Fact is, security in the cloud needs improvement. The problem is that cloud service providers treat cloud security as a shared responsibility with their customers. And while cloud purveyors typically hold up their end of the bargain, many customers do not. Human error among cloud customers is rampant.
In a Twitter poll that garnered close to 9000 responses, 79% of respondents say organizations shouldn't pay ransom when hit with a ransomware cyberattack.
Good security hygiene practices go a long way to mitigating risk day in and day out. But security teams also need the flexibility to reorient themselves, so that when new threats emerge or new best practices or technologies become available, they can adapt.
Most IT leaders believe that ransomware attacks will be a greater concern in a hybrid workplace, with legal firms and healthcare organizations particularly concerned about this threat, according to a new Tessian report.
Sophos researchers have discovered a malware campaign whose primary purpose appears to stray from the more common malware motives. Instead, say the researchers, it appears to steal passwords or to extort a computer's owner for ransom, blocking infected users' computers from being able to visit a large number of websites dedicated to software piracy by modifying the HOSTS file on the infected system.
With the assistance and coordination of Interpol and law enforcement officers from the Republic of Korea and the United States, Ukrainian police have arrested six alleged members of the Clop ransomware gang.
Fancy Lazarus, a well-known distributed denial of service (DDoS) extortionist, has resurfaced with a new campaign focused on organizations with unprotected assets across all sizes of companies in all industries, according to Radware.
Among highly regulated, global organizations, Panaseer has determined that the top ten most frequently used security metrics are (in order of popularity):
