Framework for Managing Identity in Healthcare Introduced

Doug Olenick • May 22, 2020

In response to the growing threat of identity-centric cyberattacks in healthcare, the Health Information Sharing and Analysis Center has published a framework for managing identity for the full work lifecycle of employees, practitioners, patients and business partners.

Application Security

Group Behind WannaCry Now Using New Malware

Latest

Endpoint Detection & Response (EDR)

RagnarLocker Deploys a Virtual Machine to Hide Ransomware

Mathew J. Schwartz • May 22, 2020

As ransomware gangs attempt to boost their illicit profits, the RagnarLocker ransomware gang has brought a new tactic to bear: installing a full virtual machine on victims' systems to hide their crypto-locking malware while it forcibly encrypts files, security firm Sophos warns.

COVID-19

Microsoft Warns of COVID-19 Phishing Emails Spreading RAT

Akshaya Asokan • May 22, 2020

Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices. Attackers can turn NetSupport into a remote access Trojan, or RAT.

Cybercrime

Hackers Tried to Exploit Zero-Day Flaw in Sophos Firewall

Akshaya Asokan • May 22, 2020

Hackers tried two methods of exploiting a zero-day vulnerability in Sophos' XG firewall, but Sophos says it made a temporary fix that mitigated the risks. Attackers originally attempted to plant a Trojan, but then switched to ransomware.

Cybercrime

Phishing Campaign Leverages Google to Harvest Credentials

Ishita Chigilli Palli • May 22, 2020

Some fraudsters waging phishing campaigns are using fake websites hosted on Google's Firebase Storage service in an attempt to harvest credentials, according to Trustwave, which notes the phishing emails contain links to the service to make them look more credible.

Application Security

Analysis: The Long-Term Implications of 'Work From Home'

Nick Holland • May 22, 2020

The latest edition of the ISMG Security Report features Retired General Keith Alexander, former NSA director, discussing the long-term security implications of the shift to working from home. Also: an update on ransomware gangs leaking data and an analysis of using open source code for app development.

Breach Notification

Bank of America: COVID-19 Loan Data May Have Leaked

Doug Olenick • May 21, 2020

Bank of America disclosed this week that some customers' data may have been exposed during the uploading of loan applications related to the Paycheck Protection Program - a U.S. government initiative created to provide business loans during the COVID-19 pandemic.

Cybercrime

Hot Offering on Darknet: Access to Corporate Networks

Doug Olenick • May 21, 2020

The number of darknet forum ads offering full access to corporate networks jumped almost 70% during the first quarter of 2020, compared to the previous quarter, posing a significant potential risk to corporations and their now remote workforces, according to security firm Positive Technologies.

Application Security

Phishing Attack Bypassed Office 365 Multifactor Protections

Akshaya Asokan • May 20, 2020

A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense.

Application Security

How CISOs Can Achieve Better Network Visibility

Anna Delaney • May 20, 2020

To achieve better network visibility, security practitioners must improve their knowledge of tools that support web services, containers and the evolution of development practices, says Ed Moyle, co-founder of the cybersecurity advisory firm Security Curve.

Cybercrime

Police Allege Hacker Sold Millions of Email Credentials

Ishita Chigilli Palli • May 20, 2020

The Security Service of Ukraine this week arrested a hacker known as "Sanix" who allegedly sold combinations of millions of email passwords and usernames on darknet forums.

Breach Notification

Toll Group Data Leaked Following Second Ransomware Incident

Mathew J. Schwartz • May 20, 2020

Australian shipping giant Toll Group recently suffered its second ransomware outbreak of the year, with Thomas Knudsen, the company's managing director, branding the latest attack as being "serious and regrettable." But was it preventable?

Cloud Security

Verizon: Breaches Targeting Cloud-Based Data Doubled in 2019

Doug Olenick • May 19, 2020

Attacks targeting cloud-based data nearly doubled in 2019 as companies shifted more of their valuable information off-premises and misconfigurations and other issues made it more vulnerable, according to the 2020 Verizon Data Breach Investigations Report. Observers expect the trend to continue this year.