Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Anyone who has watched the Lockpicking Lawyer realizes that certain locks promoted as the latest-and-greatest aren’t necessarily the most reliable devices for securing physical assets. Like many other security professionals, he seeks to educate consumers and manufacturers on defects in devices and how to improve their security. It reminds me of a quote by Deviant Ollam (security auditor and penetration testing consultant): "Security is achieved through openness.

Lampion is a banking trojan with a particular predisposition to targeting Portuguese-speaking users (and exploiting cloud services). First documented in December 2019, the malware has gone through multiple releases, characterized by a number of different mechanisms to deliver the initial VBS (Visual Basic Script Loader). All the different variants have an element in common, the malware is distributed abusing legitimate cloud services throughout different stages of the attack chain.

Throughout the first half of 2022, Vedere Labs published analyses of prominent ransomware families, such as Conti, Night Sky and ALPHV. We also examined well-known ransomware incidents such as the attacks on the NFL’s SF 49ers by the BlackByte group; on a UK water utility, where the Clop gang managed to access their SCADA system; and on an NHSsoftware provider, where an unknown group managed to disrupt healthcare services in the UK for weeks.

In our companion blog post, Vedere Labs analyzed the main ransomware trends we observed in the first half of 2022, including state-sponsored ransomware, new mainstream targets and evolving extortion techniques. Ransomware is the main threat targeting most organizations nowadays. However, three other notable cyberthreat trends also evolved during this period: Below we analyze each of these trends in more detail.

Modern organizations are built on data. It enables collaboration and helps us engage with customers. But that same helpful data is also sprawled across countless apps, making it difficult to secure. Ransomware attacks are on the rise — 57% of security leaders expect ransomware to compromise their organization within the next year — which makes data protection more essential than ever.

A ransomware gang that has been increasingly disproportionately targeting the education sector is the subject of a joint warning issued by the FBI, CISA, and MS-ISAC. The Vice Society ransomware group has been breaking into schools and colleges, exfiltrating sensitive data, and demanding ransom payments. The threat? If the extortionists aren’t paid, you may not be able to unlock your encrypted files, and the attackers may leak the information they have stolen from your servers online.

It is hard to believe, but ransomware is more than three decades old. While many would think that the ransomware mayhem started with the WannaCry attack of 2017, that is simply the most publicized example. Since then, dozens of ransomware strains have been utilized in a variety of cyberattacks.

Chris Krebs, former Director of the Cybersecurity and Infrastructure Security Administration (CISA) and the new Chair of Rubrik’s CISO Advisory Board, joined us at FORWARD to discuss ransomware, cyber resilience, and all things data security with co-founder and CTO, Arvind (Nitro) Nithrakashyap. His vast experience working with executives, government officials, and IT experts across the country has given him a unique insight into cybersecurity, which he shared, only at FORWARD.