January 12, 2024 at 05:13PM Ransomware gangs are targeting mortgage lenders, with recent attacks on loanDepot, Mr. Cooper, and title insurance companies. The Toronto Zoo and Tigo Business were also hit. In a positive turn, a Dutch police operation led to the arrest of a ransomware operator. The week also saw the discovery of new … Read more
January 8, 2024 at 10:02AM Critical infrastructure organizations are both more efficient and more vulnerable due to dramatic changes in technology and cybersecurity landscapes. The integration of IoT, smart devices, and OT with IT operations onto cloud platforms streamlines operations but also increases susceptibility to cyberattacks. Rigorous asset management, simulations, and response readiness are crucial … Read more
January 8, 2024 at 01:46AM The U.S. Department of Justice charged 19 individuals globally in connection with the xDedic Marketplace, accused of facilitating over $68 million in fraud. The transnational operation involved law enforcement cooperation from several countries. The marketplace allowed cybercriminals to buy or sell stolen credentials to over 700,000 hacked computers and servers, … Read more
January 3, 2024 at 03:37AM Emsisoft advocates for a total ban on ransom payments following a surge in ransomware attacks on US organizations, costing nearly $1.5 million each on average to rectify. It pointed to record-breaking attacks in 2023, including those on hospitals, schools, and government bodies. The report also highlights concerns about the need … Read more
January 2, 2024 at 10:10AM In 2023, cybersecurity saw numerous significant events, including 23andMe suffering a data breach impacting 6.9 million users, major ransomware attacks on Danish hosting providers and DISH Network, and government-sponsored advanced attacks on iOS devices. Notably, GoDaddy’s multi-year breach and widespread data theft using a zero-day vulnerability in MOVEit Transfer were … Read more
December 27, 2023 at 09:24AM In 2023, ransomware attacks and zero-day vulnerabilities in supply chains were the leading cyber threats, prompting the need for organizations to reassess their cybersecurity strategies. Despite increased spending in 2024, concerns about the effectiveness of security investments persist. To enhance security posture, organizations should prioritize data integrity, identity management, and … Read more
December 22, 2023 at 03:14PM Attackers have exploited five vulnerabilities, including four zero-days, in a sensitive Windows kernel-level driver, exposing a systemic issue in Windows CLFS. The high-performance logging system, favored by hackers for low-level system privileges, suffers from design flaws, leading to a series of easily exploited bugs. Without redesign, it poses ongoing security … Read more
December 22, 2023 at 12:07PM Businesses worldwide face a surge in cyber threats, with ransomware attacks increasing by over 1,000% since 2019. Aon’s global survey identifies cyberattacks as the top risk for organizations, leading to a shift in cybersecurity investment in the Middle East. Organizations must prioritize a holistic, proactive approach to cyber resilience, including … Read more
December 21, 2023 at 05:47PM Global ransomware attacks increased by 30% in November, totaling 442, exceeding 4,276 for 2023. Industrials (33%), Consumer Cyclicals (18%), and Healthcare (11%) were the most targeted sectors. North America (50%) remains the most targeted region. LockBit was the most active threat actor, with Carbanak making a resurgence in November. From … Read more
December 20, 2023 at 09:05AM Microsoft’s “Digital Defense Report 2023” highlights a surge in human-operated ransomware attacks, password-based attacks, and business email compromise incidents. It also points out expanding nation-state threats and the crucial role of AI and large language models in cybersecurity. The report underscores the importance of basic security hygiene and advanced AI-driven … Read more