In this in-depth blog, a long-time cybersecurity specialist who recently joined the staff of Information Security Media Group sizes up evolving ransomware risks and offers a list of 11 critical mitigation steps.
The gang behind Maze ransomware has begun publicly identifying its victims and listing data that it exfiltrated from systems before leaving them crypto-locked. The intent is clear: By naming and shaming victims, the Maze gang is trying to compel them to pay.
Suspicious code uploaded to VirusTotal points to Ryuk ransomware being used in a crypto-locking malware attack against New Orleans. Mayor LaToya Cantrell has declared a state of emergency and the city is continuing its recovery, noting that no emergency services have been affected.
A large Atlanta-area manufacturer of wire and cable says it has brought some systems back online after what appears to be a ransomware infection. Southwire Co., based in Carrollton, Georgia, tweeted on Thursday that "we are doing all we can to minimize and resolve this disruption."
The city of Pensacola, Florida, on Tuesday was still recovering from a Saturday ransomware attack that occurred just one day after a shooting incident at Naval Air Station Pensacola. But the FBI reports that it has not identified a connection between the incidents.
A new malware campaign uses a Trojanized version of the game Tetris to target healthcare and educational institutions for credential stealing, according to Blackberry Cylance. Analysts have observed evidence of the threat actors attempting to deliver ransomware with the 'PyXie' Trojan.
Surviving a data breach requires having a plan, and experts say such plans must be continually tested, practiced and refined. They describe seven essential components for building an effective data breach response playbook.
Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms. Prosegur isn't revealing much detail but says it is in the process of restoring services.
The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.
Virtual Care Provider Inc., which provides cloud hosting and other services to more than 110 healthcare entities, including nursing homes and assisted living facilities, is struggling to bounce back from a ransomware attack in which hackers demanded a $14 million ransom.
Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.
This edition of the ISMG Security Report features an analysis of the very latest ransomware trends. Also featured: Discussions of Microsoft's move to DNS over HTTPS and strategies for tackling IoT security challenges.
Doppelpaymer ransomware, despite ongoing rumors, is not being spread via the Teams collaboration platform or BlueKeep remote desktop protocol flaws, Microsoft says. But it warns that the damaging crypto-locking code is being spread via stolen Active Directory administrator credentials.