The warning displayed by Press TV's .com website after it was seized by U.S. authorities

US Seizes Domains of Websites Linked to Iran, Iraq

Jeremy Kirk • June 23, 2021

The U.S. has seized the domains of 36 websites linked with Iran and Iraq for allegedly publishing disinformation and running malicious influencing campaigns targeting Americans. Those running the sites violated sanctions by not obtaining a license to buy domain names from U.S. companies.

Cyberwarfare / Nation-State Attacks

Biden Promises Retaliation Unless Putin Stops Cyberattacks

Latest

Fraud Management & Cybercrime

Australia Considers Mandating Ransom Payment Reporting

Prajeet Nair • June 23, 2021

A bill introduced this week in the Australian Parliament would make it mandatory for organizations based in the country to report to the Australian Cyber Security Center any payments they plan to make to ransomware gangs.

Cybercrime

EU Proposes Joint Cybersecurity Unit

Akshaya Asokan • June 23, 2021

The European Commission has proposed creating a Joint Cyber Unit to help EU member states respond to and prevent cyberattacks, especially those involving ransomware. The goal is for the unit to begin operations by the end of next year.

Blockchain & Cryptocurrency

Iranian Police Reportedly Crack Down on Illegal Cryptomining

Doug Olenick • June 23, 2021

Iranian police have seized more than 10,000 computers that were illegally mining cryptocurrency without the required license, according to the state-run Islamic Republic News Agency.

Cybercrime

Why Criminals Love Ransomware: In Their Own Words

Mathew J. Schwartz • June 22, 2021

How do criminal affiliates of ransomware-as-a-service operations think? Craig Williams and Matt Olney of Cisco Talos describe insights shared - accidentally and otherwise - by "Aleks," a Russian affiliate of the LockBit ransomware-as-a-service operation.

Fraud Management & Cybercrime

The Changing Nature of the Insider Threat

Anna Delaney • June 22, 2021

Cybercriminals and nation-states are attempting to recruit insiders at companies around the world to help steal credentials and intellectual property, says Joseph Blankenship, vice president and research director at Forrester, who offers risk mitigation insights.

Breach Notification

First American Financial's SEC Breach Settlement: $488,000

Jeremy Kirk • June 21, 2021

Title insurance company First American Financial Corp. will pay the SEC a $488,000 penalty as a result of a data breach revealed two years ago. Information security staff members were aware of the vulnerability in the company's EaglePro document-sharing system for five months but failed to fix it, the SEC reports.

Security Operations

Using Automation to Update a SOC

Suparna Goswami • June 21, 2021

How can organizations update their SOCs to ensure they keep up with evolving cyberthreats? Three experts - Sean Duca of Palo Alto Networks, Rishi Rajpal of Concentrix and Anish Ravindranathan of Tata Digital - offer insights.

Cybercrime

N. Korean Attackers Suspected in S. Korean Nuclear Agency Hack

Prajeet Nair • June 21, 2021

The Korea Atomic Energy Research Institute, a South Korean organization, confirms it was recently hacked, apparently by a North Korean group that exploited a VPN vulnerability.

Breach Notification

Senators Draft a Federal Breach Notification Bill

Scott Ferguson • June 18, 2021

A bipartisan group of senators is circulating a draft of a federal breach notification bill that would require federal agencies, federal contractors and businesses that have oversight over critical infrastructure to report significant cyberthreats to CISA within 24 hours of discovery.

Fraud Management & Cybercrime

ISMG Editors’ Panel: NATO's Cybersecurity Policy and More

Anna Delaney • June 18, 2021

In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including NATO's new cyber defense policy, the outlook for congressional regulatory action to address the ransomware threat, and cybersecurity comments by U.S. Rep. Jim Langevin.

NSA Offers Tips on Securing Unified Communication Channels

Akshaya Asokan • June 18, 2021

The U.S. National Security Agency has released new guidance to help federal agencies as well as business enterprises protect their unified communications channels and voice/video over IP calls from cyberthreats.

Cybercrime

Russian Convicted of Aiding Kelihos Botnet Operator

Akshaya Asokan • June 18, 2021

A Russian national has been convicted of aiding a botnet scheme that infected victims' devices with malicious Kelihos malware and ransomware, according to the U.S. Justice Department.