It just keeps getting easier to create ransomware. Last year, schoolkids were doing it. Just last month, ransomware went open source. And now ChatGPT is enabling script kiddies to write functional malware. But just how big a threat is this, really? In the real world, the part where AIs can write code isn’t particularly scary. […]
Endpoint detection and response (EDR) capability is widely touted as an essential part of defense against ransomware. Unfortunately, it doesn’t always work as well as planned. Instead of scanning devices for known malicious code, EDR software watches for unusual activity that looks like a hacker is trying to infiltrate a network. Or behavior that looks […]
Earlier this year, the FBI released data which was interpreted by many in the tech press as saying phishing attacks were significantly more costly to organizations than ransomware. This conclusion has been challenged, and there’s now something of a counter-narrative available. (Note that this is an uncensored interview and contains language that’s likely to be […]
In a joint cybersecurity advisory, several US government agencies warned that ransomware attacks on schools would likely increase in September. This might have been slightly more helpful if the advice came before the massive attack on the Los Angeles Unified School District (LAUSD), not after. Oops. But it’s not likely to surprise anyone that schools […]
In some countries, kidnappings are so common that an entire industry of negotiators and consultants emerged to facilitate the exchange of ransoms and the safe recovery of victims. Many aspects of cybercrime are similar to crimes committed offline, so it should surprise nobody that ransomware negotiators not only exist, but have existed for long enough […]
Don’t open attachments from strangers: it’s been standard anti-phishing advice long enough to become a cliché. So of course, purveyors of malware do their best to imitate someone you know. The latest technique favored by access brokers (criminals who sell access to other criminals, including ransomware operators) is thread hijacking, according to Ars Technica’s Dan […]
A REVEALING REPORT FOR IT PROFESSIONALS BY IT PROFESSIONALS