CISA summons outside tips to alert victims of early-stage ransomware

Post-breach notifications might seem too late for victim organizations, but swift action can prevent ransomware and data exfiltration.

By Matt Kapko • March 27, 2023

Ransomware gangs incite fear in victims to fuel attacks

Attacks involving data theft nearly doubled and harassment spiked 20 times by late 2022, Palo Alto Networks Unit 42 said.

By Matt Kapko • March 21, 2023

Ransomware hit critical infrastructure hard in 2022, FBI says

Many ransomware attacks go unreported to law enforcement, making it difficult for authorities to assess the full scope of impact.

By Matt Kapko • March 15, 2023

MKS Instruments hit by class-action litigation following ransomware attack

The company, a supplier to the semiconductor industry, has begun to recover its production capabilities and is working to upgrade its cyber defenses.

By David Jones • March 15, 2023

Dole doesn’t expect to recover full costs of ransomware attack

The complex insurance market means the ability to recover financially in many cases is difficult, but Dole said the overall impact of the incident was limited.

By David Jones • March 8, 2023

Insurance holding company Group 1001 says operations restored after ransomware attack

The company did not pay a ransom following a February attack that disrupted operations at several of its member companies.

By David Jones • March 7, 2023

LastPass aftermath leaves long to-do list for business customers

Organizations using the password manager are exposed after a major breach compromised credentials and, potentially, business secrets.

By Matt Kapko • March 6, 2023

MKS Instruments says February ransomware attack will clip $200M from revenue

The technology supplier for semiconductor manufacturing and advanced electronics had to temporarily halt some of its operations, disrupting its supply chain, following the attack. 

By David Jones • March 2, 2023

LastPass breach timeline: How a monthslong cyberattack unraveled

A threat actor evaded detection for months and blended in with legitimate activity after targeting 1 of 4 engineers with access to keys to the kingdom.

By Matt Kapko • Updated March 3, 2023

LastPass CEO admits disclosure mistakes, pledges improved communications

The criticism leveled at LastPass has grown as the password manager shared more alarming details on the compromise.

By Matt Kapko • March 1, 2023

LastPass compromise grew worse after DevOps engineer targeted for encryption key

A threat actor used data from multiple breaches and a vulnerability on a high-level employee’s home computer to steal customer passwords.

By Matt Kapko • Feb. 28, 2023

Los Angeles school district confirms sensitive student data leaked

Highly sensitive health records, including psychological evaluations, of about 2,000 students were leaked as a result of the ransomware attack that hit the Los Angeles Unified School District last year.

By Matt Kapko • Feb. 27, 2023

Ukraine discovers lingering breaches 1 year into Russia invasion

Multiple Ukraine government website breaches were discovered on the eve of the one-year mark of Russia’s invasion.

By Matt Kapko • Feb. 24, 2023

For GoDaddy customers, a long dwell time means all could be victims

The web hosting provider has not shared additional details outlining the extent of the breach, but experts are highlighting the incident's multiple red flags.

By Matt Kapko • Feb. 23, 2023

Dole hit by ransomware, North America operations briefly disrupted

The attack against the produce giant marks the latest in a series of cybersecurity threats targeting the food industry.

By David Jones • Feb. 23, 2023

Attackers reduce complexity to catch more potential victims

Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.

By Matt Kapko • Feb. 23, 2023

Phishing, king of compromise, remains top initial access vector

IBM Security X-Force’s annual threat intelligence report highlights what makes phishing such a dangerous and persistent point of entry.

By Matt Kapko • Feb. 22, 2023

Companies grapple with post-breach disclosure risks

The concerns leading organizations to withhold information are aplenty, including reputational damage and financial impacts.

By Matt Kapko • Feb. 16, 2023

IT security budgets triple as businesses confront more cyberattacks across Europe, US

Five-year data from Hiscox shows businesses are facing more frequent and more costly attacks.

By David Jones • Feb. 16, 2023

What’s known about the ESXiArgs ransomware hitting VMware servers

An initial strain affected thousands of devices before a new variant emerged. The latest burst of attacks hit Saturday.

By Matt Kapko • Feb. 15, 2023

VMware ransomware was on the rise leading up to ESXiArgs spree, research finds

Recorded Future analysis underscores a growing ransomware threat confronting organizations using VMware ESXi.

By Matt Kapko • Feb. 13, 2023

VMware ransomware evolves to evade data recovery, reinfects servers

The new ESXiArgs strain has reinfected more than 1,150 VMware servers and represents more than 4 in 5 live infections, according to open-source ransomware data.

By Matt Kapko • Feb. 10, 2023

Unsophisticated ransomware campaign targeting VMware ripe for copycats

Ransomware doesn’t typically hit thousands of potential victims at once. “All of it’s very strange,” one security researcher said.

By Matt Kapko • Feb. 8, 2023

Ransomware attack spree hits thousands of VMware servers

Cyber authorities linked the attacks, dubbed ESXiArgs, to a two-year-old VMware vulnerability. At least 2,250 machines have been compromised.

By Matt Kapko • Feb. 6, 2023

Hive takedown puts ‘small dent’ in ransomware problem

Successful law enforcement actions against ransomware can only do so much. The threat is omnipresent, lucrative and largely in the shadows.

By Matt Kapko • Feb. 6, 2023