It has been 10 years since Project Basecamp, a research project conducted by Digital Bond that investigated how critical operational technology (OT) devices and protocols were, to use the term they coined, “insecure by design.” Since then, we have seen hugely impactful real-world OT malware such as Industroyer, TRITON, Industroyer2 and INCONTROLLER abusing insecure-by-design functionality.

BlackGuard is a fairly new info stealer from the end of January 2022 with a business model of Malware-as-a-Service (MaaS). The malware is sold in underground forums and a dedicated Telegram channel of the operators’ named blackteam007.

The number and frequency of ransomware cyberattacks are growing every year. The European Union Agency for Cybersecurity (ENISA) recorded a 150% increase in 2020 alone and, as of last year, ransomware attacks have become the number one threat. Added to this, the recovery costs and downtime incurred can be up to 10 to 15 times higher than the ransom demanded by cybercriminals.

As companies accumulate and store large amounts of business data in the cloud, data security and governance become a major concern. More than 16,000 companies use Egnyte to manage, secure, and govern their content. These businesses rely on the unified platform to keep their business running smoothly, because data loss due to ransomware attacks or accidental file deletion could have profound impacts on their bottom lines.

Lookout Threat Lab researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders. While we’ve been following this threat for a while using Lookout Endpoint Detection and Response (EDR) these latest samples were detected in April 2022, four months after nation-wide protests against government policies were violently suppressed.

Rubrik was built on a foundation of Zero Trust architecture. The National Institute of Standards and Technology (NIST) is a United States federal agency that works with organizations of all sizes to help them implement cybersecurity best practices.

The volume and frequency of ransomware attacks have increased significantly this past year. In fact, the number of ransomware attacks has nearly doubled in 2021 as compared to 2020. The impact of a breach is multi-fold and stretches well beyond the commonly acknowledged risks of downtime cost, impact on the brand, and the actual ransom paid. This has prompted a paradigm shift in how organizations and system integrators look at their cybersecurity strategy.

In our new threat briefing report, Forescout’s Vedere Labs presents the most detailed public technical analysis of Industroyer2 and INCONTROLLER (also known as PIPEDREAM), the newest examples of ICS-specific malware that were disclosed to the public almost simultaneously, on April 12 and 13. Thankfully, both Industroyer2 and INCONTROLLER were caught before causing physical disruption.

Ransomware is the biggest cyber threat to businesses. First burst onto the scene in 1989, it has evolved significantly over the past few years from widespread attacks to highly targeted ransomware-as-a-service (RaaS) operations affecting organizations of all sizes and sectors. This article takes a look at the evolution of the ransomware ecosystem – what it looks like today, and how it has changed over time.

Sophos Labs recently released its annual global study, State of Ransomware 2022, which covers real-world ransomware experiences in 2021, their financial and operational impact on organizations, as well as the role of cyber insurance in cyber defense. The report, which surveyed 5,600 IT professionals in mid-sized organizations across 31 countries, shows that ransomware attacks are increasing and becoming more sophisticated.