Significant enterprise data compromise could be facilitated by browser-native ransomware attacks, which set sights on users' digital identities and exploit the increasing adoption of cloud-based enterprise storage instead of depending on the execution of malicious files, SiliconAngle reports.Intrusions with browser-native ransomware could involve fraudulent productivity apps seeking access to targets' email accounts, from which malicious actors could enable app password resets via artificial intelligence agents, according to findings from SquareX. Meanwhile, attacks aimed at OneDrive, Google Drive, and other file-sharing services could allow not only the removal of data from the targeted account but also the further compromise of accounts belonging to customers and third-party providers. "While endpoint detection and response and anti-viruses have played an unquestionably vital role in defending against traditional ransomware, the future of ransomware will no longer involve file downloads, making a browser-native solution a necessity to combat browser-native ransomware," said SquareX founder Vivek Ramachandran.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Attacks involving ransomware were discovered by NCC Group to have totaled 600 in March which is 32% lower than in February but 46% higher than the same month last year with the month-to-month decline believed by NCC Head of Threat Intelligence Matt Hull to be a "red herring" after the recent surge in intrusions, Infosecurity Magazine reports.
Major Connecticut-based nonprofit healthcare network Yale New Haven Health has confirmed having data from more than 5.5 million individuals compromised following a network intrusion last month, making the incident the largest health data breach so far this year, The Register reports.
DaVita, a leading U.S. dialysis service provider, was claimed to have been compromised by the Interlock ransomware gang, which alleged the theft of 1.51 TB of data from its systems two weeks ago, reports The Record, a news site by cybersecurity firm Recorded Future.
