As anyone who works in cybersecurity will already know, North Korea has made a big investment in its cyberattack capability, with ransomware a feared specialty. For that reason, a warning last week from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) regarding Maui ransomware attacks on the U.S. healthcare sector will have filled […]

One of the biggest internal debates facing ransomware recovery planners is whether to pay an extortion demand or fall back on a process of internal data recovery. Increasingly, however, victims who decide to pay face a second and potentially complex question: is it worth trying to retrieve a ransom after it has been paid? For […]

A critical and often underestimated resource in the fight against malware is the industry’s history of finding and reporting software flaws in everything from big-brand programs to websites and software APIs. Many software companies and a few larger enterprises run dedicated programs that offer massive rewards for researchers opting for this type of work, sometimes […]

For most of us, the chance of being caught up in a data breach is just another hazard of online life. Personally identifiable information (PII) is stolen from a company we have an association with, and nobody is the wiser unless the company contacts us with the bad news. Except not every company wants to […]

If you had to name a piece of software cybercriminals look to target, Microsoft’s Exchange Server would surely be near the top of the list. To its huge user base, it’s the perfect DIY in-house email system that has dovetailed with Microsoft’s ecosystem since the 1990s. To criminals, including ransomware criminals, it’s become tempting prey […]