The average daily ransom amounts paid from April to June (red line is a trailing 10-day moving average), of which 99 percent were paid in bitcoin. (Source: Coveware)

Ransomware: As GandCrab Retires, Sodinokibi Rises

Mathew J. Schwartz • July 17, 2019

With the GandCrab ransomware-as-service gang promising to retire - and free decryptors now aiding victims - rival Sodinokibi has already stepped into the void, security experts warn. Driven also by attackers wielding Ryuk, Dharma and Phobos, ransom payments by victims have been surging.

Blockchain & Cryptocurrency

Senators Scrutinize Facebook's Cryptocurrency Plans

Application Security

Security Flaw Exposed Valid Airline Boarding Passes

Researchers Disclose Vulnerability in Siemens' ICS Software

Latest

Cybercrime

Bulgarian Authorities Arrest Suspect in Massive Data Breach

Akshaya Asokan • July 17, 2019

Bulgaria's national cybercrime unit has arrested a 20-year-old local man for his alleged role in breaching the country's tax servers and exposing the financial details and other personal data of nearly 5 million citizens, according to news media reports.

Cybercrime as-a-service

Suspected Rubella Toolkit Mastermind Arrested

Scott Ferguson • July 17, 2019

A 20-year-old Dutch man suspected of creating the Rubella Macro Builder toolkit and distributing it on underground forums has been arrested by the Dutch National Police, which received assistance from McAfee. Rubella and other toolkits enable attackers to distribute malware through weaponized Office documents.

Active Defense & Deception

How Deception Technology Is Evolving

Nick Holland • July 17, 2019

Deception technology is becoming more sophisticated, enabling organizations to battle against emerging threats, says Alissa Knight, senior analyst at Aite Group, a research and advisory company.

Fraud Management & Cybercrime

Insider Medicaid Fraud Case: 'An Important Reminder'

Marianne Kolbasuk McGee • July 16, 2019

The sentencing of a former worker at a substance abuse treatment provider in connection with a Medicaid fraud conspiracy "is an important reminder about the threats from insiders," one privacy attorney says.

Application Security

How a Big Rock Revealed a Tesla XSS Vulnerability

Jeremy Kirk • July 16, 2019

Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.

Endpoint Security

Broadcom Reportedly Suspends Bid for Symantec

Scott Ferguson • July 15, 2019

Broadcom has reportedly suspended its effort to acquire Symantec after the two companies failed to agree on a price for the deal. The negotiations had been ongoing for several weeks.

Cybercrime

'Sea Turtle' DNS Hijackers Expand Reach

Jeffrey Burt • July 15, 2019

The group behind the Sea Turtle espionage campaign that was exposed in April is expanding its geographic reach and claiming new victims, according to researchers with Cisco's Talos unit.

Account Takeover

Payment Fraud: Criminals Enroll Stolen Cards on Apple Pay

Mathew J. Schwartz • July 15, 2019

Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.

Cybercrime

Software Engineer Charged With Stealing Company Secrets

Scott Ferguson • July 12, 2019

A former software engineer for an Illinois-based locomotive manufacturer allegedly stole proprietary information and other intellectual property from the company before fleeing to China, according to an indictment the U.S. Justice Department unsealed Thursday.

Security Operations

The Future SOC: Harmonizing Detection and Response

Jeremy Kirk • July 12, 2019

The success of security operations centers will depend on how well they blend key technologies - including detection, user behavior analytics and orchestration, says Haiyan Song of Splunk, who offers strategic insights.

Active Defense & Deception

Analysis: The Significance of GDPR Fines

Nick Holland • July 12, 2019

The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies.

Artificial Intelligence & Machine Learning

Leak Confirms Google Speakers Often Record Without Warning

Mathew J. Schwartz • July 12, 2019

George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.