Incident Response

Incident Response

‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al

‘Hive’ Russian Ransomware Gang Shut Down by FBI, DoJ, Europol, Bundeskriminalamt, et al

Law enforcement agencies from several countries got together and took down the site. They also worked to decrypt victims’ data ...
Security Boulevard
attacks supply chain supply chain ransomware The Kill Chain Model

Securing Against Supply Chain Attacks

Anyone who has been in IT for the last decade knows the risks posed by ransomware and cyberattacks. They have been on our radar as a top concern for many years. But ...
Security Boulevard
LastPass WithSecure language Expel BEC Delivering Email Post-Data Breach

More Details of LastPass Breach: Hackers Used Stolen Encryption Key

A breach at LastPass is the gift that keeps on giving—or taking, depending on your perspective. LastPass parent company GoTo raised the alarm this week that, in addition to stealing encrypted backups ...
Security Boulevard

5 Essential ITDR Steps CISOs Must Know

Just as the impact of cyberattacks is not confined to the IT department, the role of the CISO has expanded beyond the security team. With organizations and analysts now acknowledging that identity ...
ransomware SaaS Security

New Ransomware Payment Reporting Requirements on Horizon

| | cisa, Compliance, NYDFS, Ransomware
January 9, 2023, was the deadline for financial services companies doing business in New York (including cryptocurrency entities with a Bit license) to comment on new proposed cybersecurity regulations which would mandate, ...
Security Boulevard

Five Incident Response Metrics you Should be Recording

Incident response is a critical aspect of any organization's security operations. A properly functioning incident response process ensures quick and efficient resolution of disruptions. To effectively manage incident response in a security ...
PayPal Visa AI digital payments Security the Price of Convenience in Supply Chain Payments

PayPal Credential Stuffing Attacks Renew Calls for MFA

An internal review confirmed that on December 20, 2022, unauthorized parties could use account holders’ login credentials to access their PayPal accounts. In response to what is being called a credential stuffing ...
Security Boulevard
GAO cyberinsurance Sonrai

CyberInsurance Predictions for 2023

It is difficult to predict with certainty what the top trends in cyberinsurance will be in 2023, as the field is constantly evolving and new developments are emerging all the time. However, ...
Security Boulevard
US No-Fly List Leaked via Airline Dev Server by @_nyancrimew

US No-Fly List Leaked via Airline Dev Server by @_nyancrimew

An unsecured Jenkins server contained secret credentials for more than 40 public-cloud storage buckets. In today’s SB Blogwatch, we say hello to our old friend maia arson crimew ...
Security Boulevard
cybersecurity hygiene Russian Ukraine microsoft Freeze on Phishing

Russia-Linked Attackers Target US Nuclear Research Facilities

It made the headlines in early January; Russia is targeting U.S. nuclear scientists and research facilities. While certainly not a news flash—given that Russia’s (and the USSR’s) history of targeting U.S. nuclear ...
Security Boulevard