When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
The Russian-language criminal syndicate behind the notorious Conti ransomware has retired that brand name, after having already launched multiple spinoffs to make future operations more difficult to track or disrupt, threat intelligence firm Advanced Intelligence reports.
North Korean information technology workers have been attempting to obtain employment in public and private sectors in the United States to fund their home country's weapons of mass destruction and ballistic missiles programs, according to an advisory from U.S. federal agencies.
In the latest "Proof of Concept," Lisa Sotto, Jeremy Grant and ISMG editors discuss the significance of Apple, Google and Microsoft supporting the FIDO protocol's passwordless sign-in standard, progress made on Biden's cybersecurity executive order and updates on U.S. cybersecurity and privacy laws.
The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations." Called NIS2, it is a modernized framework based on the EU Network and Information Security Directive.
If you were a nation with legions of hackers at your disposal, seeking to sidestep crippling international sanctions, would you look to ransomware to fund your regime? That question is posed by new research that finds state-sponsored North Korean hackers haven't stopped their ransomware experiments.
In the latest update, four editors at Information Security Media Group discuss the intriguing insights exposed by the leak of ransomware gang Conti's internal communications, the U.S. Treasury's first-ever sanctions on a cryptocurrency mixer and the latest cyber activity in Russia's hybrid war.
As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high. The memo for CISOs is clear: Remain prepared.
As the Russia-Ukraine war continues, what cybersecurity lessons should be learned? At the CyberUK conference in Wales, cybersecurity czars focused on surprises - including low online attack volume and the role of hacktivists - and lauded Ukraine's cyber resilience, honed by years of stress testing.
Russia's use of wiper malware, DDoS attacks and targeted disinformation show it no longer depends on traditional methods in its war with Ukraine. John Walker, a professor and counterintelligence expert, says organizations need to be "more realistic" about how they handle cyberattacks.
New CEO Bryan Ware plans to leverage LookingGlass' nascent attack surface management capabilities to capture clients in verticals such as pharmaceuticals, manufacturing and utilities. The company tapped former CISA leader Ware to serve as its next CEO following the acquisition of Next5.
Britain's law enforcement and intelligence agencies continue to work with partners to directly disrupt criminal infrastructure and deny criminals access to cybercrime tools, says Jeremy Fleming, the head of the U.K.'s security, intelligence and cyber agency, GCHQ.
The massive leak of internal communications from the Conti ransomware group has highlighted the extent to which cybercrime syndicates regularly beg, borrow, steal or sometimes even partner or collaborate, all in pursuit of increasing their illicit profits.
The U.S. Department of State is offering rewards of up to $10 million for information that leads to the identification or location of any individual who holds a key leadership position in the Conti ransomware variant transnational organized crime group.
A new malicious campaign that siphons off intellectual property and sensitive data - including documents, blueprints, diagrams, formulas and manufacturing-related proprietary data - has been identified by researchers at Cybereason as being the work of Chinese APT Winnti, based on forensic analysis.