10 matches found
The CISO imperative: Building resilience in an era of accelerated cyberthreats
The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberattacks and the persistent risk of nation-state actors demand urgent attention. But for those of us in the Office of the Chief Information Security...
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
North Korean information technology IT workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. "In some...
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware group continues to leverage...
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist
Business email compromise BEC was the top threat observed by Cisco Talos Incident Response Talos IR in the first quarter of 2024, accounting for nearly half of engagements, which is more than double what was observed in the previous quarter. The most observed means of gaining initial access was t...
8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by the cybercriminals. "Most of the group's Phobos variants ar...
Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks
Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022. The findings, which come from Google's Threat Analysis Group TAG, builds upon a prior report published in July 2022 detailing the continued cyber activity...
Cybercriminals using hijacked Cloud hosting accounts for targeted attacks
US Cloud hosting providers are constantly targeted by cyber crime according the revelations of two malware researchers Mary Landesman, a senior security researcher at Cisco Systems, and Dave Monnier security expert at Team Cymru explained during the 2013 Gartner Security and Risk Management Summi...
Verizon DBIR 2013: Months Pass Before Attacks Detected
It’s a familiar refrain: Attackers often have months of unfettered access to corporate networks; and security and network managers remain in the dark until they’re notified of serious breaches by third parties. Enterprises, regardless of industry, dread that fateful knock on the door by the FBI,...
Verizon DBIR 2013 Quantifies Cyberespionage Attacks
Targeted cyberespionage attacks have dominated discussions within the security community and outside of it from the mainstream media to the halls of the executive and legislative branches of government. But until now, discussions about attacks stemming from China that target intellectual property...
Verizon DBIR Analysis: Opportunistic Attacks Crushing Certain Industries
Regardless of the market or industry, the majority of attacks are financially motivated. Even in data-rich environments such as health care, attackers are still after profits and exploit the same weaknesses and transaction processing systems that are vulnerable in other industries such as hotels...