The state government of Maine has announced a major cybersecurity incident, which may have exposed the personally identifiable information (PII) of nearly all of the state’s residents. “On May 31, 2023, the State of Maine became aware of a software...

Imagine that you’re sitting at your work computer when you receive an email:“Hey, it’s Bill — I’m the new guy in IT. I need your password so that I can set you up on the new sales system.”  You...

The terms ransomware and social engineering are sometimes used interchangeably, particularly in news articles about major ransomware attacks.  The confusion is understandable: Many bad actors use social engineering techniques to distribute malicious software. However, social engineering is an attack vector,...

Remote monitoring and management (RMM) software plays an essential role in many IT departments. With appropriate controls, an RMM solution enables teams to proactively monitor their systems, resolve issues, and handle other tasks — but RMMs can also introduce significant...

MGM Resorts International was allegedly victimized by a ransomware-as-a-service (RaaS) group on September 11, 2023, leading to the temporary shutdown of operations at numerous hotels and resorts. pic.twitter.com/nxIweGInsB — MGM Resorts (@MGMResortsIntl) September 11, 2023“MGM Resorts recently identified a...

The Cuba ransomware Group, also known as Fidel, has modified their malware variant to exploit a vulnerability in Microsoft’s Windows Hardware Developer Program.  Contrary to its name, the Cuba group is believed to be based in Russia. For the past...

On Tuesday, August 8th, 2023, the White House held a cybersecurity summit to address a recent wave of ransomware attacks targeting U.S. schools.  According to The Hill, at least 48 school districts have been victimized by ransomware attacks in...

To address a ransomware attack, it’s vital to identify the attack vector. That’s not always easy: Ransomware groups may go to great lengths to hide their methods, particularly during targeted attacks.  However, the vast majority of incidents can be traced...

Ransomware works by encrypting key files and databases, preventing organizations from accessing them — but lost data is not the only potential result of a ransomware infection. Many ransomware groups are now selling stolen data online using the dark web...

Fortinet FortiGuard Labs has identified a new piece of ransomware that encrypts files while presenting fake Microsoft Windows updates and Word installers. The ransomware, nicknamed “Big Head,” is likely distributed via phishing. Victims are tricked into downloading an update for...