How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
European lawmakers are once again considering encryption policies and attempting to strike a balance between the privacy and security afforded by strong encryption and law enforcement's needs. But with encryption being a cornerstone of the internet, is there any new balance to be struck?
Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records, including sales and shareholder data, potentially being compromised.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.
Scammers have reportedly been putting one over on customers of the famous Ritz London, which says it is "aware of a potential data breach within our food and beverage reservation system, which may have compromised some of our clients' personal data." No payment card data was exposed, it says.
Compromised Credentials Monitoring (CCM) allows users to monitor exposure of compromised credentials for their enterprise domains and customer email addresses to take action after breaches to mitigate risk of account takeover (ATO). Flashpoint's advanced technology quickly collects and processes data and credentials,...
The thriving cybercrime economy of vendors hawking illicit offerings on underground marketplaces grants access to resources that reduce barriers to entry for crimes ranging from fraud to DDoS attacks.
Pricing trends for these offerings shed light not only on their accessibility to threat actors, but also on how...
Join experienced incident response investigators Shane Shook, PhD - Advisor & Venture Consultant, Forgepoint Capital, and Tim Keeler, Co-founder & CEO at Remediant, as they exchange war stories of stopping ransomware and lateral movement from past investigations.
They will also showcase a live demo of how state...
The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.
As cybercriminals and nation-states take advantage of the COVID-19 pandemic to further their own aims, authorities are calling on victims to report online attacks as quickly as possible to help them better disrupt such activity.
In discussions around the future of AI and cyber-threats, we often wonder when we can expect to see malicious or offensive AI attacks in the wild. While we have not yet seen conclusive evidence of execution, we can anticipate that AI-driven cyber-attacks are not years away, but a very real possibility in the immediate...
Online Account Origination (OAO) fraud, also known as New Account Fraud, has grown 30% since 2017, with $1.3B losses in 2018. The increase in losses has a lot to do with fraud rings switching from automated attacks to human workers who submit applications manually, and utilize synthetic identities based on stolen...
Britain's privacy watchdog has proposed a record-breaking $230 million fine against British Airways for violating the EU's General Data Protection Regulation due to "poor security arrangements" that attackers exploited to steal 500,000 individuals' payment card data and other personal details.