U.S. Department of Homeland Security logo - file image

Report: DHS Fears Russian Cyberattack If US Acts on Ukraine

Dan Gunderman • January 24, 2022

The U.S. Department of Homeland Security is reportedly warning that the U.S. could witness a retaliatory cyberattack at the hands of Russia if it decides to respond to the latter's potential invasion of Ukraine, where 100,000 or more troops have been amassed for weeks.

Blockchain & Cryptocurrency

NSO Group Spyware Reportedly Used by Israeli Police Force

Latest

Application Security

FBI Warns of Cybercriminals Using QR Codes to Steal Funds

Mihir Bagwe • January 24, 2022

The U.S. Federal Bureau of Investigation has issued a warning to consumers about cybercriminals targeting people through maliciously crafted quick response - or QR - codes that direct them to links where their credentials and financial information are siphoned off.

3rd Party Risk Management

Microsoft Finds SolarWinds Vulnerability Amid Log4j Search

Dan Gunderman • January 24, 2022

Microsoft researchers tracking Apache Log4j exploits last week discovered a previously undisclosed vulnerability in SolarWinds' Serv-U software. SolarWinds subsequently responded, investigated and fixed the flaw. Some observers described the new vulnerability as "surprising" and "disturbing."

3rd Party Risk Management

NY Fines Vision Benefits Firm $600,000 for 2020 Breach

Marianne Kolbasuk McGee • January 24, 2022

Vision benefits provider EyeMed has agreed to pay $600,000 and implement a long list of data security improvements as part of a settlement with the New York attorney general's office following a 2020 email breach that affected 2.1 million individuals, including nearly 99,000 New Yorkers.

Cybercrime

Suspected REvil Ransomware Spinoff 'Ransom Cartel' Debuts

Mathew J. Schwartz • January 24, 2022

Has the notorious REvil, aka Sodinokibi, ransomware operation rebooted as "Ransom Cartel"? Security experts say the new group has technical and other crossovers with REvil. But whether the new group is a spinoff of REvil, bought the tools, or is simply copying how they work, remains unclear.

Application Security

Twitter: Head of Security Reportedly Fired; CISO to Leave

Prajeet Nair • January 22, 2022

Twitter has said it is firing Peiter "Mudge" Zatko, the network security expert it hired in November 2020 as head of security. The security team changes - the CISO is also set to depart - follow "an assessment of how the organization was being led," according to a corporate memo shared with The New York Times.

Application Security

Federal Authorities, Patient Safety Experts Warn of Risks

Marianne Kolbasuk McGee • January 21, 2022

Cyberattacks remain a critical security concern - and a top patient safety hazard - for the healthcare and public health sector in 2022, federal authorities and other experts warned this week. Will recent takedowns of ransomware criminal gang members by law enforcement agencies help?

Cybercrime

EU Plans to Build Its Own DNS Infrastructure

Mihir Bagwe • January 21, 2022

The European Union has initiated plans to build its own high-performance and secure DNS resolution infrastructure to reduce reliance on a few public DNS resolvers operated by non-EU entities. The service, named DNS4EU, is to be made available to all EU citizens and organizations.

Application Security

ISMG Editors: Will Ransomware Kill Cyber Insurance?

Anna Delaney • January 21, 2022

In the latest weekly update, four ISMG editors discuss the state of cyber insurance today and why its future is uncertain; applying a security-by-design reliability model to analyze vulnerabilities; and how Russia takes down members of the REvil ransomware group as cyber aggressions in Ukraine rise.

3rd Party Risk Management

From the Trenches: Remediating Widespread Apache Log4j Flaw

Mathew J. Schwartz • January 21, 2022

Although flaws in Apache Log4j software that need remediating remain widespread in organizations, "some of them are aware of the issue, some of them aren't aware of the issue, and likely this issue is going to be persisting with us for many, many years," says Jeff Macko, an offensive security expert at Kroll.

Application Security

Ukraine Cyber Attacks: A Case of Hacktivism?

Anna Delaney • January 21, 2022

The latest edition of the ISMG Security Report features an analysis of whether the cyberattacks that hit Ukraine's government agencies last week are attributable to any group or nation-state along with updates to the cybersecurity executive order and illicit cryptocurrency trends.

Business Continuity Management / Disaster Recovery

Teardown: Fake Ransomware Targeting Ukrainian Government

Mathew J. Schwartz • January 20, 2022

More information continues to emerge about the destructive malware attack that targeted Ukrainian government systems last week. As a probe continues, numerous questions about the incident remain unanswered. But the three-stage wiper attack, disguised as ransomware, apparently hit few systems.

3rd Party Risk Management

Update: 'This Was a Targeted Attack,' Says Red Cross

Mihir Bagwe • January 20, 2022

Data on more than 515,000 "highly vulnerable people" has been compromised as the result of a supply chain cyberattack, the International Committee of the Red Cross has disclosed. The organization's humanitarian activities are already being impacted.