The operators behind Groove ransomware are calling on other extortion gangs to join forces to attack the U.S. public sector, according to chatter seen on underground forums, reports malware research organization vx-underground, citing a blog posted by the gang on a Russian site.
Several characteristics of the Hive ransomware group make the threat actor particularly menacing to its victims, which include healthcare sector targets, says Adam Meyers, vice president of intelligence at security firm CrowdStrike.
Who's been launching distributed denial-of-service attacks against ransomware operators' sites and cybercrime markets? Disrupting ransomware operations that rely on Tor-based data leak sites and payment portals for double extortion is an obvious move for cutting into their profits.
Grocery retailer Tesco said it faced a service disruption on its app and website. The company told ISMG that the outage was likely due to an attempt to interfere with its systems. On Monday, a company spokesperson said that both the website and app were now "back up and running."
The actor behind the cyberattack targeting SolarWinds customers - Nobelium - is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says 140 resellers and tech service providers have been notified that they have been targeted by the group.
Following an outage of the REvil - aka Sodinokibi - ransomware operation due to coordinated law enforcement efforts involving the U.S. and foreign partners, the operators behind DarkSide ransomware have moved bitcoin worth almost $7 million to multiple new wallets, making it more difficult to track.
In his second Rant of the Day for the CyberEdBoard Profiles in Leadershop blog, Ian Keller, security director at Ericsson and CyberEdBoard executive member, talks about what a CISO does - and what a CISO should do.
While ransomware might be today's top cybercrime boogeyman, attackers aren't infallible. The latest example: Errors in DarkSide - and its BlackMatter rebrand - enabled security experts to quietly decrypt many victims' files for free, saving millions in potential ransom payments.
In the latest weekly update, four ISMG editors discuss: a federal judge imposing the maximum sentences on a hacker who pleaded guilty to conspiracy and aggravated identity theft, regulators getting tougher on cryptocurrency lending platforms and the return to in-person roundtables.
Disturbing findings from a recent study examining the impact of ransomware attacks on patient care must serve as a wake-up call for the healthcare sector to intensify its preparedness to deal with such incidents, say Larry Ponemon of research firm Ponemon Institute and Ed Gaudet of risk management firm Censinet. The...
In a busy congressional day for cybersecurity legislation, the U.S. House of Representatives passed several bills on Wednesday, targeting both software supply chain and telecommunication system security. One observer describes them as "a win-win for the government and U.S. citizens."
Researchers at Kaspersky report that Lyceum group, known for targeting organizations in the energy and telecommunications sectors across the Middle East, has attacked two entities in Tunisia with an updated malware arsenal.
The Professional Dental Alliance is notifying more than 170,000 individuals in about a dozen states of a phishing breach involving an affiliated vendor that provides nonclinical management services to dental practices owned by PDA. Why is breach notification so complicated?
When a business, government agency or other organization hit by ransomware opted to pay a ransom to its attacker in Q3, the average payment was $140,000, reports ransomware incident response firm Coveware. It says the attack landscape has seen some notable shifts since the Colonial Pipeline attack.