Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

It's no surprise if you have heard about LockBit. It is the world's most active ransomware group - responsible for an estimated 40% of all ransomware infections worldwide. I guess LockBit does the usual bad stuff - encrypt your data, steal your files, dump a ransom note on your PC... Yes.

Ransomware has gone global. While 2022 saw a reprieve in the sheer number of ransomware attacks (the attack rate dropped at the same time as the war between Russia and Ukraine began), it also saw the rise of ransomware-as-a-service, the proliferation of attacks of major organizations, and attacks that stretched across time zones and borders. In 2022, nine of our top 20 breaches involved ransomware (45%), affecting millions of individuals and their private data. That is up 15% over 2021.

PyPI packages use Cloudflare tunnels to bypass firewalls, new Raspberry Robin malware variant targets financial institutions in Portugal and Spain, and IcedID malware strikes again.

Recovery Time Objectives (RTOs) are on everyone’s mind. It bears repeating, one of the most fundamental ways to reduce recovery time from a ransomware or cybersecurity attack is being well prepared and ready to take actions quickly and effectively. This is one of the many variables firmly within a customer’s control and key to a faster and more efficient recovery process. A ransomware attack can be one of the most stressful events an organization and its employees will encounter.

It's incredibly important that you learn the latest cybersecurity threats that can threaten a business in 2023. Learn them here.

Malware is short for "malicious software" and refers to any software program that is designed to harm or exploit a computer or device. And unfortunately, malware is all over the internet, with 560,000 new pieces of malicious software detected every day. It can come from many potential sources, including: It’s vital for organizations to understand the risks malware poses and take effective measures to stop potential threats.

Our research team here at Mend has identified a new kind of malicious code that attackers can use to exploit genuine concerns about security and licenses. The code in the case below is used to prevent people from using unlicensed software, specifically by removing the code if it detects that the software is not licensed during the deployment stage. The code is tricky to understand and uses a web request to check if the software is being used legally.

Ransomware is an alarming cyberthreat that’s been evolving over the decades. According to Statista, there were a total of 236.1 million ransomware attacks worldwide during the first half of 2022. When organizations do not pay attention to their company’s cybersecurity structure, attackers instigate ransomware attacks by encrypting confidential files and folders, and ultimately demanding ransom. The ransom varies according to the type of ransomware variants.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. With the explosive growth of technology, businesses are more vulnerable than ever to malicious cyber attacks. And as cybercriminals become more sophisticated, new methods of attack are popping up left and right.