Ransomware Reality Shock: 92% Who Pay Don’t Get Their Data Back
www.forbes.com/sites/daveywinder/2021/05/02/ransomware-reality-shock-92-who-pay-dont-get-their-data-back/ According to the Sophos State of Ransomware 2021 report, the number of organizations deciding to pay a ransom has risen to 32% in 2021 compared to 26% last year. That same global survey discovered that only 8% of them got all their data back despite doing so. Nearly a third, 29%, couldn’t recover more than half the encrypted data. The Sophos research suggests that average ransomware recovery costs are now $1.85 million compared to $761,106 a year ago. Sophos found the average paid to be $170,404.
Swiss Cloud becomes the latest web hosting provider to suffer a ransomware attack
therecord.media/swiss-cloud-becomes-the-latest-web-hosting-provider-to-suffer-a-ransomware-attack/ While the incident did not impact the company’s entire server infrastructure spread among different data centers across Switzerland the disruption has impacted server availability for more than 6500 customers.
Lazarus Group Recruitment: Threat Hunters vs Head Hunters
www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/lazarus-recruitment/ This article describes a previously unknown attack by the APT group, reveals the Lazarus Group’s TTPs that allowed attackers to obtain partial control over a pharmaceutical company’s infrastructure in just four days, as well as the tools used by the attackers for preliminary compromise, network reconnaissance, and gaining persistence in the infrastructure of the targeted company.
DigitalOcean admits data breach exposed customers’ billing details
hotforsecurity.bitdefender.com/blog/digitalocean-admits-data-breach-exposed-customers-billing-details-25754.html DigitalOcean explained that an unauthorised party had managed to exploit the flaw to gain access to billing information between April 9 and April 22, 2021. The company underlined that it does not store users’ fill payment card numbers and so they were not exposed. In addition, DigitalOcean says that it has fixed the flaw that the hacker exploited, and informed data protection authorities about the breach.