Healthcare’s Grim Cyber Prognosis Requires Security Booster

October 8, 2024 at 03:17PM The healthcare sector’s resilience against ransomware attacks has worsened, with two-thirds of organizations experiencing attacks. New threats, such as the Trinity ransomware, continue to emerge. Legislation is being proposed to improve cybersecurity in the industry, as cybercriminals target healthcare due to its critical operations and willingness to pay ransoms. Healthcare … Read more

CISO Paychecks: Worth the Growing Security Headaches?

October 7, 2024 at 03:43PM Cybersecurity professionals serving as CISOs are experiencing modest pay increase, averaging $403,000 annually, but it lags behind their evolving responsibilities. Business operations are increasingly under attack, with CISOs facing resource constraints and budget pressures. Demand for CISOs has stabilized, and stress persists, especially in government and education sectors. AI risk … Read more

Manufacturers Rank as Ransomware’s Biggest Target

October 2, 2024 at 09:02AM The manufacturing industry has become a prime target for ransomware attacks, accounting for 21% of such incidents and putting companies at three times higher risk. A Black Kite study reveals that 80% of manufacturing firms have critical vulnerabilities and 67% are listed in the Known Exploited Vulnerabilities catalog. Persistent patch … Read more

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

September 27, 2024 at 07:30AM Storm-0501, a financially motivated threat actor, has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. with ransomware attacks. They use weak credentials, remote code execution vulnerabilities, and various tools for lateral movements and data exfiltration. The group is also linked to the deployment of Embargo ransomware in … Read more

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

September 19, 2024 at 06:24AM A financially motivated threat actor, under the name Vanilla Tempest, has been targeting the healthcare sector in the U.S. using a ransomware strain called INC. This actor is known for using various tools and techniques, such as deploying ransomware payloads through Windows Management Instrumentation and exfiltrating data using Azure tools. … Read more

In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit

September 13, 2024 at 09:33AM Summary: SecurityWeek’s cybersecurity news roundup compiles noteworthy stories each week, including an Adobe Reader zero-day vulnerability, .mobi TLD TLS undermining, Scattered Spider ransomware targeting the insurance and financial sectors, macOS HZ RAT malware, WhatsApp View Once feature bypass, dismantling of card-cloning gangs, Google’s actions against influence operations, Windows MSI installer … Read more

Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information

September 9, 2024 at 09:27AM Two individuals, Alex Khodyrev of Kazakhstan and Pavel Kublitskii of Russia, have been indicted in the US for operating dark web sites facilitating the trading of personal, payment card, and banking information. The indictment alleges that they were the main administrators of these illicit websites, with an estimated 353,000 users … Read more

Ransomware Gangs Pummel Southeast Asia

September 1, 2024 at 09:03PM Ransomware attacks in Southeast Asia are on the rise, surpassing the growth rate in European nations. The shift to digital infrastructure in the region often sacrifices security, leading to an increase in successful cyberattacks. Vulnerable sectors include manufacturing, government, and healthcare, with many countries lacking breach notification laws and companies … Read more

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments

August 30, 2024 at 02:42AM The SANS Institute has released a guide, “ICS Is the Business,” by Dean Parsons. It addresses the increasing need for ICS security in the face of a 50% rise in ransomware attacks in 2023. The guide emphasizes the critical steps organizations must take to safeguard their operations and ensure public … Read more

FBI: RansomHub ransomware breached 210 victims since February

August 29, 2024 at 02:53PM RansomHub ransomware, active since February 2024, has targeted over 200 victims in critical U.S. infrastructure sectors. The group focuses on data-theft-based extortion, with recent breaches including Patelco, Rite Aid, Christie’s, and Frontier Communications. A joint advisory by federal agencies urges network defenders to implement security measures and avoid paying ransoms. … Read more