ransomware
How LockBit used Citrix Bleed to breach Boeing and other targets
CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted …
The shifting sands of the war against cyber extortion
Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware …
Segmentation proves crucial for fast response to security incidents
In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the recent surge of ransomware attacks in the U.S. and how it relates to …
Telemetry gaps leave networks vulnerable as attackers move faster
Telemetry logs are missing in nearly 42% of the attack cases studied, according to Sophos. In 82% of these cases, cybercriminals disabled or wiped out the telemetry to hide …
Cyber insurance predictions for 2024
In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and …
Nuclear and oil & gas are major targets of ransomware groups in 2024
Resecurity, Inc. (USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting the energy sector, …
Success eludes the International Counter Ransomware Initiative
A swing and a miss by the 50 member countries of the International Counter Ransomware Initiative (CRI), headlined by the US, who have confirmed a commitment to collectively …
Chinese multinational bank hit by ransomware
The state-owned Industrial and Commercial Bank of China (ICBC), which is one of the largest banks in the world, has been hit by a ransomware attack that led to disrupted …
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known …
The 3 key stages of ransomware attacks and useful indicators of compromise
For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary …
Microsegmentation proves its worth in ransomware defense
The number of ransomware attacks (successful and unsuccessful) has doubled over the past two years, from 43 on average in 2021 to 86 in 2023, according to Akamai. Security …
Atlassian Confluence data-wiping vulnerability exploited
Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …