This blog post started as a Twitter thread, in case you were wondering if anything good ever came from Twitter. Ransomware attacks are complex and involve a lot of different aspects of security, which is why defenders need to take a “boxing match” approach to stopping ransomware attacks. This means that, like boxing, you’re always […]
Don’t open attachments from strangers: it’s been standard anti-phishing advice long enough to become a cliché. So of course, purveyors of malware do their best to imitate someone you know. The latest technique favored by access brokers (criminals who sell access to other criminals, including ransomware operators) is thread hijacking, according to Ars Technica’s Dan […]
Ransomware’s evolution away from encryption continues, according to this article from The Register. To be clear, ransoms are still being demanded and paid. But instead of being forced to pay to recover access to encrypted files, victims are shelling out to keep stolen, sensitive data from being publicly leaked. Ransomware gangs like Karakurt put pressure […]
As anyone who works in cybersecurity will already know, North Korea has made a big investment in its cyberattack capability, with ransomware a feared specialty. For that reason, a warning last week from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) regarding Maui ransomware attacks on the U.S. healthcare sector will have filled […]
Over the past 18 months, there have been a lot of headlines involving ransomware and other types of cyberattacks involving Microsoft Exchange Server environments. Last March, a single cyber espionage organization based in China was able to compromise more than 30,000 email systems within a short period of time. This sudden attack sweep prompted Microsoft […]
When discussing the ever-changing ransomware threat landscape, we often talk about what devices threat actors will target next. In addition to mobile devices, the other technology I get asked about the most is “Internet of Things” (IoT), and whether we should expect threat actors to begin going after the “smart” products in our homes or […]
