Capitol riot suspect Aaron Mostofsky (Source: New York Post, as cited in criminal complaint)

Capitol Riot Suspects Identify Themselves

Mathew J. Schwartz • January 15, 2021

Many of the insurrectionists who marched on the Capitol on Jan. 6 and violently forced their way into the building livestreamed their activities or boasted about them via social media. Those self-identifying actions have helped law enforcement authorities identify some of the more than 70 individuals charged.

Cyberwarfare / Nation-State Attacks

SolarWinds Describes Attackers' 'Malicious Code Injection'

Latest

Governance & Risk Management

Excellus Health Plan Hit With $5.1 Million HIPAA Settlement

Marianne Kolbasuk McGee • January 15, 2021

The Department of Health and Human Services has slapped Excellus Health Plan with a $5.1 million settlement in the wake of a 2015 data breach that affected more than 9.3 million individuals.

Encryption & Key Management

NSA Offers Guidance on Adopting Encrypted DNS

Prajeet Nair • January 15, 2021

The NSA has released guidance on how organizations can adopt encrypted domain name system protocols to prevent eavesdropping and manipulation of DNS traffic. Although the agency's report is geared toward the military and defense contractors, its recommendations can be adopted in all sectors.

3rd Party Risk Management

SolarWinds Supply Chain Hack: Investigation Update

Anna Delaney • January 15, 2021

The latest edition of the ISMG Security Report describes new details emerging from the SolarWinds supply chain hack investigation. Also featured: A discussion of why security education is so crucial in 2021 and tips on how to retain security and operations center analysts.

Application Security

FTC Orders Health App Vendor to Revamp Privacy Practices

Marianne Kolbasuk McGee • January 14, 2021

The Federal Trade Commission's announcement this week of a proposed health data privacy settlement with Flo Health, a fertility-tracking mobile app vendor, illustrates how the agency can play a critical role in helping ensure data not regulated under HIPAA is protected.

Business Continuity Management / Disaster Recovery

CISA Warns of Surge in Attacks Targeting Cloud Services

Scott Ferguson • January 14, 2021

The U.S. Cybersecurity and Infrastructure Security Agency warns that hackers are increasingly targeting cloud services by waging phishing schemes and brute-force attacks. CISA recommends a number of defenses, including regularly reviewing Active Directory sign-in logs and enforcing multifactor authentication.

Active Defense & Deception

Sizing Up the Role of Deception Technology

Anna Delaney • January 14, 2021

Chris Kubic, former CISO of the National Security Agency, describes how deception technology can change the defensive landscape: "Where deception comes into play is for the unknown threats, the things that are either an attack you haven't seen before or the attacker evolved their technique."

COVID-19

COVID-19 Vaccine Documents, Personal Data Leaked

Marianne Kolbasuk McGee • January 13, 2021

Documents on COVID-19 vaccines and medications - including some containing personal information - that were stolen in a cyberattack last month on the European Medicines Agency have been leaked on the internet.

Breach Notification

Mimecast Says Hackers Compromised Digital Certificate

Jeremy Kirk • January 13, 2021

Email security provider Mimecast says hackers compromised a digital certificate that encrypts data that moves between several of its products and Microsoft's servers, putting organizations at risk of data loss.

Cybercrime

Mobile RAT for Android Offered on Darknet Forums

Akshaya Asokan • January 13, 2021

A recently identified mobile remote access Trojan dubbed "Rogue," which exploits Google's Firebase development platform, targets Android devices to exfiltrate personal data and can deliver other malware, according to Check Point Research. The RAT is being offered for sale or rent in darknet forums.

Cybercrime

Watering Hole Operation Leveraged Zero-Day Exploits

Akshaya Asokan • January 13, 2021

Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices.

Electronic Healthcare Records

Biggest Fine Yet for Patient Records Access Violation

Marianne Kolbasuk McGee • January 12, 2021

In the latest move in its ongoing initiative to enforce a HIPAA provision granting patients the right to access their records, federal regulators have slapped an Arizona integrated healthcare system with a $200,000 fine for failing to provide two individuals with timely records access.

Critical Infrastructure Security

Parler Content Forcibly Archived by Researchers After Riot

Jeremy Kirk • January 12, 2021

Terabytes' worth of posts, images and videos from conservative social media site Parler have been forcibly obtained by security researchers who have archived the material for investigators in the wake of the violent riot at the U.S. Capitol.