The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
The former head of the U.K.'s National Cyber Security Centre warns that destructive ransomware targeting large enterprises is likely to surge in 2023, adding that recent attacks on Royal Mail and The Guardian newspaper are examples of these early-stage attacks.
Ukraine's top information protection agency says Russian cyberattacks are focusing on destruction of critical information infrastructure, spying and disinformation. Although efforts are underway, it will require $1.79 billion to completely restore the telecommunication sector, it says.
Moving from certificate-based to FIDO authentication reduces overhead and complications for enterprises looking to move away from passwords, says Microsoft's Libby Brown. FIDO allows organizations to go passwordless by simply buying a FIDO key and turning it on in their Azure Active Directory.
The IntSights deal has allowed Rapid7 to offer more visibility into the threat landscape and target the phishing infrastructure used by hackers. The deal has helped Rapid7 determine the spoofed domains and the employees and social media accounts that adversaries have targeted, CEO Corey Thomas says.
Gen Digital, owner of the Norton LifeLock brand, is notifying more than 6,000 U.S. individuals that hackers might have the valid credentials for logging onto their Norton Password Manager after the company detected a credential stuffing attack in December.
Passwordless authentication will gain traction once it addresses edge cases such as logging into Netflix using a remote control, says Hypr CEO Bojan Simic. He shares how a QR code and a biometric identifier on a smartphone can transform the way someone accesses the Wi-Fi at a friend's house.
The FIDO2 standard has driven the adoption of multifactor authentication as well as the embrace of passkeys and conditional UI, says Superlunar's Nick Steele. FIDO2 will help users adopt passwordless flows while protecting websites with public key credentials in a way that hadn't been possible.
Pity the overworked ransomware gang - say, LockBit - that just "discovered" one of its affiliates hit Britain's postal service. But until Western governments find a way to truly disrupt the ransomware business model, operators remain free to keep spouting half-truths and lies at victims' expense.
Meta says it is taking legal action against scraping-for-hire service provider Voyager Labs for allegedly using fake accounts to copy accessible data about users when logged into Facebook, Instagram and other websites. The social media firms says it closed 60,000 fake accounts.
TikTok must pay a fine of 5 million euros to the French government after the country's data protection agency said the short-form video app violated national privacy law restricting the monitoring of web browser activity. TikTok is at the center of a number of privacy controversies worldwide.
Since Elon Musk became Twitter's CEO, cyber risks have affected the social media company in technological, financial, regulatory and reputational ways. Marco Túlio Moraes says the big issue is that the risks now affect a significant digital business world asset: trust.
The prolific ransomware group LockBit has been tied to the recent disruption of Britain's national postal system, as Royal Mail reports it remains unable to send international letters or parcels. While LockBit has enjoyed unusual longevity, could this attack be its undoing?
SailPoint has made its first acquisition since joining Thoma Bravo, scooping up a third-party identity risk startup established by a Massachusetts Air National Guard veteran. Buying SecZetta will give customers more visibility into employee, third-party contractor and temporary worker identities.
Hack The Box has completed a Series B funding round to add more cloud security and a gamification approach to its cybersecurity training platform. The Kent, England-based startup was founded in 2017 to provide pen testers and red teamers with a way to test their offensive security skills.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.