How Russia's Ukraine War Disrupted the Cybercrime Ecosystem

Mathew J. Schwartz • March 20, 2023

Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.

Governance & Risk Management

ChipMixer Shut Down for Allegedly Laundering $3 Billion

Latest

Healthcare

Lawsuit Against Clinic Seeks Long List of Cyber Improvements

Marianne Kolbasuk McGee • March 20, 2023

An Alabama cardiovascular clinic is facing a proposed class action lawsuit filed by one of the nearly 442,000 individuals affected by a data exfiltration breach reported last month. The lawsuit seeks a detailed list of security improvements by the clinic and 10 years of court compliance monitoring.

Account Takeover Fraud

Fresh Vishing Campaign Targeting South Korean Users

Prajeet Nair • March 20, 2023

Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.

Cyberwarfare / Nation-State Attacks

It's Raining Zero-Days in Cyberspace

Mihir Bagwe • March 20, 2023

Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.

Breach Notification

FBI Says It Arrested BreachForums Mastermind 'Pompompurin'

Prajeet Nair • March 18, 2023

Federal agents arrested the alleged administrator of the criminal underground forum BreachForums, tracing him to a small town in New York's Hudson Valley. FBI agents say Conor Brian Fitzpatrick, a resident of Peekskill, confessed to being "Pompompurin."

Attack Surface Management

Chinese Hackers Targeting Security and Network Appliances

Prajeet Nair • March 17, 2023

Chinese threat actors are turning security appliances into penetration pathways, forcing firewall maker Fortinet to again attempt to fend off hackers with a patch. Mandiant researchers say suspected Beijing hackers it tracks as UNC3886 has been targeting chip-based firewall and virtualization boxes.

Governance & Risk Management

What the FTC Is Signaling in Recent Data Privacy Cases

Marianne Kolbasuk McGee • March 17, 2023

The Federal Trade Commission's recent actions against two companies in separate health data privacy cases are significant developments signaling the FTC's "aggressive push" to enforce violations involving disclosures of consumer health data to third parties, said attorney Kirk Nahra of WilmerHale.

Finance & Banking

ISMG Editors: Will SVB Crash Kill Cybersecurity Innovation?

Anna Delaney • March 17, 2023

In the latest weekly update, ISMG editors discuss how the Silicon Valley Bank crash will affect innovation in the cybersecurity space, why the SEC fined cloud provider Blackbaud $3 million for its "erroneous" breach details, and why the feds fined a web hosting firm in a kids' insurance site hack.

Fraud Management & Cybercrime

Magniber Ransomware Group Exploiting Microsoft Zero-Day

Akshaya Asokan • March 16, 2023

A financially motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows operating system to deliver ransomware. Google Threat Analysis Group attributed the campaign to Magniber ransomware group. Microsoft issued a patch in its March dump of fixes.

Fraud Management & Cybercrime

Breach Roundup: Med Devices, Hospitals and a Death Registry

Mihir Bagwe • March 16, 2023

In this week's data breach roundup: medical device manufacturer Zoll, CHU University hospitals, Australian company Latitude Financial, Hawaiian death registry, Los Angeles Housing Authority, Indian Railway ticketing app, updates on U.S. Marshals Service and Congress, and a new ransomware decryptor!

Endpoint Security

Microsoft, CrowdStrike Lead Endpoint Protection Gartner MQ

Michael Novinson • March 16, 2023

Microsoft and CrowdStrike once again dominate Gartner's Magic Quadrant for Endpoint Protection. Cybereason has risen to the leaders quadrant and Trellix has fallen to a niche player. The endpoint protection market has rapidly matured in recent years - 50% of organizations have already adopted EDR.

Governance & Risk Management

Healthcare Leaders Call for Cybersecurity Standards

Marianne Kolbasuk McGee • March 16, 2023

Healthcare executives called on Congress to ensure minimum cybersecurity standards, saying a wholly voluntary approach is failing clinics and hospitals. Gaps are widest at small rural hospitals, testified a former hospital CISO before the Senate Homeland Security and Governmental Affairs Committee.

Fraud Management & Cybercrime

US FTC Probes Social Media Over Fraudulent Ads

David Perera • March 16, 2023

Federal regulators initiated a probe of social media after accusing firms such as Facebook of presiding over a surge in advertising fraud including ads for sham healthcare products. Sham ads "can pose real dangers," including by spreading health disinformation, said Commissioner Rebecca Slaughter.