Left unsaid in Fat Face's "strictly private and confidential" data breach notification to affected customers this week was any indication that the fashion clothing retailer had paid a reported $2 million ransom to the Conti gang to unlock its systems. Fat Face has now confirmed the ransomware hit.
Microsoft says ransomware activity against compromised on-premises Exchange servers remains limited, but it warns that organizations are far from out of the woods.
Four editors at Information Security Media Group review the latest cybersecurity issues, including Microsoft Exchange server hacks, insider threat management and implementing a "collective defense."
Users of the OpenSSL crypto library should upgrade immediately to the latest version to eliminate serious flaws that attackers could exploit to shut down servers, some security experts warn.
Many organizations have updated the authentication process for customers to help ensure frictionless transactions. Now, some are starting to take similar steps to streamline and enhance authentication of their employees - especially those working remotely.
The FBI and the U.S. Department of Homeland Security have issued a warning about Mamba ransomware that uses a weaponized version of the legitimate, open-source encryption software DiskCryptor to lock victims out of their systems.
A previously unknown threat group is deploying Hades ransomware as part of an ongoing campaign that has already targeted three U.S. companies, Accenture's cyberthreat intelligence group reports.
What happens when an e-commerce retailer sends customers a data breach notification email with a subject line that reads "strictly private and confidential"? "Clearly trying to make people stay quiet," responded one unamused Fat Face customer. Others report being none the wiser as to what risks they now face.
The telemedicine landscape continues to flourish – but so does medical fraud. Dean Nicolls discusses the most prevalent forms of fraud and how identity verification can help ensure all populations are both included and secured.
The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.
The SolarWinds supply chain attack demonstrates that Russian intelligence services have learned from previous operations and adjusted their tactics, says Dmitri Alperovitch, the former CTO of security firm CrowdStrike, which investigated Russian interference in the 2016 election.
Criminals operating online continue to tap ransomware in their pursuit of an illicit payday. That was the cybercrime reality throughout 2020, and unfortunately it still appears to be holding true in the first months of this year, the Cisco Talos Incident Response team reports.
Insurance provider CNA reported Tuesday it was victimized over the weekend by a "cybersecurity attack" that caused a network disruption and affected certain systems, including corporate email.
The Council of the European Union has adopted a new cybersecurity strategy aimed at protecting EU citizens and businesses from cyberthreats by promoting best practices, such as strong encryption and threat information sharing.
Criminals continue to target on-premises Microsoft Exchange servers that have not yet been updated with four critical patches, including for a ProxyLogon flaw, which is now being targeted by Black Kingdom ransomware. One expert describes the attack code as being "rudimentary and amateurish" but still a threat.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.