Backend operation services provider InfoTrax Systems has reached a settlement with the U.S. Federal Trade Commission (FTC) over a data breach discovered in 2016, the agency announced this week.Utah-based InfoTrax provides multi-level marketers with a variety of services, including compensation, inventory, accounting, and training, as well as data security, i

Threat statistics come from a variety of sources: reported incidents, vendor telemetry, internet traffic and dark web analysis. All have value, and all have limitations. Reported incidents form the basis of Verizon's Data Breach Investigations Report (DBIR) -- its limitation is that it cannot account for those incidents that contributors decline to repo

In my previous column, I offered tips on leveraging security metrics in order to stay out of the lion’s den. It goes without saying that it’s always best to avoid the lion’s den whenever possible. In fact, much of the security advice out there is centered around this philosophy.  But what should one do if they have no choice but to put themselves in the

ASP.NET hosting provider SmarterASP.NET is currently working on recovering customer data after being hit by a ransomware attack over the weekend.Operating since 1999, SmarterASP.NET has datacenters in the United States and Europe and serves over 440,000 customers worldwide.On Saturday, the company fell victim to a ransomware attack that resulted in its custo

Opening In part one of this blog post series, we provided an introduction into what ransomware is and how it works. We also provided examples of different types of ransomware, variation of ransomware tactics, and identified that ransomware delivery is traditionally accompanied by other malware to assist in lateral movement and deployment. If you haven

So far in this series, we have looked at what ransomware is, what it does after it has compromised a system, and what organizations can do to detect and prevent ransomware. (Catch up with Part 1 & Part 2 before continuing!) However, that is only half the story. Organizations need to assume that they will be compromised with ransomware at some point and m

The forum dedicated to Check Point’s ZoneAlarm security product appears to have been breached and the details of the forum’s members have been leaked online.Check Point says its ZoneAlarm product has been used by nearly 100 million users worldwide, but the incident only appears to impact a few thousand users. The ZoneAlarm forum has roughly 4,500 members, bu

Krystal, a fast-food restaurant chain based in Atlanta, Georgia, informed customers recently that it has launched an investigation into a cybersecurity incident involving the payment processing systems used by some of its restaurants.The investigation is ongoing, but so far the company has determined that one of the payment processing systems it uses may hav

The South African city of Johannesburg says it will not pay the ransom demanded by hackers who recently breached its IT systems.The city of Johannesburg revealed on Friday, October 25, that its systems had been illegally accessed by hackers, which led to its official website and various services being taken offline. Impacted services include billing, propert

In this three-part blog post series, we will provide an introduction into what ransomware is, how it works, and how it spreads to systems within an organization. We will also provide examples of different types of ransomware and variation of ransomware tactics. In part two, we will go in-depth to understand the various attack vectors ransomware uses, as

Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack.As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in the service being unreachable.While customers were complaining of their inability t

VPN providers TorGuard and NordVPN have responded to reports that their systems have been breached, and both blame the incident on a third-party service provider.Hackers have leaked private RSA keys and information on configuration files that were stolen from a NordVPN server last year.At least three private keys appear to have been stolen from the server, i

An unknown threat actor managed to access Avast’s network in yet another supply chain compromise attempt, the security company announced on Monday.Detected at the end of September, the intrusion involved the use of a temporary VPN profile that had been kept alive although it did not have two-factor authentication enabled. The attackers had been using the pro

Averting cyberattacks planned out by aggressive threat actors is no easy feat for any organization, and much less for incident response (IR) teams who are usually called in after the attack has caused damage. IBM X-Force Incident Response and Intelligence Services (IRIS) analysts know this firsthand. The problem with this approach is that when an attack is a

Does ransomware respect the holiday season? With ransomware attacks attempted every 14 seconds, it’s not likely attackers take any days off. The threat of ransomware keeps growing, and in Q1 2019, researchers noted a 118 percent rise in malware strains in this category. Behind these rising numbers are cybercrime syndicates that continue to push ransomw