Cyber Security News


  • Mallox ransomware: in-depth analysis and evolution

    September 4, 2024

    Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide. In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released ...

  • Planned Parenthood confirms cyber-attack as RansomHub threatens to leak data

    September 4, 2024

    Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment. This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening ...

  • How Effective Is Your Insider Risk Program?

    September 3, 2024

    Insider threats continue to increase and make headlines. So, it is no surprise that many CISOs consider it a high priority to proactively identify and prevent these types of threats. In fact, research for the 2024 Voice of the CISO report from Proofpoint found that a third of CISOs globally see insider threats as their biggest ...

  • North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social Engineering Attacks

    September 3, 2024

    The Democratic People’s Republic of Korea (“DPRK” aka North Korea) is conducting highly tailored, difficult-to-detect social engineering campaigns against employees of decentralized finance (“DeFi”), cryptocurrency, and similar businesses to deploy malware and steal company cryptocurrency. North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence ...

  • Decoding the Puzzle: Cicada3301 Ransomware Threat Analysis

    September 3, 2024

    Cicada3301 ransomware, written in Rust, was first reported less than two months ago. Despite its recent emergence, Morphisec threat researchers have already identified striking similarities between Cicada3301 and the infamous BlackCat ransomware. Like its namesake, the Cicada puzzle, which has long been associated with complex, cyber-related problem-solving, the true identity of the Cicada3301 ransomware developers remains ...

  • AI search is going to change marketing… are you prepared?

    September 3, 2024

    OpenAI, the company behind ChatGPT, has announced they are building a search engine. It’s a move that begs two simple questions: is Google at risk and will this change how you market your business? The answer is yes to both. AI search engines aren’t new. Perplexity is an AI search engine with a valuation of over ...

  • City of Columbus sues researcher for sharing leaked ransomware data

    September 3, 2024

    The City of Columbus, Ohio, has taken legal action against a security researcher who shared leaked data from a ransomware attack against the city with members of the news media. A lawsuit filed last week alleges that the actions of software development consultant David Leroy Ross Jr., who also goes by Connor Goodwolf, risks “irreparable harm” ...

  • Transport for London dealing with ‘ongoing cyber security incident’

    September 3, 2024

    Transport for London (TfL) is dealing with whats it calls an “ongoing cyber security incident”. The organisation, which is responsible for most of London’s transport network, has not shared specific details of the incident but it confirmed there is currently no evidence customer data has been compromised. Shashi Verma, TfL’s chief technology officer, said: “We have ...

  • Should State Governments Ban Ransomware Payments?

    September 3, 2024

    In 2021, North Carolina became the first state to prohibit public ransomware payments, even going so far as to ban negotiations with cyber criminals. It was a groundbreaking move. Florida followed suit in 2022, but its legislation took a less stringent approach, covering a narrower range of entities and omitting some of the stricter provisions ...

  • Head Mare: adventures of a unicorn in Russia and Belarus

    September 2, 2024

    Head Mare is a hacktivist group that first made itself known in 2023 on the social network X (formerly Twitter). In their public posts, the attackers reveal information about some of their victims, including organization names, internal documents stolen during attacks, and screenshots of desktops and administrative consoles. By analyzing incidents in Russian companies, Kaspersky researchers ...