433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Ransomware ecosystem becoming more diverse for 2023

The ransomware ecosystem has changed significantly in 2022, with attackers shifting from large groups that dominated the landscape toward smaller ransomware-as-a-service (RaaS) operations in search of more flexibility and drawing less attention from law enforcement. This democratization of ransomware is bad news for organizations because it also brought in a diversification of tactics, techniques, and procedures (TTPs), more indicators of compromise (IOCs) to track, and potentially more hurdles to jump through when trying to negotiate or pay ransoms. “We can likely date the accelerated landscape changes back to at least mid-2021, when the Colonial Pipeline DarkSide ransomware attack and subsequent law enforcement takedown of REvil led to the dispersal of several ransomware partnerships,” researchers from Cisco’s Talos group said in their annual report. “Fast forward to this year, when the ransomware scene seems as dynamic as ever, with various groups adapting to increased disruptive efforts by law enforcement and private industry, infighting and insider threats, and a competitive market that has developers and operators shifting their affiliation continuously in search of the most lucrative ransomware operation.” To read this article in full, please click here
http://news.poseidon-us.com/SgFpD3

Getting data loss prevention right

When a CISO takes the wrong approach to data loss prevention (DLP), it can quickly compound into a triple loss. First, they lose their organization’s money by investing in an ineffective solution that meets required regulations but does little else. Second, they lose considerably more money when their data is breached. Third, they can lose their jobs. This predictable chain of events is probably not news for my fellow CISOs. Other professionals may be surprised … More → The post Getting data loss prevention right appeared first on Help Net Security.
http://news.poseidon-us.com/SgFNv0

Ransomware: The security debt collector

High-profile ransomware news stories grabbed headlines a few years ago but faded in popularity as other attacks like cryptojacking grew more profitable. Since the first months of 2020, ransomware attacks have been on the rise and are in the news again. In this presentation, Dave Lewis, Global Advisory CISO at Cisco, talks about the historical rise and fall (and rise) of ransomware from floppy disks to RaaS (ransomware as a service), why it’s seen a … More → The post Ransomware: The security debt collector appeared first on Help Net Security.
http://news.poseidon-us.com/SgFNtx

Attackers never let a critical vulnerability go to waste

GreyNoise Intelligence unveiled its research report that dives deep into the most significant threat detection events of the past 12 months. “When it comes to cybersecurity, not all vulnerabilities are created equal, and many of the ones that garner media attention actually turn out to be insignificant,” said Bob Rudis, VP Research & Data Science, GreyNoise Intelligence. GreyNoise added over 230 new detection tags in 2022, representing an increase of approximately 38% from 2021. For … More → The post Attackers never let a critical vulnerability go to waste appeared first on Help Net Security.
http://news.poseidon-us.com/SgFNs1

FLRA proposes reinstating limited timeframe when feds can cancel union dues payments

The Federal Labor Relations Authority looks to revise or remove a 2020 policy that made it easier for federal employees to cancel union dues payments.
http://news.poseidon-us.com/Sg9932

Former GSA executive discusses “value based leadership”

Mary Davie, deputy associate administrator for the Mission Support Directorate at NASA, joins host Aileen Black on this week’s Leaders and Legends to discuss the importance of value based leadership.
http://news.poseidon-us.com/Sg8JS2