U.S. Department of State’s $10M Bounty on Conti Ransomware

The U.S. Department of State announced last week that it is offering a $10,000,000 bounty for information on the identification or location of five highly ranked members of Wizard Spider, the Conti ransomware syndicate. Since the emergence of Conti in [...]

U.S. Department of State’s $10M Bounty on Conti Ransomware2022-09-09T20:47:31-07:00

The EPA Adds Cybersecurity Rules for Water Sector

As cyber attacks continue suppressing critical infrastructure sectors like water and wastewater systems, implementing proper cybersecurity practices is becoming more vital in protecting against highly disruptive cybersecurity incidents. According to the Environmental Protection Agency (EPA), these threats on process control [...]

The EPA Adds Cybersecurity Rules for Water Sector2022-09-02T17:48:19-07:00

Windows 11’s New Update Defends Against Compromised Credentials

Passwords protect our identity in the digital space, allowing for safe and secure interactions. Despite the strength and efficacy of any given sophisticated password, private data is at risk when credentials are compromised. To combat these online attacks, Microsoft is [...]

Windows 11’s New Update Defends Against Compromised Credentials2022-08-26T22:56:08-07:00

AstraLocker 2.0 Ransomware is a Smash & Grab Variant

A version of AstraLocker, AstraLocker 2.0 ransomware, has just been released. This updated version is what some threat analysts call a rapid attack, or smash-and-grab style of ransomware. The AstraLocker 2.0 developers use Microsoft Word attachments in emails to distribute [...]

AstraLocker 2.0 Ransomware is a Smash & Grab Variant2022-07-01T17:33:08-07:00

LAPSUS$: The New Extortion Group Causing a Scene

A new threat actor group is behind an infamous wave of attacks impacting companies like Microsoft, Nvidia, Okta, and most recently Globant, among others. LAPSUS$, tracked as DEV-0537 by Microsoft, is relatively less sophisticated than other hacking and extortion groups [...]

LAPSUS$: The New Extortion Group Causing a Scene2022-04-08T17:40:39-07:00

Cybersecurity Transformations Since the Russia/Ukraine Conflict

In the past few days since the Russia/Ukraine conflict, there have been some changes in the cybersecurity landscape. Below are some of my personal observations from our Ransomware Recovery business unit. I am curious if other incident response professionals, ransomware [...]

Cybersecurity Transformations Since the Russia/Ukraine Conflict2022-03-04T12:27:57-08:00

Ransomware Attacks Trending Towards Mid-Sized Targets

Last year, there was considerable evolution in terms of ransomware trends and techniques. In the US, and abroad, we saw many high-impact attacks being carried out against critical infrastructure entities. These highly disruptive and highly publicized attacks brought increased pressure [...]

Ransomware Attacks Trending Towards Mid-Sized Targets2022-04-08T17:42:12-07:00

Ransomware Attack: Should I Contact the FBI and Law Enforcement?

If your company was hit with ransomware, you might be wondering if you should contact the FBI after a ransomware attack, or other law enforcement. The quick answer is mostly yes, but with important caveats to consider. Because of the [...]

Ransomware Attack: Should I Contact the FBI and Law Enforcement?2022-02-27T23:49:27-08:00

What to Expect from Your Cyber Breach Insurance Policy

The last two years have been a bloodshed for cyber breach insurers. From 2016 through 2019, the payouts on each dollar of cyber breach insurance billed ranged from $0.43 to $0.48. In other words, loss ratios were 43% to 48%. [...]

What to Expect from Your Cyber Breach Insurance Policy2022-04-08T17:42:23-07:00

Yes, You Need Cyber Breach Insurance!

Is Your Business More Likely to Burn Down, or Get Hit with a Cyber Attack? What is most likely to happen to your business in the next two years? Will it burn down, or will you experience a cyber [...]

Yes, You Need Cyber Breach Insurance!2022-02-27T23:53:59-08:00