Latest

Application Security

Report: Access Broker Exploiting VMware Log4j Vulnerability

Dan Gunderman  •  January 26, 2022

The risks posed by Apache Log4j continue, as a previously seen initial access broker group with the codename Prophet Spider IAB appears to be targeting vulnerabilities in Apache's logging utility to infiltrate the virtualization solution VMware Horizon, researchers at BlackBerry warn.

Breach Notification

Proposed Settlement Calls for Health Plan to Bolster Security

Marianne Kolbasuk McGee  •  January 26, 2022

Following a trend seen in similar cases, a proposed settlement in a class action lawsuit filed against health insurer Excellus in the wake of a cyberattack discovered in 2015 that affected 10.5 million individuals calls for the company to bolster its security.

Business Continuity Management / Disaster Recovery

Ransomware Trends: Volume of Known Victims Remains Steady

Mathew J. Schwartz  •  January 26, 2022

Despite Western governments' increased focus on disrupting ransomware, the quantity of new victims doesn't appear to have declined, at least so far. But multiple experts say that nation-state efforts to combat cybercrime syndicates are still picking up speed and may well yet have an impact.

3rd Party Risk Management

Drug Testing Lab Portal Incident Exposed Data for 4 Years

Marianne Kolbasuk McGee  •  January 25, 2022

SLC Lab, a Florida county laboratory that performs drug testing, is notifying thousands of individuals of a web portal misconfiguration incident that left sensitive information accessible to others for more than four years. How can other entities avoid such incidents?

3rd Party Risk Management

Log4j Updates: Flaw Challenges Global Security Leaders

Devon Warren-Kachelein  •  January 25, 2022

The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.

Business Continuity Management / Disaster Recovery

Brand Narratives and Awareness in Cybersecurity

Steve King  •  January 25, 2022

Kyle Flaherty has worked with a range of companies, changing the worlds of big data, IoT, BYOD, SaaS, open-source software, network security, fraud detection, data analytics, marketing automation and network management. He weighs in on brands and how metrics feed different audiences.

Application Security

FBI Warns of Cybercriminals Using QR Codes to Steal Funds

Mihir Bagwe  •  January 24, 2022

The U.S. Federal Bureau of Investigation has issued a warning to consumers about cybercriminals targeting people through maliciously crafted quick response - or QR - codes that direct them to links where their credentials and financial information are siphoned off.

3rd Party Risk Management

Microsoft Finds SolarWinds Vulnerability Amid Log4j Search

Dan Gunderman  •  January 24, 2022

Microsoft researchers tracking Apache Log4j exploits last week discovered a previously undisclosed vulnerability in SolarWinds' Serv-U software. SolarWinds subsequently responded, investigated and fixed the flaw. Some observers described the new vulnerability as "surprising" and "disturbing."

3rd Party Risk Management

NY Fines Vision Benefits Firm $600,000 for 2020 Breach

Marianne Kolbasuk McGee  •  January 24, 2022

Vision benefits provider EyeMed has agreed to pay $600,000 and implement a long list of data security improvements as part of a settlement with the New York attorney general's office following a 2020 email breach that affected 2.1 million individuals, including nearly 99,000 New Yorkers.

Cybercrime

Suspected REvil Ransomware Spinoff 'Ransom Cartel' Debuts

Mathew J. Schwartz  •  January 24, 2022

Has the notorious REvil, aka Sodinokibi, ransomware operation rebooted as "Ransom Cartel"? Security experts say the new group has technical and other crossovers with REvil. But whether the new group is a spinoff of REvil, bought the tools, or is simply copying how they work, remains unclear.

Application Security

Twitter: Head of Security Reportedly Fired; CISO to Leave

Prajeet Nair  •  January 22, 2022

Twitter has said it is firing Peiter "Mudge" Zatko, the network security expert it hired in November 2020 as head of security. The security team changes - the CISO is also set to depart - follow "an assessment of how the organization was being led," according to a corporate memo shared with The New York Times.

Application Security

Federal Authorities, Patient Safety Experts Warn of Risks

Marianne Kolbasuk McGee  •  January 21, 2022

Cyberattacks remain a critical security concern - and a top patient safety hazard - for the healthcare and public health sector in 2022, federal authorities and other experts warned this week. Will recent takedowns of ransomware criminal gang members by law enforcement agencies help?