extortion
Vulnerability disclosure: Legal risks and ethical considerations for researchers
In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in …
The shifting sands of the war against cyber extortion
Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware …
Nuclear and oil & gas are major targets of ransomware groups in 2024
Resecurity, Inc. (USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting the energy sector, …
Success eludes the International Counter Ransomware Initiative
A swing and a miss by the 50 member countries of the International Counter Ransomware Initiative (CRI), headlined by the US, who have confirmed a commitment to collectively …
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known …
Public exposure of data breaches is becoming inevitable
Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage, according to Allianz. Allianz Commercial analysis of …
Bracing for AI-enabled ransomware and cyber extortion attacks
AI has been the shiniest thing in tech since at least November 2022, when ChatGPT was made available to the masses and unveiled the transformative potential of large language …
Endpoint malware attacks decline as campaigns spread wider
In Q2 2023, 95% of malware now arrives over encrypted connections, endpoint malware volumes are decreasing despite campaigns growing more widespread, ransomware detections are …
Cl0p’s MOVEit attack tally surpasses 2,000 victim organizations
The number of victim organizations hit by Cl0p via vulnerable MOVEit installations has surpassed 2,000, and the number of affected individuals is now over 60 million. The …
National Student Clearinghouse MOVEit breach impacts nearly 900 schools
US educational nonprofit organization National Student Clearinghouse (NSC) has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and …
Emerging threat: AI-powered social engineering
Social engineering is a sophisticated form of manipulation but, thanks to AI advancements, malicious groups have gained access to highly sophisticated tools, suggesting that …
Ransomware: To pay or not to pay
Comprehensive security plans and programs must focus on defense, but also on answering these key question: “How will the organization respond to a ransomware attack?”, and “At …