Security News > 2021 > May

The DarkSide ransomware threat that triggered the shut down of the Colonial pipeline is growing. Today Toshiba Tec Corp announced a 'cyberattack on European subsidiaries of the Toshiba Tec Group'.

Commercial insurer CNA this week announced that it has fully restored its systems following a ransomware attack two months ago. The incident, which the Chicago, Illinois-based company revealed on March 23, affected various CNA systems, including the corporate email, and caused network disruptions.

QNAP warns customers of an actively exploited Roon Server zero-day bug and eCh0raix ransomware attacks targeting their Network Attached Storage devices. "The eCh0raix ransomware has been reported to affect QNAP NAS devices," the company said.

Networking giant Cisco said Friday that it has agreed to acquire Kenna Security, a privately held cybersecurity company focused on vulnerability management technology. Santa Clara, Calif.-based Kenna provides a risk-based vulnerability management platform that helps organizations identify and determine which vulnerabilities pose the highest risk so that security teams don't waste valuable time on weaknesses that are unlikely to be exploited.

With this acquisition, Cisco will transform the way security and IT teams collaborate to reduce the attack surface and the time it takes to detect and respond. With Kenna's technology, Cisco Security will be combining threat and risk-based vulnerability management as part of the SecureX platform, expanding the platform experience and enabling comprehensive scorecards for security controls and threat response performance.

Now experts are warning against a new threat - triple extortion - which means that attackers are expanding out to demand payments from customers, partners and other third parties related to the initial breach to grab even more cash for their crimes. Check Point's latest ransomware report found that over the past year, ransomware payments have spiked by 171 percent, averaging about $310,000 - and that globally, the number of attacks has surged by 102 percent.

Staying on top of the latest web application security trends and new vulnerabilities, and knowing the basics there, and digging in and understanding and application and how its authorization works, and how the pieces of a large application tie together. They know all the features, how they work, how they interact together and it's really in those areas where we see a lot of our great vulnerabilities being reported internally and externally.

Ireland's nationalised health service has shut down its IT systems following a "Human-operated" Conti ransomware attack, causing a Dublin hospital to cancel outpatient appointments. The country's Health Service Executive closed its systems down as a precaution, local reports from the Irish public service broadcaster RTÉ said, reporting that Dublin's Rotunda Hospital had cancelled appointments for outpatients - including many for pregnant women.

Ireland's Health Service Executive, the country's publicly funded healthcare system, has shut down all IT systems after its network was breached in a ransomware attack. A sample of the ransomware used in the HSE attack and shared with BleepingComputer appends the.

Ireland's Health Service Executive, the country's publicly funded healthcare system, has shut down all IT systems after its network was breached in a ransomware attack. A sample of the ransomware used in the HSE attack and shared with BleepingComputer appends the.