Latest

Breach Notification

Qualys Gets 'Clopped' by Accellion-Exploiting Attackers

Mathew J. Schwartz  •  March 4, 2021

Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...

Identity & Access Management

Okta to Buy Auth0 for $6.5 Billion

Doug Olenick  •  March 4, 2021

The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to acquire the customer IAM technology supplier Auth0. Two other cybersecurity M&A deals were also announced this week.

Application Security

Microsoft Patches Four Zero-Day Flaws in Exchange

Jeremy Kirk  •  March 3, 2021

Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.

►

Governance & Risk Management

Cybersecurity Leadership: Identity, Access, Complexity

Tom Field  •  March 3, 2021

In this era of "work from anywhere," identity and access management solutions are challenged more than ever. What are the strategies and solutions recommended by top CEOs and CISOs in the cybersecurity sector? An expert panel weighs in.

Cyberwarfare / Nation-State Attacks

Lazarus Group Tied to TFlower Ransomware

Akshaya Asokan  •  March 3, 2021

The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware, using its MATA malware framework, security firm Sygnia reports.

Forensics

Accellion Attack Involved Extensive Reverse Engineering

Mathew J. Schwartz  •  March 3, 2021

Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.

Cybercrime

Hackers Use Search Engine Optimization to Deliver Malware

Akshaya Asokan  •  March 2, 2021

A new malware loader dubbed "Gootloader" is using search engine optimization techniques to spread ransomware, Trojans and other malware, the security firm Sophos reports.

►

3rd Party Risk Management

Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains

Tom Field  •  March 1, 2021

Jamil Farshchi has been there. As CISO of Equifax, he knows what it’s like to be a victim of a high-profile cyberattack. And he knows breached companies have a choice: "Are they going to be a force for good by helping the rest of the industry learn from their experience?"

Forensics

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Mathew J. Schwartz  •  March 1, 2021

Prolific Ryuk ransomware has a new trick up its sleeve. "A Ryuk sample with worm-like capabilities - allowing it to spread automatically within networks it infects" was recently discovered during an incident response effort, warns CERT-FR, the French government's computer emergency response team.

COVID-19

Indian Vaccine Makers, Oxford Lab Reportedly Hacked

Marianne Kolbasuk McGee  •  March 1, 2021

Two Indian vaccine makers and an Oxford University lab are reportedly among the latest targets of hackers apparently seeking to steal COVID-19 research data.

Critical Infrastructure Security

NSA Issues Guidance on 'Zero Trust' Implementation

Akshaya Asokan  •  February 27, 2021

The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.

Fraud Management & Cybercrime

Ransomware: Beware of 13 Tactics, Tools and Procedures

Mathew J. Schwartz  •  February 26, 2021

Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. More than ever, the onus is on potential victims to ensure they have essential defenses in place - and if possible, to proactively hunt for attackers who may already be inside their network.