Questions leaders can use to measure organization's ransomware preparedness
September 14, 2021
C-suite and other executives expect cyberattacks to increase over the next 12 months, yet only 33.3% say that their organizations have simulated ransomware attacks to prepare for such an incident, according to a recent Deloitte poll.
CISA and FBI urge organizations to remain vigilant to ransomware threats on holidays, including this Labor Day
September 1, 2021
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are customarily closed—in the United States, as recently as the Fourth of July holiday in 2021.
ShinyHunters, a financially motivated threat group that emerged in May 2020, has made their return to push a trove of data allegedly stolen from U.S. telecommunications company AT&T, according to Digital Shadows, who could not independently verify the integrity of ShinyHunters’ claims.
According to the Cybersecurity and Infrastructure Security Agency (CISA), malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-3447, CVE-2021-3452, and CVE-2021-3120. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine.
Every organization must prepare for a ransomware attack. The question is how best to do it. Surprisingly, we can turn to an unlikely source for advice on avoiding a ransomware attack – the criminals themselves.
With the proliferation of ransomware attacks, every business feels the pressure—and often a sense of futility—in defending against cybercriminals. But companies can regain control by focusing on one of the most common attack vectors: Active Directory.
HP Wolf Security released the findings of a global survey of 1,100 IT Decision Makers (ITDMs), examining their concerns around rising Nation State attacks: 72% of respondents said they worry that nation-state tools, techniques, and procedures (TTP) could filter through to the dark net and be used to attack their business.
Security spoke to Bill Wright, Director of Federal Government Affairs at Splunk, for a deeper dive into strategies federal organizations can use to facilitate expedited zero trust adoption.