Security Bulletin

SiliconAngle reports that third-party compromise accounted for 36% of all data breaches last year, which may still be undervalued due to inadequate reporting and improper classification, highlighting the escalation in vendor-driven attacks.

Massachusetts-based tech firm MORSE Corp, a U.S. defense contractor, has agreed to a $4.6 million settlement to resolve a lawsuit alleging its nonadherence to military contract cybersecurity requirements and submission of false claims for payment...

Widely used cloud-based streaming tools platform StreamElements has disclosed having been impacted by a data breach involving a former third-party service provider.

Major U.S. cable operator and internet service provider WideOpenWest had its servers claimed to have been completely compromised by the newly emergent Arkana Security ransomware operation, reports Cybernews.

Hyper-V virtual machines have been targeted by Russian cyberespionage group RedCurl with its new QWCrypt ransomware, marking the operation's initial foray into ransomware, BleepingComputer reports.

BlackLock ransomware gang dismantled Operations of the BlackLock ransomware-as-a-service gang which was poised to be among the most prolific RaaS groups this year despite only emerging last March have been disrupted by Resecurity researchers after...

Organizations in the U.S., Mexico, and Honduras have been targeted in new attacks by the Chinese state-sponsored advanced persistent threat operation FamousSparrow, which was believed to have gone on a hiatus over the last three years, according to...

Reuters reports that teen Department of Government Efficiency staffer Edward Coristine was discovered to have operated network services firm DiamondCDN, which worked with the EGodly cybercrime ring.

Military strike plans of the U.S. against Houthi rebels in Yemen were discussed over the Signal messaging app and exposed by The Atlantic after the inadvertent inclusion of its editor-in-chief in the chat.

Attackers aren't just spending more time targeting the cloud — they're ruthlessly stealing more sensitive data and accessing more critical systems than ever before.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Ransomware isn't going anywhere. In fact, it's growing, despite the mountains of money spent to stop it. Here's how to corral ransomware by taking simple, effective steps instead.