As ransomware continues to be the scourge of enterprise security teams, Cisco’s Talos security intelligence group recently analyzed ransomware groups to identify common techniques and offer recommendations to help security team better protect their businesses. Cisco Talos reviewed 14 prominent ransomware groups between 2023 and 2024 and studied volume of attacks, impact on customers, and…

The number of persons affected by a recent data breach at Evolve Bank & Trust exceeds 7.64 million, a document submitted to the Office of the Maine Attorney General this week by the law firm representing the financial services organization reveals. According to the document, the breach occurred on February 9, but was not discovered…

The Justice Department has announced the seizure of two domain names as well as nearly 1,000 social media accounts used by Russian actors to create and spread disinformation in the United States. US agencies including the FBI and Cyber National Mission Force (CNMF), alongside agencies in Canada and the Netherlands, released a joint advisory detailing…

Once again, cyberattackers are targeting JavaScript developers — this time in a “complex and persistent supply chain attack” that’s distributing Trojanized packages for the popular JavaScript library jQuery across GitHub, Node Package Manager (npm), and jsDelivr repositories. Each package contains a copy of jQuery with one small difference: the end function, a part of the…

With new leadership, key acquisitions, and a platform-based vision, Cisco is betting big on security. Cisco’s dominance in networking and telecommunications products and services is well established, but its role in cybersecurity is less cemented. It has provided security software and network security appliances for some time, and it’s one of the dominant players in…

The United States cyber defense agency is creating a new framework to answer a critical question in cybersecurity: How can the trustworthiness of open-source security projects be accurately measured and transparently communicated? The Cybersecurity and Infrastructure Security Agency is in the second phase of its open-source software security road map, according to a Monday blog…

Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024, the researchers detected a suspicious ELF file at /usr/bin/geomi that was uploaded from Russia to VirusTotal. The file was packed with a modified UPX and had a unique magic number, 0x30219101,…

The mad dash to the cloud a few years back left many organizations scrambling to understand the true implications of this technological shift. Fueled by promises of scalability and cost savings, many companies jumped on board without fully comprehending key details. For example, many were asking how secure their data was in the cloud, who…