Ever hear of double extortion? It’s a technique increasingly employed by ransomware attackers. A malware payload steals a victim’s plaintext information before launching its encryption routine. Those operating the ransomware then go on to demand two ransoms — one for a decryption utility and the other for the deletion of the victim&rsquo

In cybersecurity as in most jobs, problems don’t happen one at a time, you’re bound to have a few at once. Speakers at the RSA Conference 2021 talked about this in terms of maintaining cyber resilience in chaos. So, what does the buzzword ‘cyber resilience’ really mean? And why is it important to be able to embrace chaos in your day-

The year 2020 — with all its tumult — ushered in a massive shift in the way most companies work. Much of that transformation included migrating to cloud, with some statisticians reporting that a full 50% of companies across the globe are now using cloud technology. In many ways, that’s good — cloud holds several advantages for organi

Throughout my lifetime, I’ve wondered on many occasions how my life would have changed had I made a different decision at a critical point — picked a different college, taken a different job or moved to another town. I’ve often wished that I could watch a movie of the different outcomes before making a decision, like in the movie “Sl

In mid-May, one of the largest insurance companies in the U.S. paid $40 million to ransomware attackers. Two people familiar with the matter told Bloomberg that the malicious actors stole an undisclosed quantity of data and then effectively locked the insurer out of its network for two weeks. The company ignored the attackers’ demands at first. But, a

Small- and medium-sized businesses can be victims of digital attacks as much as global ones can. In fact, 88% of small business owners think they’re open to a cyberattack. In response, startups must allocate time and resources to getting the right small business cybersecurity measures, right? If only business realities were that simple. Let&rsquo

Security professionals keep busy. Before you can patch a vulnerability, you need to decide how important it is. How does it compare to the other problems that day? Choosing which jobs to do first using vulnerability management tools can be a key element of a smart security strategy. Software vulnerabilities are one of the root causes of attacks. One unpatch

Home is where the ‘smart’ is. A recent study revealed the average American household has 25 connected or Internet of Things (IoT) devices. The number of consumers who have smart home devices connected to their home internet has grown by 38% since the pandemic began. The findings don’t surprise Brad Ree, the chief technology officer (CTO) o

In a recent collaboration to investigate a rise in malware infections featuring a commercial remote access trojan (RAT), IBM Security X-Force and Cipher Tech Solutions (CT), a defense and intelligence security firm, investigated malicious activity that spiked in the first quarter of 2021. With over 1,300 malware samples collected, the teams analyzed the del

Some of you love it and some of you hate it, but at this point it should come as no surprise that .NET tradecraft is here to stay a little longer than anticipated. The .NET framework is an integral part of Microsoft’s operating system with the most recent release of .NET being .NET core. Core is the cross-platform successor to the .NET Framework that

On July 2, 2021, Kaseya customers were notified of a compromise affecting the company’s VSA product in a way that poisoned the product’s update mechanism with malicious code. VSA is a remote monitoring and management tool for networks and endpoints intended for use by enterprise customers and managed service providers (MSPs). According to Kaseya

Operational Technology Threats in 2021: Ransomware, Remote Access Trojans and Targeted Threat Groups Organizations with operational technology (OT) networks face many unique — and often complicated — considerations when it comes to cybersecurity threats. One of the main challenges facing the community is the convergence of an increasingly OT-awa

Offensive security professionals have been using Frida for analyzing iOS and Android mobile applications. However, there has been minimal usage of Frida for desktop operating systems such as Windows. Frida is described by the author as a “Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.” From a securit

In a world in which bad news dominates, social engineering scams that carry a promise of good news can be incredibly lucrative for cyber criminals.  In one recent example, fraudsters set up a phony job posting using a real recruiter as the contact person for the hiring process. Applicants hoping for a chance at the too-good-to-be-true position were ins

Cybersecurity careers are a buzzy topic lately, with more people needed and salaries competitive. How do you make yourself stand out in this field and find a career you both love and do well? Meanwhile, when you’re not working you may very well be making a new streaming account to escape after a long day. The pandemic has changed our streaming habits