In April, Cybereason published a blog describing its research into the DarkSide ransomware strain that infected Colonial Pipeline this past week. Sam Curry, CSO of Cybereason, shares insights on DarkSide and the tactics behind the new breed of ransomware attacks.
CISA is still awaiting more technical details from Colonial Pipeline about the Friday ransomware attack that forced it to shut down its operations, Brandon Wales, the agency's acting director, told a Senate committee that's probing the attack and other cybersecurity incidents.
Gregory Touhill, the retired Air Force general and former federal CISO under President Obama, minces no words when he describes the Colonial Pipeline ransomware attack as a "global day of reckoning" for critical infrastructure protection.
Attackers are using Avaddon ransomware to target diverse organizations in the U.S., Australia and elsewhere, according to the FBI and the Australian Cyber Security Center. Among the recent victims was a service provider to Australian telecommunications company Telstra.
Tom Kellerman of VMware Carbon Black shares his opinions about whether a nation-state was behind the recent ransomware attack on Colonial Pipeline and what the U.S. government should do to prevent other cyberattacks.
"It's not personal ... It's strictly business." That line from "The Godfather" encapsulates the mindset of criminals who extort businesses using ransomware and other tools: Their imperative is profits, no matter any disruption they might cause to critical services, such as those provided by Colonial Pipeline.
The FBI and White House confirmed Monday that the DarkSide ransomware variant was used in the Friday attack that caused disruptions at Colonial Pipeline Co., which operates a pipeline that supplies fuel throughout the eastern U.S. But the gang behind the ransomware tried to shift the blame to an affiliate.
After a ransomware incident, Colonial Pipeline Co. has restored smaller pipelines that ship fuels to the U.S. East Coast, but its larger ones are still offline as it assesses safety. Citing U.S. officials, The Associated Press reports the company was infected by the DarkSide ransomware group.
Colonial Pipeline, which oversees more than 5,500 miles of pipeline that supplies fuel throughout the U.S. East Coast, confirmed Saturday that a ransomware attack has disrupted its services, and the company has taken some of its IT systems offline as a precaution.
The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
SmileDirectClub, which sells teeth-straightening appliances, expects that a recent cyberattack, which disrupted the manufacturing of its products, will take a $10 million to $15 million bite out of its second-quarter revenue.
A ransomware gang claims to have stolen SIM card data and banking information in an attack on Schepisi Communications, a service provider to Australian telecommunications company Telstra, a local news outlet reports.
San Diego-based Scripps Health, which operates four area hospitals, has been forced to postpone some patient care - and reportedly divert some patients seeking emergency treatment - as a result of what local news outlets say is a ransomware attack.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
Four editors at Information Security Media Group discuss timely issues, including how the zero-day attacks against Accellion File Transfer Appliance users have rewritten the rules of the cyber extortion game and former federal CISO Gregory Touhill taking on an important new role.