How to stop ransomware for good— and add the missing layer to ransomware resiliency

Attackers are going to do their best to breach you. And if they invest enough time and technology, they will probably succeed. Put enough obstacles in their path, however, and as you wear down their resources, you have a very good chance of stopping them. Today, defense-in-depth is viewed as a reliable and proven way to prevent ransomware. Yet while the practice of defense-in-depth is recognized by agencies like CISA, many, if not most, organizations get the practice of building defensive layers against ransomware wrong. When you’re a target for...

Read More

The Public Sector’s Troubled Relationship to Ransomware in 2023: A Year in Review

This past year showed us that the ransomware landscape is only getting increasingly sophisticated. This can be seen through ransomware attacks steadily increasing scale, frequency, cost and impact. In fact, 2023 broke the record in ransomware payouts, exceeding $1 billion globally; a stark increase from the $567 million in ransomware payouts seen in 2022.  Securin’s 2023 Year in Review: Ransomware Report, analyzed the 230,648 Common Vulnerabilities and Exposures (CVEs) listed in the National Vulnerability Database (NVD), prioritizing...

Read More

The Crucial Role of Security in Accelerating 5G Adoption

In the rapidly evolving landscape of telecommunications, the emergence of 5G technology represents a pivotal moment in connectivity. With promises of unprecedented speed, reliability, and connectivity, 5G networks are poised to revolutionize industries, transform economies, and empower societies. However, amidst the excitement and anticipation surrounding 5G adoption, one crucial factor stands out as a driving force behind its rapid expansion: security. Security concerns have long been at the forefront of discussions surrounding new technologies,...

Read More

Over 600K routers in USA were disrupted by Cyber Attack

A cyber assault targeting internet routers operating in the United States has caused widespread disruption, affecting over 600,000 devices and marking one of the most significant router attacks in American history. Discovered by Black Lotus Labs, a division of Lumen Technologies, in April 2024, the attack occurred during October and November of the previous year but was only disclosed to the public recently. While security experts believe the attack to be the work of state-sponsored hackers, official details regarding the breach have yet to be...

Read More

Eurojust conducts operation to shut malware and ransomware spreading botnets

Eurojust, the European Union Agency for Criminal Justice, recently initiated a decisive strike against a notorious botnet network responsible for disseminating malware and ransomware across the digital realm. Dubbed “Endgame,” this operation was meticulously coordinated with law enforcement agencies worldwide, resulting in the apprehension of four key suspects. The crackdown led to the seizure of their extensive IT infrastructure, which encompassed over 100 servers and more than 2,000 web domains. Interestingly, while three of the suspects hailed...

Read More

Cyber Attack news headlines trending on Google

BBC Data Breach Exposes Personal Information of 25,000 Staff Members In a recent development, a spokesperson from BBC Pension issued a press release confirming a security breach that potentially compromised the personal information of over 25,000 current and former staff members. While investigations are underway to determine any misuse of data related to the corporation’s pension scheme, the stolen data includes sensitive details such as National Insurance card numbers, addresses, and names of the pensioners. Cybersecurity insiders suggest that...

Read More

Microsoft uncovers North Korea Moonstone Sleet

Microsoft Threat Intelligence teams recently uncovered a novel collective of hackers known as Moonstone Sleet, also identified as Storm-1789. This group has been engaging in a variety of tactics aimed at maintaining their activity and funding the nuclear ambitions of Kim Un Jong. Over the past few weeks, Moonstone Sleet has been initiating the formation of new companies, enticing potential targets with bogus job offers, and subsequently extorting money from victims under false pretenses. Additionally, this threat group has been distributing trojanized...

Read More

Data Entry Job Offers in Southeast Asia Could Be Cyber Crime Traps

In recent revelations by Indian police authorities collaborating with counterparts in Sri Lanka and Singapore, a disturbing trend has emerged: hacking syndicates are preying on unsuspecting graduates by enticing them with lucrative data entry positions in countries like Cambodia, Singapore, Bangkok, Malaysia, or Vietnam, only to coerce them into cybercrime activities. The modus operandi is unsettlingly simple- These criminal groups promise high-paying data entry roles to hopeful job seekers, providing them with basic necessities upon arrival in...

Read More

ABN AMRO bank hit by Ransomware

A prominent ransomware group has reportedly targeted the databases of ABN AMRO bank, resulting in the theft of data belonging to a subset of customers. However, the financial institution has swiftly responded by implementing measures to mitigate risks and is actively informing affected customers about the data breach. As per the latest reports from media sources, the technology provider for the banking firm, ‘Add-Comm,’ fell victim to a ransomware attack. The specific name of the ransomware remains undisclosed at this time. Initial investigations...

Read More

ATM malware developed to target Europe

Britain’s NCSC, the cybersecurity arm of GCHQ, has taken heed of a recent alert regarding a concerning cyber threat. According to reports from media outlets, criminals have developed malware specifically targeting ATMs, with the potential to generate a minimum profit of $30,000 per infected machine. This malicious software, currently attributed to a known cybercrime actor, purportedly claims to have already infiltrated 60% of ATMs across Europe, with intentions to expand its reach further. Alarming reports suggest that this malware is capable of...

Read More

Microsoft to roll out AI powered PCs concerningly in coming years

Microsoft is poised to revolutionize the landscape of personal computing with its upcoming line of AI-powered PCs, signaling a significant shift in user experience and productivity. These cutting-edge devices, akin to the already unveiled Copilot, will predominantly rely on cloud-based infrastructure, ensuring seamless accessibility to stored data from anywhere. Essentially, Microsoft’s foray into AI-driven PCs implies a paradigm where the devices themselves become conduits to cloud-based services, entrusting data management and control to the...

Read More

Enhancing Cyber Resilience in Banking: Leveraging Live Patching to Combat Rising Threats

Now more than ever, banks and financial institutions are facing unprecedented challenges in combating the increasing onslaught of cybercrime. As the digital landscape continues to evolve, hackers are becoming more sophisticated and even geopolitical in their tactics as they relentlessly target the systems, websites and applications within the financial ecosystem. Despite hefty regulations, the industry continues to be categorized as a high risk target. This is largely due to ever-increasing digital dependence and the wealth of stored private data...

Read More

Criminal IP: Enhancing Security Solutions through AWS Marketplace Integration

AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal IP, is now available on the AWS Marketplace. This integration ensures efficient software procurement and deployment, aligning seamlessly with customers’ existing cloud architectures. After meeting specific technical and security standards set by AWS,...

Read More

Memcyco Report Reveals Only 6% Of Brands Can Protect Their Customers From Digital Impersonation Fraud

Memcyco Inc., a provider of digital trust technology designed to protect companies and their customers from digital impersonation fraud, released its inaugural 2024 State of Digital Impersonation Fraud Resilience report. Notably, Memcyco’s research indicates that the majority of companies do not have adequate solutions to counter digital impersonation fraud and that most only learn about attacks from their customers. More than half of all respondents (53%) said their existing cybersecurity solutions do not effectively address website impersonation...

Read More

Securing Trust: How to Partner With Customers to Build World-Class Cybersecurity Solutions

In today’s complex digital landscape, safeguarding businesses and individuals against constantly evolving cyber threats requires a robust, multi-faceted approach. As the Chief Customer Officer at Traceable, I’ve seen firsthand the power of customer collaboration in shaping cybersecurity solutions.  True partnerships with customers provide invaluable insights that inform strategies and product development within the evolving cybersecurity landscape. The Customer at the Core Building robust cybersecurity solutions in today’s ever-evolving threat...

Read More

New Ransomware Gang exploits Microsoft Bitlocker to lockup databases

In a concerning development, a new ransomware gang has emerged employing BitLocker encryption technology to hold databases hostage, demanding payment for decryption keys. BitLocker, a Windows encryption tool, safeguards data by encrypting hard drives, requiring multi-factor authentication for access. Reportedly, the ShrinkLocker ransomware gang has been observed targeting companies in Mexico, Indonesia, and Jordan, focusing on vaccine and steel manufacturers, along with a federal agency. Their strategy appears clear: coerce victims into paying...

Read More

Leveraging Data Consolidation to Strengthen Cybersecurity: A Comprehensive Approach

In today’s interconnected digital landscape, cybersecurity has become a paramount concern for organizations of all sizes and industries. With cyber threats evolving in sophistication and frequency, businesses are constantly seeking innovative strategies to fortify their defenses and safeguard sensitive information. One such strategy gaining prominence is data consolidation – a proactive approach that consolidates diverse data sources to enhance cybersecurity measures. Data consolidation involves centralizing and integrating disparate data sets...

Read More

US to stop GPS data communication from Foreign Satellites

After weeks of diligent examination into potential cyber threats posed by foreign satellites manipulating GPS signals to U.S. mobile devices, the Federal Communications Commission (FCC) is now urging the White House to enact a permanent ban on such interference. Since July 2023, the FCC has fielded approximately seven complaints expressing apprehension that Russian and Chinese satellites could tamper with GPS signals intended for U.S. mobile devices within their operational jurisdictions. Consequently, drawing upon technical insights from the Defense...

Read More

Deepfakes turn into second most common cybersecurity incident

Deepfakes, where AI algorithms manipulate a person’s voice, image, or video to mimic the original, have emerged as the second most common cybersecurity threat in the UK, closely trailing malware. Surprisingly, an alarming 32% of businesses in Britain have fallen victim to such incidents within the past year, according to a recent online survey conducted by the ISMS web portal. The survey, which collected responses from over 500 participants across various sectors including technology, manufacturing, education, energy, and healthcare, shed light...

Read More

Cyber Threat news headlines trending on Google

Rockwell Automation Urges Caution Regarding Industrial Control Systems Rockwell Automation, a leading provider of industrial control systems (ICS), has issued a cautionary advisory urging its customers to refrain from connecting their ICS to the internet. This proactive measure aims to mitigate the risks associated with potential fraudulent access and cyber threats from external sources. The alert aligns with recommendations from US-CERT, emphasizing the importance for users and administrators to heed this warning to safeguard their systems from...

Read More

Safeguard Your Future with Seven Layers of Data Resilience

Organizations have been doing backup and recovery for decades and many feel that they have reactive data protection under control. If an event like a power failure or natural disaster takes down their data center, they just use their replica site hundreds of miles away to continue operations and, if need be, recover their data from disk or tape or cloud storage as needed. It’s a pretty well-understood practice. However, enterprises are now seeing the impact of cyberattacks such as ransomware, which alone is poised to exceed $265 billion in global...

Read More

Can a Cyber Threat Abruptly Evolve into a Ransomware Attack

In today’s digital landscape, the evolution of cyber threats poses significant challenges for individuals and organizations alike. One pressing concern is the sudden escalation of a seemingly minor cyber threat into a full-fledged ransomware attack. This phenomenon has become increasingly common, raising questions about the speed and unpredictability of cyber threats’ transformations. Cyber threats encompass a wide range of malicious activities, including phishing, malware infections, and data breaches. While each threat presents its own risks,...

Read More

LockBit demands $25 million from London Drugs in 48 hours

In April of this year, London Drugs faced a cyber attack, which led to the encryption of their servers. The company promptly announced its efforts to seek alternative methods to recover the stolen data in collaboration with law enforcement. However, following this disclosure, London Drugs maintained silence on the matter until recently, when hackers issued a formal demand: pay $25 million within 24 hours or risk the sale of the compromised data on the dark web. Adhering to data protection laws, London Drugs will notify all affected individuals...

Read More

OpenAI ChatGPT Cyber Threat to Scarlett Johansson

Scarlett Johansson, a familiar face in Hollywood, has repeatedly demonstrated her ability to seamlessly embody various movie characters. In her latest film “Her,” she captivated audiences with her portrayal of a feminine AI virtual assistant, showcasing a surprising blend of friendliness and romance that left viewers intrigued. Setting aside the film’s narrative, let’s delve into a recent development concerning AI and its potential cyber threats. Reports emerged a few months back that Sam Altman, CEO of OpenAI, approached Scarlett Johansson to...

Read More

The Year in GenAI: Security Catches Up with Innovation

Over a year ago, the general public got its first taste of the possibilities of generative artificial intelligence (GenAI) with the public rollout of ChatGPT. As far as watershed tech moments go, it was comparable only to the iPhone launch fifteen years earlier—another occasion on which millions of people realized, simultaneously, that nothing would ever be the same. The enterprise implications of this technology were apparent from the beginning, but that doesn’t mean the relationship between GenAI and enterprise has been uncomplicated. On the...

Read More