Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
Security researchers are tracking several ransomware gangs that are attempting to exploit a series of bugs in Microsoft Windows collectively called "PrintNightmare." Meanwhile, Microsoft has published an out-of-band alert about another zero-day flaw related to the PrintNightmare vulnerabilities.
What are the latest cybersecurity issues? Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.
The consultancy Accenture, which offers cybersecurity services, confirmed Wednesday it had been hit by a cyber incident. The ransomware gang LockBit took credit for the attack.
Antivirus and identity protection firm NortonLifeLock confirmed Tuesday that it has entered into an agreement to acquire its rival, Avast, for $8.1 billion to $8.6 billion.
Microsoft's Patch Tuesday rollout addressed two additional security issues within Windows Print Spooler, including one zero-day. Microsoft's August security update covers 44 vulnerabilities, with seven rated critical. Intel and Adobe also made security fixes.
NIST is updating "cyber resiliency" guidance to focus on mitigating modern cyberthreats to IT networks, especially ransomware and nation-state attacks. A draft encourages security defenders to move away from a perimeter-based defense to building resilient IT systems.
Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. The Conti ransomware group is now leveraging backdoors that persist, cybersecurity consulting firm Pondurance reports.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
OT, IoT, IIoT - each has critical distinctions, and each is increasingly vital to protecting the world's critical infrastructure from crippling cyberattacks. In a panel discussion, cybersecurity leaders discuss what it takes to get the C-suite's attention to prioritize this new generation of risk.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.
The widely used NicheStack TCP/IP stack has 14 vulnerabilities that, if exploited, could allow for remote code execution, denial of service, information leaks, TCP spoofing or DNS cache poisoning, according to researchers at Forescout and JFrog. But patches are now available.
The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.