Calculating Materiality for SEC Rule 1.05

Feb 9, 2024 12:03:21 PM By Roger Grimes

The U.S. Securities and Exchange Commission (SEC), through a new requirement of Item 1.05 of the 8-K, requires that all regulated companies report significant cybersecurity breaches ...

Cybersecurity Resiliency and Your Board of Directors

Feb 8, 2024 2:41:03 PM By Roger Grimes

Growing cybersecurity threats, especially ransomware attacks, and the Securities and Exchange Commission’s (SEC) recent rules have made having a cybersecurity-aware Board of Directors ...

Unprecedented Rise of Malvertising as a Precursor to Ransomware

Feb 8, 2024 8:00:00 AM By Stu Sjouwerman

Cybercriminals increasingly used malvertising to gain initial access to victims’ networks in 2023, according to Malwarebytes’s latest State of Malware report.

Synthetic Data: The New Frontier in Cyber Extortion

Feb 6, 2024 1:38:57 PM By Martin Kraemer

Organizations are increasingly facing cyber attacks resulting in data breaches, and part of their post-incident responsibilities includes adhering to mandatory reporting requirements.

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

Feb 1, 2024 1:43:29 PM By Stu Sjouwerman

New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it.

Ransomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, Organizations

Jan 31, 2024 1:52:23 PM By Stu Sjouwerman

New data for Q4 of 2023 reveals a sizable shift in the cyber threat landscape, with serious implications regarding ransomware and social engineering attacks targeting both the largest and ...

The Percentage of Organizations Globally Struck by Ransomware Hits an All-Time High

Jan 30, 2024 1:52:43 PM By Stu Sjouwerman

Check Point’s review of ransomware shows that the percent of organizations worldwide hit by this greatest of cyberthreats rose by a whopping 33% in 2023.

The Number of Ransomware Attack Victims Surge in 2023 to over 4000

Jan 25, 2024 12:43:48 PM By Stu Sjouwerman

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend ...

New Evasive Phishing Technique “Legacy URL Reputation Evasion" (LURE)

Jan 25, 2024 8:59:50 AM By Stu Sjouwerman

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months.

Social Engineering Attacks Rising in the Trucking Industry

Jan 25, 2024 8:59:28 AM By Stu Sjouwerman

Spear phishing and voice phishing (vishing) are on the rise in the trucking industry, according to a new report from the National Motor Freight Traffic Association (NMFTA).

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

Jan 18, 2024 2:32:22 PM By Stu Sjouwerman

A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of ...

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Jan 18, 2024 8:38:31 AM By Stu Sjouwerman

Rather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s ...

Pikabot Malware Spreading Through Phishing Campaigns

Jan 10, 2024 2:52:40 PM By Stu Sjouwerman

Researchers at Trend Micro warn that a threat actor known as “Water Curupira” is distributing the Pikabot malware loader via widespread phishing campaigns.

FBI Releases Blackcat Ransomware Decryption Tool to Victims, Disrupting Attacks

Jan 8, 2024 12:45:41 PM By Stu Sjouwerman

For the first time ever, the U.S. Justice Department announced the existence of an FBI-developed decryption tool that has been used to save hundreds of victim organizations attacked by ...

Black Basta Ransomware Decryptor Released to Help Some Victims

Jan 5, 2024 1:19:14 PM By Stu Sjouwerman

A flaw found by security researchers in the encryption software allows victim organizations to use “Black Basta Buster” to recover some of their data – but there’s a catch.

Lockbit 3.0 Ransomware Disrupts Emergency Care at Multiple German Hospitals

Jan 3, 2024 10:57:52 AM By Stu Sjouwerman

Hitting three hospitals within a Germany-based hospital network, the extent of the damage in this confirmed ransomware attack remains undetermined but has stopped parts of operations.

SC Mag: "Attacks on critical infrastructure are harbingers of war: Are we prepared?"

Dec 22, 2023 10:42:30 AM By Stu Sjouwerman

I just found a great post by Morgan Wright, chief security advisor of SentinelOne. Here is a quick summary and a link to the full article is at the bottom. The recent attacks on water ...

New York Unit of Worlds Largest Bank Becomes Ransomware Victim

Dec 6, 2023 2:23:26 PM By Stu Sjouwerman

The ransomware attack on ICBC Financial Services caused disruption of trading of U.S. Treasuries and marked a new level of breach that could have massive repercussions.

The Alarming Threat of Ransomware: Insights from the Secureworks State of the Threat Report 2023

Dec 6, 2023 2:23:19 PM By Stu Sjouwerman

In the ever-evolving landscape of cybersecurity, the battle against ransomware has taken a concerning turn. According to the latest findings from Secureworks annual State of the Threat ...

New SEC Rules Will Do More Than Result in Quick Breach Reporting

Dec 5, 2023 5:12:47 PM By Roger Grimes

On July 26, the U.S. Security & Exchange Commission (SEC) announced several new cybersecurity rules, taking affect mid-December 2023, that will significantly impact all U.S. ...

Security Awareness Training Blog

Ransomware Blog

View Topics