By Joe Fay Derivatives traders, trainer trainers, and finger lickers all hit by ransomware. Russian hackers lash out after Ukraine tanks deal announced. Apple patches decade old devices. ION Markets Hit by “Cyber Security Event” Dublin-based data and software firm ION Markets has been hit by a “cyber event” which has had a knock-on effect on financial futures and derivatives markets worldwide. The attack is thought to have been ransomware related. ION Markets said the attack on its ION Cleared Derivatives division was “contained to a specific environment”, all the affected servers are disconnected, and remediation of services is ongoing.... Read more →
84 posts categorized "Ransomware"
07 February 2023
Cybersecurity Industry News Review: February 7, 2023
Posted by (ISC)² Management on 07 February 2023 at 04:21 PM in IT Security, Legal, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
03 February 2023
Latest Cyberthreats and Advisories - February 3, 2023
Cybercriminals for hire, Hive ransomware is busted and the JD Sports breach impacts millions of sportswear buyers. Here are the latest threats and advisories for the week of February 3, 2023. Threat Advisories and Alerts U.S. Security Agencies Warn of Malicious Use of RMM Software A joint cybersecurity advisory issued by the U.S. National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) warns that legitimate remote monitoring and management (RMM) software is being used for malicious purposes. After cybercriminals gain access to target networks, they use the software as a “backdoor... Read more →
Posted by (ISC)² Management on 03 February 2023 at 10:00 AM in Network Security, Ransomware, Risk | Permalink
|
Comments (1)
30 January 2023
Royal Mail “cyber incident” is an ongoing cyberattack CEO admits to MPs
By: Joe Fay Simon Thompson, CEO of the U.K.’s Royal Mail, has confirmed in a session with MPs that the crippling of its ability to send parcels and letters abroad was down to a “cyberattack” and that it was “ongoing”. Thompson said that investigations into the attack on the U.K. postal operator – one of the most high-profile attacks on the country’s critical infrastructure to date – were continuing, but so far there was no evidence that personal data of customers had been compromised. The U.K. National Crime Agency (NCA) and National Cyber Security Centre (NCSC) have been investigating the... Read more →
Posted by (ISC)² Management on 30 January 2023 at 01:08 PM in Privacy, Ransomware | Permalink
|
Comments (2)
27 January 2023
Latest Cyberthreats and Advisories - January 27, 2023
Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The recent surge in cyberattacks against the education sector has led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to release a report addressing the issue. The COVID-19 pandemic made educational institutions increasingly vulnerable to cyberthreats, as virtual learning became widespread and led to the rapid adoption of new and untested technologies. The report titled “Partnering to Safeguard K-12 Organizations from... Read more →
Posted by (ISC)² Management on 27 January 2023 at 08:00 AM in Malware, Network Security, Ransomware | Permalink
|
Comments (0)
20 January 2023
Latest Cyberthreats and Advisories - January 20, 2023
TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school. Here are the latest threats and advisories for the week of January 20, 2023. Threat Advisories and Alerts U.K. School Survey Reveals Surprising Findings A new survey by London Grid for Learning (LGfL) and the National Cyber Security Centre (NCSC) revealed that the uptick in cyberattacks on the U.K. school system may not be as bad as first thought. The survey, of more than 800 schools, revealed that 78% of them had suffered at least one cybersecurity incident. Other interesting findings showed that... Read more →
Posted by (ISC)² Management on 20 January 2023 at 11:30 AM in Malware, Privacy, Ransomware | Permalink
|
Comments (1)
13 January 2023
Latest Cyberthreats and Advisories - January 13, 2023
Cybercriminals attack schools, the FCC looks to change data breach rules and artificial intelligence alters the cybersecurity landscape. Here are the latest threats and advisories for the week of January 13, 2023. Threat Advisories and Alerts How Businesses Can Securely Use MSP Services Managed Service Providers (MSPs) offer a popular and effective way for businesses to outsource their IT. While an MSP’s service can bring productivity gains and cost savings, they can also pose an added security risk. After all, an MSP customer will typically provide the MSP with administrative access to their data, increasing their attack surface. To stay... Read more →
Posted by (ISC)² Management on 13 January 2023 at 12:31 PM in Insider Risk, Ransomware | Permalink
|
Comments (0)
06 January 2023
Latest Cyberthreats and Advisories - January 6, 2023
The LockBit ransomware gang apologizes, Google settles privacy lawsuits and cybercriminals impersonate brands and the U.K. government. Here are the latest threats and advisories for the week of January 6, 2023. Threat Advisories and Alerts Cybercriminals Impersonate Brands with Search Ads And Fake Sites The U.S. Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are directing internet browsers to malicious sites via search ads. How does the scam work? Bad actors build a fake website that impersonates a legitimate brand and then advertises it to appear at the top of search results. Once browsers click the ad,... Read more →
Posted by (ISC)² Management on 06 January 2023 at 01:00 PM in Government , IT Security, Legal, Malware, Ransomware, Risk | Permalink
|
Comments (0)
23 December 2022
Latest Cyberthreats and Advisories - December 23, 2022
Ransomware hits hard around the world – again, Cybercriminals steal food and Fortnite’s developer is fined millions. Here are the latest threats and advisories for the week of December 23, 2022. Threat Advisories and Alerts Criminal Actors Use BEC Attacks to Steal Large Food Shipments Three U.S. government agencies – The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI) and the U.S. Department of Agriculture (USDA) – have issued a joint warning to food suppliers that their industry is seeing an uptick in business email compromise (BEC) attacks. Criminal actors are impersonating... Read more →
Posted by (ISC)² Management on 23 December 2022 at 08:00 AM in Privacy, Ransomware, Risk | Permalink
|
Comments (0)
18 November 2022
Latest Cyberthreats and Advisories - November 18, 2022
Beware the BatLoader, the NSA calls for more memory-safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm on Dangerous BatLoader Malware Dropper A dangerous new malware loader with features for determining whether it's running on business or home computers has begun rapidly infecting systems worldwide over the past few months. Researchers at VMware Carbon Black claim the threat, dubbed BatLoader, is being used to distribute a variety of malware tools including a banking Trojan, an information stealer, and... Read more →
Posted by (ISC)² Management on 18 November 2022 at 09:50 AM in IT Security, Malware, Network Security, Operations Security, Privacy, Ransomware | Permalink
|
Comments (1)
04 November 2022
LATEST CYBERTHREATS AND ADVISORIES - November 4, 2022
Cyberattacks on Dropbox, Europe’s biggest copper producer and another Australian business make this week’s headlines. Here are the latest threats and advisories for the week of November 4, 2022. Threat Advisories and Alerts Google Chrome Suffers Seventh Zero-Day Vulnerability of the Year Google has released an emergency update for its Chrome web browser to address its seventh zero-day vulnerability (CVE-2022-3723) of the year. If the security flaw is exploited, attackers could perform remote code execution, access memory regions that could crash applications or read sensitive information of other apps. Google Chrome users are advised to update their browsers immediately. Source:... Read more →
Posted by (ISC)² Management on 04 November 2022 at 02:46 PM in Malware, Ransomware, Risk | Permalink
|
Comments (0)
28 October 2022
Latest Cyberthreats and Advisories - October 28, 2022
Tech giant vulnerabilities, menacing malware and child abductions via rideshare apps…. Here are the latest threats and advisories for the week of October 28, 2022. Threat Advisories and Alerts Daixin Team Ransomware Group Targets U.S. Businesses The FBI and CISA released a joint cybersecurity advisory to warn companies of the cybercrime group Daixin Team. The threat actors are a ransomware and data extortion group that have been actively targeting U.S. businesses since at least June 2022, mostly in the healthcare sector. The group gains access to victims’ systems via virtual private network (VPN) servers, and then moves laterally via Remote... Read more →
Posted by (ISC)² Management on 28 October 2022 at 12:01 PM in Ransomware | Permalink
|
Comments (0)
23 September 2022
LATEST CYBERTHREATS AND ADVISORIES - SEPTEMBER 23, 2022
Cyberattacks on the video game industry, big-name brand data breaches and the Tea Pot gangster make headlines this week. Here are the latest threats and advisories for the week of September 23, 2022. Threat Advisories and Alerts Iranian Cybercriminals Target Western Nations Bad actors associated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC) have been exploiting Microsoft Exchange, Fortinet and VMware Horizon Log4j vulnerabilities. The attacks have hit critical US infrastructure sectors as well as Canadian, Australian and U.K. organizations. Rather than targeting specific sectors or entities, the cybercriminals are exploiting known vulnerabilities on unprotected networks to extort data... Read more →
Posted by (ISC)² Management on 23 September 2022 at 08:00 AM in Operations Security, Ransomware, Risk | Permalink
|
Comments (0)
19 August 2022
Latest Cyberthreats and Advisories - August 19, 2022
Big tech breaches, the rise of callback phishing and joint advisories issued by CISA…here are the latest cybersecurity threats and advisories for the week of August 19, 2022. Threat Advisories and Alerts Cybercriminals Exploit Zimbra Vulnerabilities CISA and MS-ISAC have issued a joint advisory in response to active exploitation of multiple vulnerabilities against Zimbra Collaboration Suite (ZCS). Cybercriminals may target unpatched ZCS security holes in government and private sector networks. Organizations who didn’t make the appropriate updates upon patch release should assume they’ve been compromised and follow the recovery steps in the CISA advisory. Source: https://www.cisa.gov/uscert/ncas/alerts/aa22-228a CISA and the FBI... Read more →
Posted by (ISC)² Management on 19 August 2022 at 08:00 AM in Network Security, Ransomware | Permalink
|
Comments (0)
05 August 2022
Latest Cyberthreats and Advisories - August 5, 2022
High profile ransomware attacks, vulnerabilities in popular technology products and a widespread investment scam in Europe. Here are the latest cybersecurity threats and advisories for the week of August 5, 2022. Threat Advisories and Alerts Critical Vulnerability Found in VMware Products VMware has released a security update to patch a critical vulnerability in several of their products, including VMware Workspace ONE Access, vRealize Automation and Identity Manager. If the vulnerability isn’t patched, bad actors with network access could obtain admin privileges. VMware customers using the affected products are recommended to upgrade to the latest version immediately. Source: https://www.csa.gov.sg/en/singcert/Alerts/al-2022-033 CISA Warns... Read more →
Posted by (ISC)² Management on 05 August 2022 at 11:00 AM in IT Security, Ransomware, Risk | Permalink
|
Comments (0)
02 August 2022
State Policymakers Tackling Cyber Issues Including Ransomware
In 2021, North Carolina became the first state to prohibit state agencies and local government entities from paying a ransom following a ransomware attack. This, first-of-its-kind, state law also prohibits public entities from communicating with a malicious actor following a ransomware attack. Instead, they will have to consult with the North Carolina Department of Information Technology when they experience such an attack. On June 28, 2022, Florida Governor Ron DeSantis signed HB 7055. Effective, July 1, 2022, it requires all state agencies report cybersecurity and ransomware incidents, and that every state employee receives substantive training in cybersecurity. New York, Pennsylvania,... Read more →
Posted by (ISC)² Management on 02 August 2022 at 07:00 AM in Ransomware | Permalink
|
Comments (0)
21 April 2022
Why Are Ransomware Attacks Increasing and How Can We Prevent Them?
Malicious cyberattacks increased exponentially in 2021. A record number of almost 850,000 complaints related to cybersecurity were recorded by Americans last year resulting in close to U.S. $7 billion lost, according to the FBI’s Internet Crime Complaint Center (IC3). Among the types of cybercrimes reported to the FBI, ransomware is on the rise and becoming more sophisticated in recent years while remote work and schooling are more prevalent. For those unaware, ransomware is a malicious software (malware) that makes a computer unusable while a cyber criminal holds data hostage until they are paid. The Cybersecurity & Infrastructure Security Agency (CISA)... Read more →
Posted by (ISC)² Management on 21 April 2022 at 08:00 AM in Ransomware | Permalink
|
Comments (0)
12 January 2022
U.S. Cyber Command Operation Targets ‘Real-life Cyber Threats’
A U.S. Cyber Command (USCYBERCOM) task force has conducted “its first offensive cyber effect operation against real-life cyber threats.” Details of the operation have not been published, but the military says offensive cyberspace operations are “intended to project power by the application of force in or through cyberspace.” News of the operation, conducted by USCYBERCOM’s Cyber National Mission Force (CNMF) from February to August 2021, came in a news release from the Maryland Air National Guard’s 175th Cyber Operations Group, which took part in the mission. “USCYBERCOM’s CNMF plans, directs and synchronizes full-spectrum cyberspace operations to deter, disrupt and, if... Read more →
Posted by (ISC)² Management on 12 January 2022 at 12:00 PM in Government , Network Security, Operations Security, Ransomware | Permalink
|
Comments (0)
03 January 2022
What's Next for Cybersecurity in 2022?
What does next year have in store for the cybersecurity industry? The “Top Five Cybersecurity Predictions for 2022” webinar presented by Steve Piper, CISSP, Founder & CEO of CyberEdge overdelivers and gives us TEN predictions for the coming year. The webinar, moderated by Brandon Dunlap, Leadership Partner, Security & Risk Management at Gartner, opens by covering the good, bad and ugly of 2021 and then moves to an engaging cybersecurity forecast for 2022. In the presentation, Steve mentions his regret in limiting the title to just five predictions, and expands upon the list by adding five honorable mentions. Top Five... Read more →
Posted by (ISC)² Management on 03 January 2022 at 07:00 AM in Cloud Security, Cybersecurity Training, Cybersecurity Workforce, Government , Insider Risk, Ransomware | Permalink
|
Comments (1)
22 December 2021
What do cybersecurity experts predict in 2022?
2022 Predictions for the Cybersecurity Industry and Advice for Newcomers or Those Working for Small to Medium-Sized Businesses By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP, John Martin, CISSP-ISSAP, CISM, BCS CITP, and Richard Nealon, CISSP-ISSMP, SSCP, SCF, CISM, CISA As long-time information security professionals and (ISC)² Community Champions, we have experienced the way cybersecurity employees engage and work with one another continue to adapt in response to changes in the workplace and world at large. In 2021, we experienced a rapid evolution to these interactions. Like us, you may be wondering, what will 2022 look like for information security professionals?... Read more →
Posted by (ISC)² Management on 22 December 2021 at 07:00 AM in Cybersecurity Workforce, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
09 December 2021
(ISC)² Ransomware Study: Collaboration and Communication are Essential for Ransomware Readiness
Global C-suite executives are confident in their organizations’ preparedness to handle a ransomware attack, according to a newly published (ISC)² ransomware study titled, “Ransomware in the C-Suite: What Cybersecurity Leaders Need to Know About What Executives Need to Hear.” Although confident, C-suite executives express a strong willingness to invest in technology and staff to improve defenses—signaling that now is an opportune time for cybersecurity leaders to proactively address their organizational readiness with the executive team. In response to several high-profile cyberattacks this year, (ISC)2 commissioned a survey of 750 C-level executives across the United States and the United Kingdom to... Read more →
Posted by (ISC)² Management on 09 December 2021 at 11:00 AM in Cybersecurity Workforce, Ransomware | Permalink
|
Comments (0)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (159)
- Center for Cyber Safety and Education (52)
- Cloud Security (132)
- Cybersecurity Certifications (376)
- Cybersecurity Training (310)
- Cybersecurity Workforce (243)
- Digital Forensics (29)
- Ethics (52)
- Government (124)
- Insider Risk (56)
- IT Security (374)
- Legal (45)
- Malware (113)
- Network Security (176)
- Operations Security (141)
- Privacy (116)
- Ransomware (84)
- Risk (197)
- Software Development (44)
- Spotlight (71)