Colonial Pipeline, which oversees more than 5,500 miles of pipeline that supplies fuel throughout the U.S. East Coast, confirmed Saturday that a ransomware attack has disrupted its services, and the company has taken some of its IT systems offline as a precaution.
U.S. and U.K. cyber, law enforcement and intelligence agencies issued a joint advisory Friday offering detailed information on how to defend against the activities of the Russian Foreign Intelligence Service, or SVR, in the wake of the 2020 SolarWinds attacks.
Attackers have co-opted the Hancitor malware downloader and recently used it to deliver Cuba ransomware as part of an email spam campaign for data exfiltration and ransom extortion, a new report by security firm Group-IB finds.
Researchers at Trend Micro have uncovered a new cryptocurrency stealer variant that uses a fileless approach in its global spam email distribution campaign to evade detection.
Four editors at Information Security Media Group discuss timely cybersecurity issues, including a call for cryptocurrency regulation and the impact of hospital ransomware attacks.
The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
A ransomware gang claims to have stolen SIM card data and banking information in an attack on Schepisi Communications, a service provider to Australian telecommunications company Telstra, a local news outlet reports.
In light of the surge in ransomware attacks against universities, institutions need to make asset management a much higher priority, removing obsolete systems and upgrading essential systems to the latest version to avoid exploits of unpatched vulnerabilities, says Matthew Trump of the University of London.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
Effective vulnerability management requires more frequent scanning of infrastructure, says Steve Yurich, CISO at Penn National Insurance, who explains his organization's approach.
Attackers are using a freshly updated variant of the Buer first-stage malware loader rewritten in the Rust programming language to help evade detection, Proofpoint reports.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
CISA is investigating whether five U.S. government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to a senior official. Security researchers believe that at least two nation-state groups have been attempting to exploit these flaws.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.
