US FTC Seeks Information on Cloud Provider Cybersecurity

David Perera • March 22, 2023

The U.S. Federal Trade Commission is asking for public comment on cloud computing provider business and security practices. The top three providers - AWS, Microsoft Azure and Google Cloud - account for approximately two-thirds of worldwide cloud spending, which reached nearly $250 billion in 2022.

Critical Infrastructure Security

Russia May Be Reviving Cyber Ops Ahead of Spring Offensive

Latest

HIPAA/HITECH

DC Health Link Facing Lawsuits in Hack Affecting Congress

Marianne Kolbasuk McGee • March 22, 2023

The DC Health Benefit Exchange Authority - the online health insurance marketplace servicing Washington, D.C., residents and congressional staff - is facing two proposed class action lawsuits in the aftermath of a hack that affected more than 56,400 individuals, including members of Congress.

Cloud Security

Orca Promotes CPO Gil Geron to CEO to Drive Efficient Growth

Michael Novinson • March 22, 2023

Orca Security has promoted Chief Product Officer Gil Geron to CEO to help the agentless cloud security vendor maintain its market leadership and rapid growth. The leadership swap at Portland, Oregon-based Orca will result in Avi Shua moving to the newly created position of chief innovation officer.

Governance & Risk Management

Hackers Are Actively Exploiting Unpatched Adobe ColdFusion

Mathew J. Schwartz • March 22, 2023

Hackers have been actively exploiting vulnerabilities in ColdFusion to remotely compromise servers, Adobe warns. Since at least early January, attackers have been dropping web shells via ColdFusion, but it's unclear if only now-known vulnerabilities are being exploited, security researchers say.

Fraud Management & Cybercrime

Stung by Free Decryptor, Ransomware Group Embraces Extortion

Mathew J. Schwartz • March 22, 2023

Not all ransomware groups wield crypto-locking malware. Some have adopted other strategies. Take BianLian. After security researchers released a free decryptor for its malware, instead of encrypting files, the group chose to steal them and demand ransom solely for their safe return.

Endpoint Security

Google Suspends Chinese App Following Malware Discovery

Jayant Chakravarti • March 21, 2023

Google suspended popular budget e-commerce application Pinduoduo from the Play Store after detecting malware on versions of the Chinese app downloadable from other online stores. Chinese security researchers say they found code designed to monitor users inside Pinduoduo versions.

Governance & Risk Management

Forrester Report: Zero Trust Adoption in Europe Is High

Anna Delaney • March 21, 2023

Forrester recently published a report that shows over two-thirds of European security decision-makers have begun to develop a zero trust strategy, and public sector organizations are leading the way. Forrester's Tope Olufon shares the cultural and regulatory roadblocks to zero trust.

Cloud Security

NYC Special Needs Students' Records Found Exposed on Web

Marianne Kolbasuk McGee • March 21, 2023

Nearly 50,000 documents containing personal information of special education students who live in New York City and attend public school there were recently found exposed on the internet in an unsecured database. Some of those records date back to 2018.

Cybercrime

BreachForums Closes Amid Worries Over Law Enforcement Access

Prajeet Nair • March 21, 2023

Days after federal agents arrested the alleged administrator of criminal underground forum BreachForums, the new admin who took over announced that he is shutting down the site. User "Baphomet" said he spotted a suspicious server logon early Sunday afternoon.

Healthcare

Lawsuit Against Clinic Seeks Long List of Cyber Improvements

Marianne Kolbasuk McGee • March 20, 2023

An Alabama cardiovascular clinic is facing a proposed class action lawsuit filed by one of the nearly 442,000 individuals affected by a data exfiltration breach reported last month. The lawsuit seeks a detailed list of security improvements by the clinic and 10 years of court compliance monitoring.

Account Takeover Fraud

Fresh Vishing Campaign Targeting South Korean Users

Prajeet Nair • March 20, 2023

Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.

Cyberwarfare / Nation-State Attacks

It's Raining Zero-Days in Cyberspace

Mihir Bagwe • March 20, 2023

Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.

Breach Notification

FBI Says It Arrested BreachForums Mastermind 'Pompompurin'

Prajeet Nair • March 18, 2023

Federal agents arrested the alleged administrator of the criminal underground forum BreachForums, tracing him to a small town in New York's Hudson Valley. FBI agents say Conor Brian Fitzpatrick, a resident of Peekskill, confessed to being "Pompompurin."