digital transformation Cybersecurity Cyber Attacks 98

SecureWorld News

OCTOBER 19, 2023

Increased risk of cyberattacks The rising cost of living can lead to an increase in cybercrime, as people become more desperate to make money. Economic effects, including inflationary pressures, have had a broad impact across the InfoSec landscape," Smeaton said. Global Security Mag confirmed that "ransomware attackers extorted $456.8

Cybersecurity 103

Cybersecurity CISO Education Phishing 103

Security Boulevard

SEPTEMBER 8, 2021

Ransomware has been big news this year. In March, the REvil/Sodinokibi ransomware gang infected Acer and demanded $50 million—the highest ransom demand from any ransomware group up to that point. The post Busted: Taking Down Ransomware Attackers appeared first on Security Boulevard.

Ransomware 52

Ransomware InfoSec Cybercrime Network Security 52

SecureWorld News

JULY 6, 2021

While the United States was celebrating the 4th of July holiday weekend, a Russia-based cybercrime group launched a ransomware attack against a piece of the IT security supply chain. The ransomware attack target: Kaseya software. Kaseya ransomware attack: updates reveal timing and scope. experienced ransomware and?receive

Ransomware 52

Ransomware Retail Software InfoSec 52

Digital Shadows

OCTOBER 23, 2024

This English-speaking collective previously served as an affiliate for ransomware group “ALPHV” and now partners with “RansomHub.” We attributed the incident with high confidence to “Scattered Spider,” an English-speaking collective acting as an affiliate for the ransomware group “RansomHub.”

Social Engineering 122

Social Engineering Engineering Accountability Backups 122

Security Boulevard

JUNE 13, 2021

The post ANOM FBI Global Crime Sting, Colonial Pipeline Updates, Password Leak Research appeared first on The Shared Security Show.

Passwords 98

Passwords Mobile Encryption Ransomware 98

Herjavec Group

SEPTEMBER 23, 2021

As cyber breaches and ransomware attacks skyrocket, businesses now have no choice but to face the truth — cybersecurity is no longer an option. To Your Success, I’ve been in infosec for over 30 years and have had the great privilege of evolving and learning as a cybersecurity executive in a space I love.

Cybersecurity 97

Cybersecurity Penetration Testing Digital transformation Risk 97

BH Consulting

MAY 23, 2023

Repetition can lead people to over-disclose information, that could then put them at risk of identity theft and cybercrime. MORE Threat Prompt newsletter covers the intersection between AI and infosec. MORE Kevin Beaumont covers a recent ransomware response that went badly awry. MORE Working in the transportation sector?

Artificial Intelligence 52

Artificial Intelligence Identity Theft Social Engineering InfoSec 52

Herjavec Group

OCTOBER 28, 2021

When it comes to the cybersecurity skills shortage, there are short term and long term solutions we can take that will: Comprehensively secure your enterprise against the growing attack surface and increasingly frequent and sophisticated cybercrime. Address the Current Climate and Make Systemic Changes.

Cybersecurity 52

Cybersecurity Education InfoSec Technology 52

Herjavec Group

DECEMBER 15, 2021

The Rise of Ransomware. 2021 saw some of the most damaging ransomware breaches in recent history. While it’s certainly not new, ransomware has seen a steep increase in frequency and sophistication this past year. The Herjavec Group Threat Team recently reported on the State of Ransomware in 2021.

Cybersecurity 52

Cybersecurity Digital transformation Ransomware Cyber Risk 52

Digital Shadows

OCTOBER 23, 2024

This English-speaking collective previously served as an affiliate for ransomware group “ALPHV” and now partners with “RansomHub.” We attributed the incident with high confidence to “Scattered Spider,” an English-speaking collective acting as an affiliate for the ransomware group “RansomHub.”

Social Engineering 52

Social Engineering Engineering Accountability Backups 52

SecureList

AUGUST 3, 2022

The incident prompted the school district administration to contract a specialized infosec provider for DDoS protection. Educational establishments in the United States suffered from DDoS attacks as well: schools of Topeka USD 501 , Kansas, were disconnected from the internet for five minutes as a result of a cyberattack.

DDOS 142

DDOS Government Marketing IoT 142

ForAllSecure

APRIL 7, 2021

You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. At a time when organizations are dealing with the SolarWinds breach and a persistent threat of ransomware throughout the world. There's a serious shortage of InfoSec professionals.

Hacking 40

Hacking InfoSec Cybersecurity Engineering 40

ForAllSecure

APRIL 7, 2021

You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. At a time when organizations are dealing with the SolarWinds breach and a persistent threat of ransomware throughout the world. There's a serious shortage of InfoSec professionals.

Hacking 40

Hacking InfoSec Cybersecurity Engineering 40

Security Boulevard

MARCH 18, 2024

Zero-trust encompasses a variety of technologies, from strong identity systems to microsegmentation. Why are so many organizations getting it wrong? The post Zero-Trust Network Access: Why so Many Teams Get it Wrong appeared first on Security Boulevard.

Technology 78

Technology Data privacy Security Awareness InfoSec 78

eSecurity Planet

DECEMBER 19, 2023

Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. 2023 cybersecurity issues will continue: Weak IT fundamentals, poor cybersecurity awareness, and ransomware will still cause problems and make headlines.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

Cisco Security

JUNE 25, 2021

First of all, while I am honoured and deeply thankful for the recognition, I believe strongly that Security is a team effort and I must acknowledge the superb InfoSec team in Steward but also the Steward workforce. Read on to learn about his journey and how he leads his team: What were you doing when you got your first taste of cybersecurity?

CISO 83

CISO Healthcare InfoSec Computers and Electronics 83

ForAllSecure

JULY 6, 2022

There’s an online war in Ukraine, one that you haven’t heard much about because that country is holding its own with an army of infosec volunteers worldwide. RSAC also attracts some of the top researchers in infosec. Instead we have these faceless ransomware groups. Vamosi:Ransomware is profitable today.

Cybercrime 40

Cybercrime Government Ransomware Hacking 40