Historically, common detection methods have used file hashes (MD5, SHA1, and SHA256)—unique signatures based on the entire contents of the file—to identify malware. Modern threat actors have increased in sophistication to a point where every instance of a given malware will have a different hash, and that hash will vary from machine to machine.

Ransomware has been a growing threat in recent years, and experts now estimate the cost of these attacks at $7.5 billion in the USA alone in 2019. The affected institutions include 966 government agencies, educational establishments, and healthcare providers. Since most ransomware attacks stem from a small mistake made by one end user, either through phishing emails or stolen credentials, the threat is only expected to increase in the years to come.

Researchers at TrapX Security recently discovered three of the world's largest manufacturers with IoT devices running Windows 7 infected with malware in an alleged supply chain attack. The company identified a cryptocurrency miner on numerous IoT devices, including automatic guided vehicles, a smart TV and a printer. All of these attacks are said to be a part of the same campaign.

Malware closed out 2019 on a strong note. According to AV-TEST, malware authors’ efforts throughout the year helped push the total number of known malware above one billion samples. This development wouldn’t have been possible without the vigor exhibited by malware authors in the fall of 2019. Indeed, after detecting 8.5 million new samples in June and 9.56 million specimens the following month, AV-TEST saw the monthly totals jump up above 13 million in August.

The National Institute of Standards and Technology (NIST) recently released a set of new guidelines to help organizations better protect the confidentiality, integrity and availability of data. The first guide is on data integrity and protection is a guide to help organizations identify and protect IT assets from data integrity attacks, including ransomware.

Email security refers to various cybersecurity measures to secure the access and content of an email account or service. Proper email security can protect sensitive information in email communications, prevent phishing attacks, spear phishing and email spoofing and protect against unauthorized access, loss or compromise of one or more email addresses.

A US government contractor is the latest victim to be taken down by a ransomware attack. Electronic Warfare Associates (EWA) have the Department of Defense, Department of Homeland Security and the Department of Justice listed among clients that they serve, describing the company as a veteran-owned business with a track record dating back over the last four decade.

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since. A report published by Comparitech, based upon Freedom of Information requests, reveals the somewhat surprising news that since WannaCry there have only been six recorded ransomware attacks against the NHS.

As we enter a new year and a new decade, 2020 will be a critical year for businesses and governments around the globe as they deal with a more complex and evolving cyber threat landscape. NNT’s cybersecurity evangelists, CEO Mark Kerrison and CTO Mark Kedgley, have investigated the current state of the industry and identified key cybersecurity predictions and recommendations to help you improve your cybersecurity defenses in 2020.

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better. In Q4 of 2019, according to the new study published by security firm Coveware, the average ransom payment more than doubled – reaching $84,116, up from $41,198 in Q3 of 2019.