With attacks increasing by 140 percent between 2018 and 2019, the threat from ransomware was growing long before the COVID-19 pandemic began. Last year, however, thanks to a perfect storm of unfortunate circumstances, the trend line for ransomware growth has gone vertical.
Read MoreIntroduction
The developers of the Phobos ransomware have added new fileless and evasive techniques to their arsenal. Constantly keeping their attack up to date helps them bypass detection technologies through several distinct approaches, the latest of which we detail in this blog.
Read MoreIn this week’s edition of Security News in Review, there’s new stories about the ransomware attack that locked up Acer’s computer systems, insight into how many Microsoft Exchange servers remain unpatched, and some theorizing on whether takedowns of cybercrime networks are valuable.
Read MoreOver 30 years ago, a disgruntled researcher unleashed the first noted ransomware virus, the “Aids Trojan.” Distributed on 20,000 floppy disks marked “AIDS Information — Introductory Diskettes'' using hijacked mail subscriber lists to the World Health Organization AIDS conference, the Aids Trojan encrypted hard drives and directed victims to post ransom money to a P.O. box located in Panama. However, the Aids Trojan had a design failure — it used simple symmetric cryptography, which meant that it was possible to extract the decryption key from the code of the Trojan.
Read MoreIn this week’s edition of our roundup of the cybersecurity news, you’ll find information on Microsoft’s Patch Tuesday in case you missed it, new insights into the Server hack, and information on the rise in K-12 cyberattacks among other important security news stories from the past week.
Read MoreIn this week’s edition of our roundup of the cybersecurity news, you’ll find reporting on a new trend of ransomware gangs turning to virtual machines, several high-severity vulnerabilities in the Linux kernel being resolved, and some new capabilities in the Ryuk ransomware.
Read MoreIntroducing egregor ransomware
Egregor is considered to be one of the most prolific ransomware threat groups. Yet it gained this reputation in a very short time due to its uncompromising double extortion methodology.
Read MoreIncreasing numbers of headline-grabbing ransomware attacks are a concerning trend. They also point to a strong possibility that many organizations are falling behind threat actors in the cybersecurity arms race. As they fail to reassess their approaches to cybersecurity, organizations open themselves up to attacks that can be devastating and, in some cases, life-threatening.
Read MoreGarmin has confirmed that the recent outage its users experienced was indeed the result of a successful ransomware attack. However, the extent of the damage done is still unclear. The attack, which compromised Garmin’s servers for five days, impacted millions of users globally and will likely end up costing Garmin millions of dollars in lost productivity and reputation alone. While Garmin says that no customer data was leaked, Garmin's call centers, web site, and cloud-based services such as Garmin Connect and FlyGarmin (a commercial aviation navigation service) were either taken offline or negatively impacted as a result of the attack.
Read MoreA whopping 186.4 million Americans shopped in stores and online between Black Friday and Cyber Monday this year, according to the National Retail Federation. On average, these shoppers spent $361.90 per person over the five-day Thanksgiving weekend.
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Cyber Security (98)
- Endpoint Security (83)
- Cyber Attacks (48)
- Attack Analysis (46)
- Company News (38)
- Moving Target Defense (37)
- Morphisec Labs (35)
- Ransomware (31)
- Exploits (30)
- Threat Alerts (19)
- Threat Profile (19)
- Fileless Attacks (18)
- Industry News (18)
- Zero-day (17)
- APT (16)
- Research (15)
- CISO (14)
- Events (14)
- Product (12)
- Malware (11)
- 0-day exploits (10)
- Security News (10)
- Patching (9)
- Sandbox evasion (6)
- VDI (6)
- advanced endpoint protection (6)
- virtual desktop security (6)
- Exploit Kit (5)
- Microsoft (5)
- Mordechai Guri (5)
- Remote Employees (5)
- Threat Report (5)
- Work from Home Security (5)
- virtual desktop infrastructure (5)
- ASLR (4)
- Custom Packer (4)
- Cyber Security Predictions 2017 (4)
- Cyber Security Stack (4)
- Proactive Cyber Defense (4)
- Ransomware Prevention (4)
- Remote Access Trojan (4)
- cloud workload security (4)
- Angler Kit (3)
- Cyber threat landscape (3)
- Cybersecurity Measures (3)
- FIN7 (3)
- Holidays (3)
- Malspam (3)
- Proactive Endpoint Protection (3)
- cloud workload protection (3)
- remote workforce (3)
- vdi security (3)
- Case Study (2)
- Collaboration Applications (2)
- Evasive Malware (2)
- Hospital Cybersecurity (2)
- Linux Security (2)
- MLTR (2)
- MS Office Exploits (2)
- POS (2)
- Proactive Prevention (2)
- Security Stack (2)
- State and Local Government Cybersecurity (2)
- Threat Research (2)
- Webinars (2)
- cloud security (2)
- non-persistent VDI (2)
- proactive cloud workload security (2)
- protect cloud workloads (2)
- Antivirus (1)
- Banking Trojans (1)
- COVID-19 ransomware prevention (1)
- Cerber (1)
- Citized Threat Index (1)
- Cobalt Group (1)
- Crypters (1)
- Cuba ransomware gang (1)
- Cyber Hygiene (1)
- Cyber hygiene practices (1)
- Cybersecurity Spending (1)
- Defender for Endpoint (1)
- Defending infrastructure against cyber threats (1)
- EDR (1)
- Egregor (1)
- Egregor ransomware (1)
- Emerging cyber threats (1)
- Emerging threats (1)
- Endpoint Detection and Response (1)
- Exchange Server (1)
- FALLOUT EXPLOIT KIT (1)
- Fallout activity (1)
- Flash wrapper (1)
- FlawedAmmyy (1)
- GDPR (1)
- GOOGLE FUNDING SECURITY DEVELOPMENT (1)
- GRANDCRAB RANSOMWARE (1)
- Gozi (1)
- HEALTHCARE CYBERSECURITY (1)
- HEALTHCARE'S CYBERSECURITY WEAK SPOTS (1)
- Hancitor (1)
- Healthcare (1)
- Higher Education Cybersecurity (1)
- Hospitality Threat Index (1)
- Hotel Cybersecurity (1)
- Kovter (1)
- MODERN CYBERSECURITY (1)
- Microsoft Defender (1)
- Morphisec Guard (1)
- NGAV (1)
- OCR Bypass (1)
- OS-Native Security (1)
- Osiris (1)
- POS intrusions (1)
- PROTECT YOURSELF FROM GRANDCRAB (1)
- Phobos ransomware (1)
- Pied Piper Campaign (1)
- Product News (1)
- REMOTE COLLABORATION APPLICATIONS (1)
- RYUK RANSOMWARE (1)
- Retail Cybersecurity (1)
- Risk Reduction (1)
- SECURITY RESILIENCY (1)
- SecOps (1)
- Server Security (1)
- Supply Chain attack (1)
- ThreadKit (1)
- Ursnif (1)
- Zoom Security (1)
- advanced cyberthreat tactics (1)
- advanced threat prevention (1)
- advanced threat tactics (1)
- antivirus scanning processes (1)
- aslr meaning (1)
- browser attacks (1)
- cloud misconfigurations (1)
- code injection (1)
- cyber defense technology (1)
- cyber prevention mechanisms (1)
- cyber strategies (1)
- cyberattack landscape (1)
- cybersecurity acronyms (1)
- cybersecurity resilience (1)
- end to end visibility (1)
- endpoint security breaches (1)
- fallout protection (1)
- financial cyberattacks (1)
- financial cyberthreat (1)
- financial system threat (1)
- healthcare phishing schemes (1)
- malware authors (1)
- patch management processes (1)
- persistent VDI (1)
- proactive threat prevention (1)
- remote collaboration app security loopholes (1)
- remote workforce hidden risks (1)
- retail cybersecurity risks (1)
- threat prevention (1)
- virtual endpoints (1)
- zoom malware (1)
- zoom weaknesses (1)