Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDDos. First discovered in 2014, XorDDos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.
In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.
When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
The Russian-language criminal syndicate behind the notorious Conti ransomware has retired that brand name, after having already launched multiple spinoffs to make future operations more difficult to track or disrupt, threat intelligence firm Advanced Intelligence reports.
Palo Alto Networks' product portfolio is paying dividends as customers look to reduce their vendor footprint, says CEO Nikesh Arora. He says despite pressures in the global economy, enterprises aren't currently stressing about their IT budgets.
As one might suspect, low-hanging fruit is an easy target for threat actors when it comes to cloud infrastructure. Protect those vulnerable areas with an approach designed for securing cloud environments. The four key tactics are:
Enable runtime protection
Eliminate configuration errors
While embracing the cloud may grant organizations newfound agility, it can also introduce new vulnerabilities. This white paper covers five critical steps organizations can take to adapt and improve their security approaches in a multi-cloud environment. Leverage these takeaways to secure your organization’s data...
Embracing the cloud is critical to achieving digital transformation initiatives, but for them to be successful, security must transform alongside the business. Keep pace in an evolving landscape of risks by learning how to:
Protect your environment from host to cloud and everywhere in between
For organizations seeking a Cloud Workload Protection Platform (CWPP) to secure cloud apps, infrastructure, and data, this buyer's guide outlines the must-have features and how to best assess their effectiveness. Download to learn:
The seven core components of a robust, adversary-focused CWPP
Extended detection and response (XDR) is the evolution of endpoint detection and response (EDR), providing optimized threat detection and response that spans security and business tools. In contrast to legacy SIEM approaches and current security analytics platforms, XDR is grounded in EDR, unifying it with other...
Alberto Hasson, the CISO at ICL Group, discusses how to avoid becoming the next victim of a ransomware or other malware attack. He outlines what defenders can do to close gaps in their defense strategies and how they can mitigate attackers' ever-evolving tactics.
The list of ophthalmology practices and the number of individuals affected by a December hacking incident at a cloud-based electronic health records vendor, which resulted in deleted databases, are growing as more details about the attack slowly emerge.
Poor security configurations, weak controls and gaps in authentication protocols are among the common initial access vectors "routinely exploited" by threat actors, the Five Eyes cybersecurity alliance says. Firms offering cybersecurity services weigh in on the gaps and implementation challenges.
Criminals are doubling down on their use of information-stealing malware, such as Cryptobot, RedLine Stealer and QuilClipper, to steal private keys and siphon off cryptocurrency being stored in internet-connected hot wallets or to raid cryptocurrency holders' online exchange accounts.
The U.S. Cybersecurity and Infrastructure Security Agency has announced that it is temporarily removing a Windows protection defect from its Known Exploited Vulnerability Catalog because of a risk of authentication failures after the recent Microsoft patch update.