An unidentified hacker has taken over REvil's data leak website and payment portal, reportedly forcing the notorious ransomware group to terminate its operations yet again. In the wake of REvil's Kaseya attack, their operations had gone offline over the summer, but the group resurfaced online in September.
Cybersecurity training should lean more heavily on explaining the human element, Eszter Oroszi writes. Employees "know the threats of the human factor and how they can become a victim, but they often have a false sense of security and think that technological and physical security countermeasures are enough for defense," Oroszi points out.
Companies are addressing the shortage of cybersecurity professionals by outsourcing the work, reports NewtonX, which surveyed more than 100 decision-makers. "A surprisingly large percentage—56%—of organizations are addressing the hiring crunch by subcontracting at least some portion of their cybersecurity teams, most often to managed service providers," says Sascha Eder, NewtonX's CEO.
Nearly 7 in 10 executives surveyed expect to increase their cybersecurity budgets in 2022, per the new "2022 Global Digital Trust Insights" from PwC. But the reading, from more than 3,600 security, business and tech professionals, is that many feel their dollars haven't always been spent wisely, so this article includes tips.
Maintaining proper security is "impossible for humans" because of the complexities involved, says Max Heinemeyer, Darktrace's director of threat hunting. Artificial intelligence is needed to give "the human team time to then come in with incident response to uncover the root cause," Heinemeyer notes.
The US is trying to enhance cybersecurity training by using the framework of esports and will send a team of 25 to the first International Cybersecurity Challenge, to be held in Greece in June. The participants range in age from 18 to 26 and will be competing for the National Initiative for Cybersecurity Education, a US National Institute of Standards and Technology program.
Login credentials for more than 200,000 users of 3D printing platform Thingiverse reportedly have turned up for sale on the dark web. Bennie Sham of MakerBot, the parent company of Thingiverse, calls the incident "an internal human error that led to the exposure of some non-sensitive user data for a handful of Thingiverse users."
Not all data scientists work for data enterprises, because it's possible to hire freelancers, Nisha Shagal notes. In this commentary, Shagal notes the 650% growth in the profession since 2012 and projections that 11.5 million more jobs will be available by 2026.
A novel ransomware family called BlackByte has been uncovered by Trustwave researchers, who note that the code is "clumsy." BlackByte taps a symmetric key for encryption via a public server, which permitted the researchers to develop a decryptor to assist the campaign's targets.
Larger, more complex datasets require an upgrade from legacy artificial intelligence tools for e-discovery, writes Sarah Moran of consultancy Lighthouse. In this commentary, Moran argues that "fear and hesitancy can be overcome with education, transparency and support from legal technology companies."
- Page 1