Joint study finds that old vulnerabilities accounted for just over three-quarters of ransomware attacks in 2022. Most of these old vulnerabilities are from between 2015 to 2019, but the oldest still being actively exploited was published and patched in 2010.
A supply chain attack on Applied Materials may have begun with vendor MKS Instruments, which reported an early February ransomware attack that it said would impact shipments.
SMS-based 2FA is by far the most commonly used method for added account security beyond the password. Twitter users that rely on it to secure their accounts will have to come up with another option by March 20.
Hackers have apparently been able to gain illicit access to the web hosting company since at least 2019. It is not clear when the source code was stolen (or exactly what pieces were taken), but malware was apparently planted in the cPanel control system.
The LockBit ransomware gang insisted on a ransom demand that was calculated based on the entirety of Royal Mail’s annual revenue, rather than the specific international branch it hit, and would not back down.
Russian hackers supporting the Russian invasion of Ukraine have launched a campaign of DDoS attacks disrupting NATO operations, including a Turkey-Syria earthquake relief mission.
A cybercrime ecosystem is firming up on Telegram, and the scope of services it offers is growing to rival dark web forums. Telegram offers some unique features that have made it a top choice as a dark web substitute.
The UK financial regulator asked cyber insurance firms to respond to risk assessment and coverage questions about three hypothetical scenarios, ultimately finding too much variance in risk and cost estimates. A few reported that they would not be able to maintain the requisite level of solvency after making all required payments.
The assortment of Russian hackers that were sanctioned play various roles in TrickBot’s operations, such as developing the ransomware gang’s malware and maintaining its servers.
A wave of ransomware attacks taking place since the beginning of February has been tied to an old vulnerability in VMware servers. but thousands appear to remain unpatched as an automated process has compromised them in countries around the world.