In March 2017, a group of hackers from China arrived in Vancouver with one goal: Find hidden weak spots inside the world's most popular technologies. Google's Chrome browser, Microsoft's Windows operating system, and Apple's iPhones were all in the crosshairs. But no one was breaking the law.
A ransomware attack caused a major East Coast fuel pipeline operator to shut down its entire network on Friday, according to two U.S. officials familiar with the matter. The attack on top U.S. operator Colonial Pipeline appears to have been carried out by a criminal group, but federal officials and the private security firm Mandiant are still investigating the matter, one official said.
Although ransomware impacting industrial control systems (ICS) is often IT-focused, ransomware can have disruptive impacts on operational technology (OT) as well.
According to a report from The Intercept, one of the largest law enforcement agencies in the U.S., the Customs And Border Protection, has now found a convenient back door to siphon much of the information from the fortress of your smartphone: your car.
A cyber-criminal gang that took a major US fuel pipeline offline over the weekend has acknowledged the incident in a public statement. "Our goal is to make money and not creating problems for society," DarkSide wrote on its website. The US issued emergency legislation on Sunday after Colonial Pipeline was hit by a ransomware cyber-attack.
Since initially surfacing in August 2020, the creators of DARKSIDE ransomware and their affiliates have launched a global crime spree affecting organizations in more than 15 countries and multiple industry verticals.
Defenders can sabotage double extortion ransomware schemes by detecting unusual file transfer utilities such as Mega and Rclone.
Image: LagartoFilm via Getty Images Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. Do you know anything else about this phishing campaign? We'd love to hear from you.
The NCSC, CISA, FBI and NSA publish advice on detection and mitigation of SVR activity following the attribution of the SolarWinds compromise.
When French insurer AXA signaled last week that it would no longer write new cyber-insurance policies covering extortion payouts to criminals, ransomware and cyber insurance experts had two reactions. They wondered why it took so long, and how long it would take others to follow suit.