Ransomware Task Force releases long-awaited recommendations
SC Media, Joe Uchill
“Unlike many of the past efforts to stifle ransomware, RTF takes a very deliberate focus on the government’s role in solving the problem, painting it as a national security issue lawmakers can no longer ignore.” Read More
Only 8% of businesses that paid a ransom got all of their data back
Help Net Security, Staff
“We’ve seen attackers move from larger scale, generic, automated attacks to more targeted attacks that include human hands-on-keyboard hacking. …our experience shows that the potential for damage from these more advanced and complex targeted attacks is much higher. Such attacks are also harder to recover from, and we see this reflected in the survey in the doubling of overall remediation costs.” Read More
US Urges Organizations to Implement MFA, Other Controls to Defend Against Russian Attacks
DarkReading, Jai Vijayan
“The new advisory highlights three tactics that SVR and threat groups working for it have been observed using in recent attacks: password spraying, zero-day exploits, and the use of a malware tool set called WellMess for enabling encrypted command-and-control sessions on an infected system.” Read More
Apple patches ‘worst macOS bug in recent memory’ after it was used in the wild
SC Media, Joe Uchill
“Don’t count on Apple’s built-in protection, as time and time again they prove buggy, bypassable or insufficient. A third-party security tool probably makes sense.” Read More
Password Manager Suffers ‘Supply Chain’ Attack
ABC News, The Associated Press
“Click Studios has some 29,000 enterprise and government customers worldwide, across aerospace, banking, defense, healthcare, utilities, and other industry sectors.” Read More