With an average of 626 ransomware attacks weekly on health care organizations, it’s evident that the bad guys are stepping up their tactics and focus where they believe the money to be. Health care as a target industry has always been somewhere in the top 10 or even top five Read More

According to research released by Code42, 85% of employees are more likely to leak files today than before the COVID-19 pandemic. “By malicious insiders, we are not talking about terrible people who are criminals,” said Joe Payne, Code42’s president and CEO. “More often Read More

A research paper in the Journal of Computer Information Systems says that security awareness training is a necessary complement to technical defenses and security policies, SC Magazine reports. Published by researchers from the University of Sussex and the University of Auckland, Read More

As organizations look for permanent solutions to operate using a remote workforce, users continue to elevate the risk of cyberattack by not worrying about cybersecurity. There’s something like 1/3 of the world working from home right now. According to a new report The Everywhere Read More

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned multiple ransomware criminals over the last few years, most notably the Russian cybercrime syndicate aptly named Evil Corp. However, not only Eastern European hackers were sanctioned, Read More

The recent Twitter hack shows that devastating security breaches don’t always involve sophisticated actors or methods, according to Rachel Tobac, CEO of SocialProof Security. On the CyberWire’s Hacking Humans podcast, Tobac explained that social engineering only requires an Read More

There’s no single defense against phishing and other social engineering attacks, according to Kevin O’Brien, CEO and co-founder of email security company GreatHorn. On the CyberWire’s Daily Podcast, O’Brien explained that the social engineering tactics used in phishing attacks Read More

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an organization to do? When you think of cyberattacks, the assumption is that it’s a simple matter of “the Read More

Funds transfer fraud, also known as business email compromise (BEC), is a much more widespread problem than it seems, according to lawyers at Ice Miller LLP. The attorneys believe this type of CEO Fraud is often underreported by the victims, so that even law enforcement doesn’t Read More

The total cost of the average ransomware attack more than doubles if the victim decides to pay the ransom, according to Sophos’ State of Ransomware 2020 report. The Sophos-commissioned survey of 5,000 IT managers around the world found that the average total cost of a successful Read More

That means you can from now on count a ransomware infection as a data breach with all the consequences that this brings. Moreover, the so-called “human-operated” ransomware gangs have stepped up their attacks amid the pandemic to maximize their ill-gotten profits. In Read More

In the history of IT and cyber threats, there has never been a more critical time for organizations to employ security awareness training than now. With employees working from home, the opportunity for cyberattacks to succeed is greatly improved. It may appear that, because you Read More

The latest data from Verizon’s 2020 Mobile Security Index report shows that both consumer and business users make it all too easy for cyberattackers to fool them into becoming a victim. Think about the layered security you have in place today – each solution (whether hardware or Read More

Taking a page from the Maze ransomware playbook, the creators of DoppelPaymer don’t just encrypt your data; they have found channels to sell it if you don’t pay up. Back in November, Maze ransomware became the first to publish a victim’s data if they didn’t pay the ransom, Read More

Rather than attempt to hack user credentials and gain access to Accounts Payable applications, hackers are now impersonating the CFO and obtaining all the detail they need to launch a scam. In a decidedly smart move, hackers are now shifting tactics to make it easier to build a Read More