Ransomware Professionalization Grows as RaaS Takes Hold
Ransomware groups are getting their acts together, growing in sophistication and business acumen while monetizing ransomware beyond encryption, including double and triple extortion, as the market for ransomware-as-a-service (RaaS)...
Infostealer Malware Market Booms, as MFA Fatigue Sets In
Malicious actors are finding success deploying information stealer (infostealer) malware, combining stolen credentials and social engineering to carry out high-profile breaches and leveraging multifactor authentication (MFA) fatigue attacks.These were...
Cyberattack Shuts Down French Hospital
French Health Ministry authorities were forced to shut down operations and transfer critically ill patients following a weekend cyberattack on a hospital outside Paris. Minister Francois Braun told France 24...
Where Advanced Cyberttackers Are Heading Next: Disruptive Hits, New Tech
In November, Ukraine's president revealed that the country's IT defenses fended off more than 1,300 Russian cyberattacks, including attacks on satellite communications infrastructure.
The onslaught of cyberattacks highlights one of...
SiriusXM, MyHyundai Car Apps Showcase Next-Gen Car Hacking
At least three mobile apps tailored to allow drivers to remotely start or unlock their vehicles were found to have security vulnerabilities that could allow unauthenticated malicious types to...
SOC Turns to Homegrown Machine Learning to Catch Cyber-Intruders
Using an internally developed machine-learning model trained on log data, the information security team for a French bank found it could detect three new types of data exfiltration that...
One Year After Log4Shell, Most Firms Are Still Exposed to Attack
The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November — even though the number of...
Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines
An attacker submitting changes to an open source repository on GitHub could cause downstream software projects that include the latest version of a component to compile updates with malicious...
LastPass Discloses Second Breach in Three Months
An attacker who breached the software development environment at LastPass this August and stole source code and other proprietary data from the company appears to have struck the password...
CyberRatings.org Announces Results from First-of-its-Kind Comparative Test on Cloud Network Firewall
AUSTIN, Texas, Dec. 1, 2022 /PRNewswire/ — CyberRatings.org, the non-profit entity dedicated to providing transparency on cybersecurity product efficacy, has completed an independent test of eight market leading security...
