Night view of Rinia Park, Tirana, Albania (Image: Patrick Müller/CC BY-N)

Iranian Hackers Accessed Albania's Network for 14 Months

Prajeet Nair • September 22, 2022

Iranian hackers rambled across the Albanian government's network for 14 months before launching a ransomware and disk wiper attack in July, says the U.S. government. Iran exploited a Microsoft SharePoint vulnerability to gain access and then harvested credentials and exfiltrated data.

Cyberwarfare / Nation-State Attacks

Pentagon Backs Call for Internet Routing Security Fixes

Latest

Cybercrime

Optus Under $1 Million Extortion Threat in Data Breach

Jeremy Kirk • September 25, 2022

Australia’s Optus telco is facing a $1 million extortion demand to prevent the release of up to 11.2 million sensitive customer records. The data appears to be legitimate. The attacker tells ISMG an unauthenticated API lead to the breach.

Business Email Compromise (BEC)

HHS HC3 Warns Health Sector of Monkeypox Phishing Schemes

Marianne Kolbasuk McGee • September 23, 2022

Scammers are taking advantage of the monkeypox virus outbreak to launch phishing campaigns targeting healthcare providers and public health organizations to harvest credentials, the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center says.

Governance & Risk Management

Fortinet, VMware, Cisco Drive SD-WAN Gartner Magic Quadrant

Michael Novinson • September 23, 2022

Perennial leaders Fortinet and VMware and a surging Cisco set themselves apart from the pack in SD-WAN, according to the latest Gartner Magic Quadrant. Fortinet and VMware again took the gold and silver in ability to execute, with Cisco leapfrogging both Versa and Palo Alto to capture the bronze.

Multi-factor & Risk-based Authentication

ISMG Editors: How a Teen's Hack of Uber Adds to MFA Crisis

Anna Delaney • September 23, 2022

In the latest weekly update, ISMG editors discuss the industrywide implications of a teenager hacking into Uber's internal systems, key trends in the new Gartner SD-WAN Magic Quadrant report, and how ethics and security culture are center stage due to recent CISO revelations at Uber and Twitter.

Cybercrime

Australian Telco Optus Investigates Scope of Large Breach

Jeremy Kirk • September 23, 2022

A criminal investigation is underway into a breach at Optus, Australia’s second-largest telecommunications company. Optus' CEO says the company will notify those affected. It's unknown so far who perpetrated the attack, and the data has not appeared on the dark web.

Fraud Management & Cybercrime

Ransomware's Future: A Continuing Money Spinner

Jeremy Kirk • September 23, 2022

What is the future of ransomware, and is it going to continue with the same intensity of the last few years? Michael DeBolt of Intel 471 says anti-ransomware efforts, including government action and better cybersecurity practices, are working. But ransomware isn't going away soon.

Breach Notification

Uber Ex-CSO's Trial: Who's Responsible for Breach Reporting?

Mathew J. Schwartz • September 23, 2022

Should the now-former CSO of Uber have reported a security incident to authorities after discovering signs of unusual behavior? That's one of the big questions now being asked in the closely watched trial of Joe Sullivan, who's been charged with covering up a data breach and paying off hackers.

Attack Surface Management

Malwarebytes Gets $100M Weeks After Laying Off 14% of Staff

Michael Novinson • September 22, 2022

Private equity firm Vector Capital invested $100 million in Malwarebytes a month after the antivirus stalwart laid off 125 employees to focus on smaller customers. The funds will help the vendor reduce clients' attack surfaces and accelerate momentum with MSPs and channel partners.

Cybercrime

Capital One Moves Past 2019 Hacking Incident

David Perera • September 22, 2022

Credit card giant Capital One is moving past its 2019 hacking incident as federal regulators stop requiring quarterly updates on efforts to improve cybersecurity and a federal judge signs off on a $190 million settlement in a proposed class action lawsuit.

Attack Surface Management

Darktrace's Nicole Eagan on How AI Predicts, Prevents Hacks

Michael Novinson • September 22, 2022

Darktrace's Cybersprint acquisition allowed the cybersecurity AI vendor to move from focusing solely on internal threats to also defending the external attack surface, Nicole Eagan says. The company says AI will give an outside-in view of the victim and simulate how the attacker will behave.

Leadership & Executive Communication

Profiles in Leadership: Errol Weiss

Tom Field • September 22, 2022

Errol Weiss, chief security officer of Health-ISAC for the past three years, watched the healthcare sector undergo a historic revolution in the digital delivery of services to patients. Also in that time, the attack surface grew exponentially. How can entities best defend it?

Breach Notification

Australian Telco Optus Warns of 'Significant' Data Breach

Mathew J. Schwartz • September 22, 2022

Australian telecommunications giant Optus is warning that current and former customers' personal details were exposed, including some driver's license and passport details, but no passwords or financial details, after it suffered a major data breach.