As organizations look for permanent solutions to operate using a remote workforce, users continue to elevate the risk of cyberattack by not worrying about cybersecurity. There’s something like 1/3 of the world working from home right now. According to a new report The Everywhere Read More

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned multiple ransomware criminals over the last few years, most notably the Russian cybercrime syndicate aptly named Evil Corp. However, not only Eastern European hackers were sanctioned, Read More

The recent Twitter hack shows that devastating security breaches don’t always involve sophisticated actors or methods, according to Rachel Tobac, CEO of SocialProof Security. On the CyberWire’s Hacking Humans podcast, Tobac explained that social engineering only requires an Read More

There’s no single defense against phishing and other social engineering attacks, according to Kevin O’Brien, CEO and co-founder of email security company GreatHorn. On the CyberWire’s Daily Podcast, O’Brien explained that the social engineering tactics used in phishing attacks Read More

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an organization to do? When you think of cyberattacks, the assumption is that it’s a simple matter of “the Read More

Funds transfer fraud, also known as business email compromise (BEC), is a much more widespread problem than it seems, according to lawyers at Ice Miller LLP. The attorneys believe this type of CEO Fraud is often underreported by the victims, so that even law enforcement doesn’t Read More

The total cost of the average ransomware attack more than doubles if the victim decides to pay the ransom, according to Sophos’ State of Ransomware 2020 report. The Sophos-commissioned survey of 5,000 IT managers around the world found that the average total cost of a successful Read More

That means you can from now on count a ransomware infection as a data breach with all the consequences that this brings. Moreover, the so-called “human-operated” ransomware gangs have stepped up their attacks amid the pandemic to maximize their ill-gotten profits. In Read More

In the history of IT and cyber threats, there has never been a more critical time for organizations to employ security awareness training than now. With employees working from home, the opportunity for cyberattacks to succeed is greatly improved. It may appear that, because you Read More

The latest data from Verizon’s 2020 Mobile Security Index report shows that both consumer and business users make it all too easy for cyberattackers to fool them into becoming a victim. Think about the layered security you have in place today – each solution (whether hardware or Read More

Taking a page from the Maze ransomware playbook, the creators of DoppelPaymer don’t just encrypt your data; they have found channels to sell it if you don’t pay up. Back in November, Maze ransomware became the first to publish a victim’s data if they didn’t pay the ransom, Read More

Rather than attempt to hack user credentials and gain access to Accounts Payable applications, hackers are now impersonating the CFO and obtaining all the detail they need to launch a scam. In a decidedly smart move, hackers are now shifting tactics to make it easier to build a Read More

The latest strain of Snatch ransomware performs a devious task to ensure tools designed to protect against ransomware are nowhere to be found during encryption. This one is pure, evil genius! The latest variant of Snatch has been identified by the researchers at Sophos. Infecting Read More

Leveraging vulnerable website content management platforms, these attacks seek to trick users into installing malware under the guise that their web browser is out-of-date. We all know that eventually, your web browser will need to be updated. So, it’s not so out-of-the-ordinary Read More

A new report from the National Cyber Security Alliance sheds some light on how prepared small- and medium-size businesses are and what the aftermath of a data breach really looks like. When 1,000 small business owners open up to talk about cybersecurity, it’s probably a good idea Read More