Latest

Cybercrime

Breach Roundup: Johnson Controls Suffers Ransomware Attack

Anviksha More  •  September 28, 2023

This week: Johnson Controls suffers a ransomware attack, the Philippine state health insurance program struggles to recover from a ransomware and Air Canada reports a cyberattack. Also: an APT group uses the American Red Cross as bait and new malware targets would-be users of Bitwarden.

Fraud Management & Cybercrime

ShadowSyndicate: A New Player in the RaaS Landscape

Mihir Bagwe  •  September 27, 2023

An apparently new hacking group has connections to a number of name-brand ransomware-as-a-service groups including Conti spinoffs and possibly Clop, making it a notably versatile addition to the criminal underground. Group-IB researchers dubbed the group ShadowSyndicate.

Big Data Security Analytics

Why Palo Alto Is Eyeing Data Defense Firm Dig at $300M-$400M

Michael Novinson  •  September 27, 2023

A data security startup led by a Microsoft and Google veteran and backed by Samsung and CrowdStrike could soon be acquired by Palo Alto Networks. The company is in advanced talks to buy data security posture management startup Dig Security for between $300 million and $400 million.

Multi-factor & Risk-based Authentication

CISA Urges Americans to Apply MFA, 'Think Before They Click'

Michael Novinson  •  September 26, 2023

CISA Director Jen Easterly urged citizens to boost their defenses by choosing strong passwords, opting for multifactor authentication, reporting phishing and enabling automatic software updates. Easterly said users should choose passwords that are complex and unique to each sensitive account.

Cybersecurity Spending

US Federal Shutdown 'Dangerous and Irresponsible'

Marianne Kolbasuk McGee  •  September 26, 2023

A U.S. federal government shutdown would have "immeasurable" damaging effects on the federal government's ability to fight cyberthreats, a top official said Tuesday amid forewarnings that the country should start preparing now for potential cyber interference in the 2024 presidential election.

Fraud Management & Cybercrime

Feds Warn About Snatch Ransomware

Prajeet Nair  •  September 21, 2023

The Snatch ransomware group is targeting a wide range of critical infrastructure sectors, including the defense industrial base, food and agriculture, and information technology sectors, according to a new alert issued by U.S. authorities. The group operates on a ransomware-as-a-service model.

Cybercrime

Dutch Police Warns Users of Credentials Leak Site

Akshaya Asokan  •  September 21, 2023

Hundreds of Dutch patrons of a now-defunct credential marketplace received warnings from national police in an attempt to prevent potential crimes using illicitly obtained personal identifiable information. Dutch national police Politie said it had contacted 400 "possible customers" of WeLeakInfo.

Cybercrime

Breach Roundup: Effects of ISP Ransomware Attack in Colombia

Anviksha More  •  September 21, 2023

This week, Colombia grappled with the aftermath of a ransomware attack against IFX Networks, Clorox suffered product shortages, a glitch allowed T-Mobile users to access other users' data, California passed restrictions for data brokers and Finland seized a dark web marketplace.

Open XDR

Cisco to Bring XDR, SIEM Together With $28B Splunk Purchase

Michael Novinson  •  September 21, 2023

Cisco's proposed $28 billion buy of Splunk allows businesses to move from threat detection and response to threat prediction and prevention by combining XDR and SIEM. The deal brings together Cisco's newly released XDR platform with Splunk's long-standing SIEM technology.

CISO Trainings

The Evolution of Online Fraud in 2023 and Best Practices to Plug the Gaps

Tony Morbin  •  September 20, 2023

Vice President at Appgate, Mike Lopez, offers his expert analysis on the survey findings and how this year's results were unique to the most current cyber threats.

Cybersecurity Spending

Cyber Experts Urge House Committee to Avoid Federal Shutdown

Marianne Kolbasuk McGee  •  September 19, 2023

Cybersecurity experts urged Congress to avoid a government shutdown on Oct. 1 - the start of the new federal fiscal year - telling a House panel that a lapse would damage efforts to keep the nation secure. Congress has yet to approve funding bills necessary to keep most federal agencies operational.

Endpoint Security

Dragos Raises $74M to Advance OT Protection in Europe, Asia

Michael Novinson  •  September 18, 2023

Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.