Security News

"These attacks are known to take advantage of network configuration weaknesses and vulnerable services to deploy devastating ransomware payloads," said researchers on Thursday. "And while ransomware is the very visible action taken in these attacks, human operators also deliver other malicious payloads, steal credentials, and access and exfiltrate data from compromised networks."

"These attacks are known to take advantage of network configuration weaknesses and vulnerable services to deploy devastating ransomware payloads," said researchers on Thursday. "And while ransomware is the very visible action taken in these attacks, human operators also deliver other malicious payloads, steal credentials, and access and exfiltrate data from compromised networks."

Cybercriminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A report from F-Secure documents a steep increase in attack traffic in 2019 that was unmatched by previous years.

Legal services company Epiq has taken its systems offline globally after being hit by a piece of ransomware. "As part of our comprehensive response plan, we immediately took our systems offline globally to contain the threat and began working with a third-party forensic firm to conduct an independent investigation," Epiq said in a statement.

A company that provides custom parts to aerospace giants Lockheed Martin, SpaceX and Boeing, has been the target of an attack by an emerging type of ransomware that can both encrypt files and exfiltrate data. Attackers also tweeted in an account using the name "DoppelPaymer" that more files were on the way, alerting researchers that attackers likely used the DoppelPaymer ransomware in the attack, according to reports.

DoppelPaymer has set up a public website with files from companies it claims it has compromised but have not paid a ransom, and it now lists Visser on that site, together with excerpts of allegedly stolen data. In an effort to exert even more pressure on victims to pay, in part by trying to name and shame them in public, some ransomware groups are upping the ante by stealing data before they forcibly encrypt everything.

Rail contractor RailWorks Corporation is notifying employees and third-parties that it recently fell victim to a ransomware attack in which sensitive information might have been compromised. The incident, which the company refers to as a "Sophisticated cyberattack," was clearly a ransomware attack, where cybercriminals managed to compromise systems within the contractor's environment and plant data-encrypting malware on them.

To that end, CISA has worked with the National Security Council, various federal agencies, industry stakeholders and organizations like the ICS Village to develop a set of core initiatives for 2020. Four, CISA will have a focus on developing detection and incident-response training blueprints.

Six alleged drug criminals will go free thanks to a ransomware attack on a small Florida city, it was revealed this month. It suffered an attack involving the Ryuk ransomware in April 2019 that took city servers offline.

73% of government employees are concerned about impending ransomware threats to cities across the country, and more employees fear of cyberattacks to their community than natural disasters and terrorist attacks, an IBM survey has revealed. Data in the new Harris Poll found ransomware attacks might be even more widespread, with 1 in 6 respondents disclosing their department was impacted by a ransomware attack.