The Latest
-
SMBs, regional MSPs under fire from targeted phishing attacks
Sophisticated cybercriminals are attacking vulnerable target rich and resource poor organizations to reach secondary victims via phishing campaigns, Proofpoint researchers warn.
-
BEC attacks rise as criminal hackers employ new tactics to evade detection
Threat actors are using cybercrime as a service to grow industrial strength campaigns and leveraging residential IP addresses.
-
KeePass master password manager at risk as users await patch
The exploit only works if the master password is typed directly into KeePass. However, a patch won’t be available for weeks.
-
Dallas under pressure as Royal ransomware group threatens leak
By listing Dallas on its leak site on the dark web, Royal rebutted the city’s claims that data was not compromised during the attack.
-
IT security budgets are shifting as companies target risk reduction
Organizations are designing their security spending around keeping the business secure and operations running smoothly.
-
Retrieved from Dole.
Dole incurs $10.5M in direct costs from February ransomware attack
The attack impacted about half of Dole's legacy company’s servers and one-quarter of its end-user computers.
-
Critical infrastructure security spending to grow 83% by 2027: ABI Research
Analysts forecast cybersecurity spending among critical infrastructure organizations to grow from an estimated $129 billion in 2022 to almost $236 billion by 2027.
-
Why and how to report a ransomware attack
The majority of ransomware attacks go unreported, creating a blind spot that hampers response, recovery efforts and the prevention of future attacks.
-
UMass Memorial agrees to pay $1.2M to settle FLSA claims stemming from Kronos attack
A ransomware attack took the UKG product offline for weeks and has spawned several lawsuits.
-
Cyber resilience programs falling short on preparing workers for a crisis
The report from Immersive Labs raises questions about whether corporate employees would know how to respond after a major cyberattack.
-
House hearing details cyber resilience efforts for energy, water and healthcare
Officials from the Department of Health and Human Services, Environmental Protection Agency and the Department of Energy testified how sector agencies are responding to rising threats.
-
Dallas courts still closed 2 weeks post-ransomware attack
Continued outages also prevent police from accessing data, which is severely impacting efforts to reduce crime as summer approaches, Police Chief Eddie Garcia said.
-
Yum Brands faces class action suits from employees after ransomware attack
The Taco Bell and KFC operator is facing litigation after some personal data of company employees was stolen in the attack.
-
VMware’s ‘target-rich environment’ is growing more volatile, CrowdStrike warns
Ransomware groups continue to target VMware because they know the virtualization infrastructure is vulnerable and lacks security tools, threat researchers said.
-
Emerging ransomware group quickly hits 4 critical infrastructure providers
The financially motivated threat actor attacked organizations in manufacturing, finance, insurance and pharmaceuticals within a week of its debut.
-
Western Digital cyberattack not expected to have material impact on future earnings
The company is coordinating with law enforcement while it continues a forensic investigation.
-
PaperCut actively exploited by multiple threat actors, targeting education sector
Education is a key market for the print management software, which threat actors have targeted since mid-April.
-
Criminal actors switch tactics after Microsoft began to block macros last year
Researchers from Proofpoint have seen a rise in HTML smuggling, PDFs and OneNote files for malware delivery since late 2022.
-
Costs of software supply chain attacks could exceed $46B this year
Losses attributed to software supply chain attacks will jump 76%, reaching almost $81 billion by 2026, according to Juniper Research.
-
CISA director wary of technology industry repeating its mistakes with AI
The multibillion-dollar cybersecurity industry is the result of misaligned incentives, where speed-to-market outranked security, Jen Easterly said.
-
Flood of ransom payments continues as officials mull ban
The revived debate over the viability of a ransom payment ban comes down to the cost ransomware is causing organizations globally.
-
Dragos says it thwarted extortion bid by known ransomware threat group
The hackers accessed limited information by impersonating a new employee, and the cybersecurity firm warns some stolen data may be leaked.
-
Ransomware insurance claims jump back up
Ransomware claims filed by U.S. clients of insurance broker Marsh spiked 77% in the first quarter, following a downward trend in 2022.
-
Walden says cybersecurity strategy mostly well-received
The acting national cyber director says common ground exists in certain areas, but a great deal of work remains.
-
It’s becoming more common for ransomware to lock up data
Data encryption is at four-year high, despite scenarios where threat actors skip encryption and lean on data theft and extortion, according to Sophos.