What is the BlackLock ransomware? BlackLock is a relatively new ransomware group. First seen in March 2024, the ransomware operation initially operated under the name El Dorado, before rebranding as BlackLock late last year. BlackLock follows a RaaS (ransomware-as-a-service) business model, leasing its tools and infrastructure to affiliates who launch attacks, sharing a proportion of the proceeds with BlackLock. And I guess they do the normal thing of encrypting your data and demanding a ransom? Yes, like many other ransomware groups, BlackLock both encrypts victims' files and exfiltrates data ..read more

Protecting sensitive patient information is more critical than ever. With technologies evolving at a breakneck pace and the number of cyber threats targeting healthcare entities in the United States skyrocketing, healthcare organizations must have robust policies and guardrails in place to ensure patients' confidential information doesn't fall into the wrong hands. One of the essential frameworks for ensuring data security and privacy is the Centers for Medicare & Medicaid Services Acceptable Risk Safeguards (CMS ARS). Released in January 2022, the CMS ARS provides a standardized approach ..read more

Introduction In a report published by Statista, cybercrime cost the world over $9 trillion in 2024 and is predicted to rise to nearly $14 trillion by 2028. These figures are a deep source of worry for governments and private businesses about what’s next in the cyber threat landscape. The problem is that cyber threats are rising in both volume and scale. More so, the major threats are directed at emerging technologies, aiming to capitalize on weaknesses in emerging AI and ML systems. Cyber threats increasingly play a role in international conflicts, such as the recent reports of the “salt ..read more

About one in three organizations that leverage cloud service providers (CSPs) use Amazon Web Services (AWS), according to November 2024 research from Synergy Research Group. This means two things. One is that when attackers are looking to get the most out of a single exploit, they will likely craft them to target AWS systems. And two, that AWS data security best practices are a timely topic for a wide range of today's organizations. AWS Data Security Threats Unsecured S3 buckets Organizations oftentimes overlook infrastructure-as-a-service (IaaS) systems like AWS, leading to undiscovered ..read more

Most countries have some sort of government agency dedicated to protecting digital infrastructure and promoting cybersecurity awareness. In the English-speaking world alone, the UK has the National Cyber Security Center (NCSC), the US has the National Institute of Standards and Technology ( NIST), and Canada has the Canadian Centre for Cyber Security; chances are you’re already aware of them. However, cybersecurity knows no borders. Expanding our knowledge beyond the anglosphere is crucial to working effectively in the modern world. With this in mind, let’s look at one of the most important ..read more

If your website is targeting multiple states or countries, by default, you face a double-pronged challenge: adapting to regional regulatory demands while defending against sophisticated cyber threats. Tackling this requires localization. But what does the term actually entail? Localization isn’t just about tailoring products, services, and infrastructure to meet local market requirements; it has emerged as a critical tool for compliance and cybersecurity threat mitigation. Strategic localization can address supply chain vulnerabilities, enhance regional threat intelligence, and foster ..read more

Critical infrastructure organizations bear an enormous responsibility. The assets, systems, and networks they manage are crucial to the functioning of a healthy society. They provide water, energy, transportation, healthcare, telecommunications, and more—should they fail, they would bring entire countries to their knees. The vast importance of Critical National Infrastructure (CNI) makes it a prime target for cybercriminals. Research from early this year even found that global critical infrastructure suffered 13 cyberattacks every second in 2023. And things are only likely to get worse: the ..read more

The Medusa ransomware gang continues to present a major threat to the critical infrastructure sector, according to a newly-released joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). As of February 2025, the Medusa ransomware operation, which we have previously detailed on the Tripwire State of Security blog, had hit over 300 organisations from a variety of critical infrastructure sectors with affected industries including education, health, legal, insurance, technology, and manufacturing ..read more

6G could be available by the end of the decade, which should decrease latency and connectivity speeds for users. However, these wireless networks present new cybersecurity challenges. What should industry professionals prepare for? What Is 6G? 6G will be the sixth generation of wireless technology once it arrives. Experts say it could debut by 2030, though companies started 5G-Advanced integration in 2024. Terahertz (THz) frequencies will be a key part of 6G, as it can quickly transmit data and reduce latency. This band is more powerful because it incorporates unused frequency bands ..read more

Technology is evolving at a startling pace, perhaps faster than ever before. Businesses are scrambling to reap the rewards of these technologies, especially AI. But do they recognize the cybersecurity risks associated with these changes? The World Economic Forum’s latest Global Risks Report suggests not. Digital Era, Digital Threats We are truly living in the digital age. This brings many benefits. We’re more connected, efficient, and informed than at any time in history. But it also brings massive risks. According to the WEF, three of the top ten global risks are now technological in nature ..read more