Source: Gonjeshke Darande's Twitter account

Iranian Steelmaker Halts Production Following Cyberattack

Mihir Bagwe • June 27, 2022

Hacking group Gonjeshke Darande, or Predatory Sparrow in Persian, is claiming responsibility for hacking Iranian manufacturer Khouzestan Steel Company. The company shut down operations, but semiofficial Mehr News Agency reports that the factory is expected to return to normal by the end of today.

Cyberwarfare / Nation-State Attacks

US Government and Allies Disrupt Massive Russian Botnet

Latest

Business Continuity Management / Disaster Recovery

Mitigating the Impact of Ransomware With Data Science

Anna Delaney • June 27, 2022

Unlocking the data generated by ransomware attacks is helping organizations better understand the risks, adopt defensive technologies and prepare for future attacks, says Wade Baker, partner at Cyentia Institute. He discusses new data on how quickly organizations are remediating vulnerabilities.

Network Detection & Response

IronNet Lays Off 17% of Staff 10 Months After Going Public

Michael Novinson • June 27, 2022

IronNet is laying off 17% of its employees in a cost-cutting effort just 10 months after going public by merging with a special purpose acquisition company. The 55 layoffs will occur by the end of June and the company will spend the $1 million allocated for severance and other termination benefits.

Business Continuity Management / Disaster Recovery

ISMG Editors: When an Insider Threat Costs Millions

Anna Delaney • June 27, 2022

Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.

Access Management

Latest Blow Falls on the 'Scourge of Passwords'

Jeremy Grant • June 27, 2022

Tired of keeping track of passwords? Recent announcements by major platform vendors Google, Apple and Microsoft could have passwords down for the count in the next six years, says Andrew Shikiar, executive director of the FIDO Alliance, which has been on a 10-year mission to eliminate passwords.

Cybercrime as-a-service

Ransomware-as-a-Service Gang LockBit Has Bug Bounty Program

Prajeet Nair • June 27, 2022

Ransomware-as-a-service gang LockBit has set up a bug bounty program for its malware and for exploitable vulnerabilities it could use to further criminal activities. Whether the program will go as planned is an open question. The gang is offering $1,000 to $1 million in remuneration.

3rd Party Risk Management

Malware Breach Affects 1.2 Million Medical Center Patients

Marianne Kolbasuk McGee • June 27, 2022

A malware incident involving exfiltration of data has affected more than 1.24 million patients of Texas-based Baptist Medical Center and Resolute Health Hospital. It adds to a growing list of major health data breaches reported to regulators in recent weeks as affecting millions of individuals.

Cryptocurrency Fraud

Horizon Offers $1M Bounty to Hackers Who Stole $100M

Rashmi Ramesh • June 27, 2022

Blockchain company Harmony has offered a $1 million bounty to hackers who stole $100 million worth of Ethereum tokens. It says it won’t push for criminal charges if the funds are returned. The exploit did not affect the trustless Bitcoin - BTC - bridge, the company says in its tweet thread.

Fraud Management & Cybercrime

Ransomware Gang Uses Log4Shell

Prajeet Nair • June 24, 2022

Ransomware group AvosLocker made use of unpatched VMWare Horizon applications to hack into an unidentified organization’s systems, says analysis from Cisco Talos. The race between systems administrators working to patch the Log4j vulnerability and hackers trying to exploit it is ongoing.

Cybercrime

After Conti Ransomware Brand Retires, Spinoffs Carry On

Mathew J. Schwartz • June 24, 2022

The Conti ransomware group officially pulled the plug on its operation in May. But experts say the group's activities have continued in the form of numerous already-launched subsidiaries or spinoffs, which appear to include Alphv/BlackCat, AvosLocker, Black Basta and HelloKitty, among others.

Business Continuity Management / Disaster Recovery

'When, Not If': Crafting Cyber Resilience Plans That Work

Mathew J. Schwartz • June 24, 2022

To excel at cybersecurity incident response, start with planning, preparation and, ideally, regular tabletop exercises, say Kevin Li, CISO for MUFG Securities Americas, and Rocco Grillo, managing director of Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice.

3rd Party Risk Management

Lawsuits in Wake of MCG Health Data Breach Start Piling Up

Marianne Kolbasuk McGee • June 24, 2022

Four proposed federal class action lawsuits filed in recent days against MCG Health LLC in the wake of a recently disclosed 2020 hacking incident affecting up to 1.1 million individuals allege negligence and violations of various laws by the clinical guidelines vendor.

Identity & Access Management

Ping Identity Debuts $50M Venture Fund to Back IAM Startups

Michael Novinson • June 23, 2022

Ping Identity is making a $50 million bet it can integrate cutting-edge technology into its own stack through a new in-house corporate venture fund to support identity and access management technology startups. "We want to have a nice overall corporate strategy portfolio," says Ping's Anton Papp.