British-American cruise operator Carnival Corporation & plc revealed it had detected a ransomware attack on some of its IT systems.In a regulatory filing submitted to the U.S. Securities and Exchange Commission (SEC), Carnival revealed that it had detected a ransomware attack on August 15.A subsequent investigation revealed that the ransomware actors had

CactusPete (also known as Karma Panda or Tonto Team) is an APT group that has been publicly known since at least 2013. Some of the group’s activities have been previously described in public by multiple sources. We have been investigating and privately reporting on this group’s activity for years as well. Historically, their activity has been foc

Research into recent ransomware submissions revealed that more than a tenth of crypto-malware infections now involve some element of data theft.In the second quarter of 2020, ID Ransomware received 100,001 submissions of crypto-malware pertaining to attacks that had targeted organizations and government entities.Of those attacks, 11,642 involved the theft of

Data volume storage needs are growing exponentially across hybrid multicloud environments. Meanwhile, companies are being faced with a greater number of regulations to follow, as well as increased exposure to data ransomware, theft and misuse. Many regulations, such as the General Data Protection Regulation, highlight encryption as an example of appropriate

British low-cost airline group easyJet revealed that an hacking incident had exposed approximately nine million customers’ information.On May 19, easyJet issued a “Notice of cyber security incident” in which it revealed that it had fallen victim to a digital attack from a “highly sophisticated source.”An investigation revealed t

Verizon’s 2020 DBIR is out, you can download a copy or peruse their publication online. Kaspersky was a contributor once again, and we are happy to provide generalized incident data from our unique and objective research. We have contributed to this project and others like it for years now. This year’s ~120 page report analyses data from us and

There is no silver bullet when it comes to protecting sensitive data. No single security technology investment will eliminate the risk of data theft or a mistake exposing sensitive information. To proactively defend against attackers, enterprise security teams are learning that they need to collect and centralize security and compliance information from all

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Figures of the year In 2019, Kaspersky mobile products and technologies detected: 3,503,952 malicious installation packages. 69,777 new mobile banking Trojans. 68,362 new mobile ransomware Trojans. Trends of the year In summ

AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 2019 when the threat actor behind it registered a new domain und

Nothing is more difficult than making predictions. Rather than trying to gaze into a crystal ball, we will be making educated guesses based on what has happened during the last 12 months, to see where we can see trends that might be exploited in the near future. This is what we think might happen in the coming months, based on the knowledge of experts in thi

Note: This blog post is a collaboration between the Malwarebytes and HYAS Threat Intelligence teams. Magecart is a term that has become a household name, and it refers to the theft of credit card data via online stores. The most common scenario is for criminals to compromise e-commerce sites by injecting rogue JavaScript code designed to steal any informa

A federal grand jury has indicted a former National Security Agency (NSA) contractor for stealing national defense information over the past 20 years.The indictment (PDF) alleges that Harold Thomas Martin, 52, collected a number of government secrets while employed as a private contractor for various government agencies. He began lifting the documents in Dec

A study revealed how hackers in the dark web are arming insiders with the tools and knowledge necessary to help steal corporate secrets. The dark web is the right place where to buy and sell corporate secrets, experts at the risk management firm RedOwl and Israeli threat intelligence firm IntSights made an interesting research titled “Monetizing the In

It happens — employees leave. Sometimes they find growth opportunities and are encouraged, even cheered, by their employers to go for it. Other times, they are let go due to downsizing or performance issues, recruited by rivals or otherwise lured to greener pastures. In all scenarios, the employer’s intellectual property (IP) is at risk. Revenge, greed

Once again an NSA contractor is the headlines for the alleged theft of secret exploit codes and highly confidential documents. The FBI has arrested another NSA contractor over a massive secret data theft. The US DoJ has charged Harold Thomas Martin (51) with theft of secret documents and highly classified government material. According to a court complaint