2 Experts Discuss Selecting the Right TechnologiesValidating identity across every digital channel is essential to track money movement information and help control P2P payment fraud, two fraud-fighting experts say.
COVID-19 Distractions May Have Delayed Patching, Experts SayAlmost eight months after Microsoft warned of a critical vulnerability in Windows called SMBGhost, more than 100,000 unpatched devices remain vulnerable, according to security researchers. The COVID-19 pandemic and ensuing rush to move workers into home offices may have led to delays in applying the fix.
Fraudsters Used Doctored Invoices to Steal Cash Earmarked for Trump's CampaignThe Republic Party of Wisconsin says fraudsters used phishing emails and doctored invoices to steal $2.3 million earmarked for President Donald Trump's reelection campaign. The FBI is investigating.
Pandemic Expert Regina Phelps on What to Expect Headed Into Flu SeasonCOVID-19 infections are hitting new daily highs in the U.S., and some European countries are re-imposing restrictions. Plus, the flu season is just around the corner. "We're in a bad place," says pandemic expert Regina Phelps, who shares insights on pandemic trends and response.
'Turla' Recently Targeted a European Government Agency for EspionageTurla, a hacking group based in Russia, is deploying a revamped set of customized tools to target potential victims, including a European government agency, for its espionage campaigns, according to Accenture.
A successful Cloud journey needs security to be considered at every stage.
In this webinar, Scott McAvoy, Cloud Security Competency Lead of IBM will be outlining how to get security right with an open and integrated approach.
Among the 2017 Incidents Was a Mailing Mishap Exposing HIV InformationFederal regulators have slapped health insurer Aetna with a $1 million HIPAA settlement for three 2017 breaches - including a mailing incident that exposed HIV information - that occurred within six months.
Cloud Pak for SecurityDigital transformation is accelerating. Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets.
This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to:
- Gain insights without moving your data;
- Respond faster to secuirty incidents with automation and investigative capabilities;
- Run anywhere, connect security openly.
Alert From CISA, FBI Describes Espionage CampaignsThe U.S. Cybersecurity and Infrastructure Security Agency and the FBI have issued an alert providing details on the activities of a North Korean hacking group dubbed Kimsuky. The group, which has primarily focused on South Korean targets, has also conducted espionage campaigns in the U.S. and Japan.
Security Experts Outline Their ConcernsSo far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security.
Sophos: Cybercriminals Renting Buer LoaderThe operators behind the Ryuk strain of malware are increasingly relying on a malware-as-a-service tool - the Buer loader - to deliver the malware, rather than botnets such as Trickbot and Emotet, the security firm Sophos reports.
FBI's Elvis Chan on What to Expect Before - and After - Nov. 3 ElectionFBI agent Elvis Chan has dedicated his past four years to ensuring U.S. election security. With the Nov. 3 election less than a week away, he opens up on concerns about Russian, Chinese and Iranian interference and threats he'll be watching before and after the vote.
Avast: Most of These Apps, Which Had 8 Million Downloads, Have Been RemovedSome 21 malicious Android apps containing intrusive adware were discovered on the Google Play Store, but most have now been removed, according to a new report from the security firm Avast.
Digital Shadows: Disinformation, Ransomware, Phishing Attacks PrevailOnline disinformation campaigns by nation-state actors are the biggest cyberthreat to the U.S. election as hackers attempt to influence final vote tallies as a way to undermine confidence, according to a Digital Shadows report. Russian hackers are most active, followed by Iran and China.
Sopra Steria: Recovery Effort Will Take Weeks, But No Data Has LeakedFrench IT services firm Sopra Steria is confirming that its internal infrastructure sustained a Ryuk ransomware attack that has disrupted its operations, with a full recovery expected to take weeks.
VulnerableThings.com Seeks to Improve Bug Reporting for Connected DevicesA new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices. The IoT Security Foundation and Oxford Information Labs say the platform could help vendors comply with new IoT regulations and standards.
Two Card Security Experts Describe Effective StrategiesImplementation of 3D Secure 2.0, a protocol designed to be an additional security layer for online credit and debit card transactions, by banks and merchants alike can play a critical role in reducing "authorized payment fraud," two security experts say.
Researchers Say Botnet Mines for Cryptocurrency and Sends SpamSecurity researchers at Imperva have uncovered a botnet that attacks vulnerabilities in websites' underlying content management systems and then uses these compromised servers to mine for cryptocurrency or send spam to more victims.
Prosecutors: Actions Disrupted Deliveries of Critical Supplies During PandemicA former vice president of a personal protective equipment packaging firm has been sentenced to prison and ordered to pay restitution for sabotaging the company's electronic shipping records during the COVID-19 pandemic - causing delays in deliveries - after he was terminated from his job.
Scammers Now Attempting to Steal Banking and Driver's License InformationFraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.
Researchers: 'Katana' Features Many EnhancementsA greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab.
Officials Have Also Slapped Sanctions on Iran Over DisinformationThe Treasury Department has issued sanctions against a Russian research institute that U.S. officials now claim helped deploy Triton, a destructive malware designed to damage industrial control systems. The announcement follows other economic penalties levied against Iran in the same week.
Trustwave: Data Comes From Public Sources, LeaksVoter information on as many as 186 million Americans was being offered for sale in an online forum, according to Trustwave. The information apparently came from public sources as well as data leaks.
Researchers: Fraudsters Target Office 365 Users to Harvest CredentialsResearchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials.
European Officials Say Suspected Hackers Worked for Russia's GRU Military Intelligence UnitThe European Union has issued sanctions against two Russian nationals alleged to have hacked Germany's lower house of parliament, or Bundestag, in 2015. EU officials say both men work for the Russian military intelligence unit GRU.
Sophos: Malware Excels at Evading Detection and Picking Specific VictimsThe operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also assist in picking specific targets, according to Sophos.
Report: Hall County Continuing to Restore SystemsAn Oct. 7 ransomware attack targeted a database used to verify voter signatures in Georgia, and the database is still not fully functional. The DoppelPaymer gang has taken credit for the attack.
US Indictment Airs Russian Military and Operators' Dirty Laundry
An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?
'Berserk Bear' Hacking Team Known for 'Gaining Footholds in Critical Infrastructure'U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September, and stolen data. So far, however, the attackers do not appear to have attempted to otherwise interfere with or disrupt those networks.
The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.
Dutch Ethical Hacker Claims He Gained Access, But Twitter Says There's No EvidenceThe White House are Twitter are both debunking claims by a Dutch ethical hacker that he accessed President Donald Trump's Twitter account earlier this month by guessing the password, enabling him to obtain full privileges and capture screenshots.
US Indictment Airs Russian Military's Dirty Laundry
Although Russia's elite nation-state hackers are capable of waging destructive attacks, the GRU military intelligence Sandworm operators have not been able to remain in the shadows, a U.S. federal grand jury indictment suggests,
Dr. Reddy's Laboratories Says Plants in Four Countries AffectedDr. Reddy's Laboratories, a multinational pharmaceutical company based in India that's testing a COVID-19 vaccine, says it isolated its data center services Thursday following what it calls a "detected cyberattack."
The IRS Criminal Investigation Cyber Crimes Unit is waging a battle against the use of cryptocurrency for financing terrorists and other money-laundering activities. Agents Chris Janczewski and Jon Gebhart describe recent cryptocurrency-related takedowns.
Iran is Attempting to Intimidate Voters and Manipulate Election, US Officials WarnU.S. officials have blamed Iran for sending a barrage of fake emails and videos to American voters with a Democratic Party affiliation, as part of a campaign to push misinformation and sow confusion in the days before the presidential election.
Messages Use an OAuth-Based Consent App to Gain Office 365 AccessFraudsters are sending phishing emails with messages about the Coinbase cryptocurrency exchange to Microsoft Office 365 users in an attempt to take over their inboxes and gain access to data, according to the security firm KnowBe4.
But Some Researchers Say Botnet's Operators Using Workarounds to Restore ActivityMicrosoft and its partners are continuing to put pressure on the Trickbot malware operation, eliminating an estimated 94% of its infrastructure. But some security researchers warn that the botnet's operators are developing workarounds to re-establish its infrastructure, enabling the group to resume its activities.
Indictments Are Just a First Step Toward a CrackdownThe U.S. indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction. Experts say more than indictments will be required to curb such activity.
Agency Warns Hacking Groups Are Exploiting Flaws to Conduct CyberespionageThe NSA is warning that Chinese-linked hacking groups are exploiting 25 vulnerabilities in software systems and network devices as part of cyberespionage campaigns - which means patching is urgent.
Atlanta-Based Maxex Left Software Development Platform Open
Maxex, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.
CrowdStrike: Botnet's Activity Has Already Picked UpThe recent "takedown" of Trickbot by Microsoft and others had only a temporary effect; the botnet's activity levels have already rebounded, according to Crowdstrike and other security firms.
FinCEN: Helix and Coin Ninja Sites Violated Anti-Money Laundering LawsThe Treasury Department has fined the owner of two bitcoin "mixing" sites $60 million for violating anti-money laundering laws. It's the first time the department's Financial Crimes Enforcement Network has issued a civil monetary penalty against the operator of a cryptocurrency site.
Analysis of Latest Global Incident Response Threat ReportVMware Carbon Black is out with its latest Global Incident Response Threat Report, which describes "the perfect storm" for increasingly sophisticated attacks heading into 2021. Cybersecurity strategist Tom Kellermann discusses what that means - and how these trends should inform our defensive strategies.
Experts Say Day of Reckoning Overdue; How Might Moscow Respond?U.S. officials have accused the Russian government of behaving "maliciously or irresponsibly" by taking steps such as crashing Ukraine power grids in the dead of winter and causing more than $10 billion in damages via NotPetya malware. But why make the accusations now? And how might Moscow respond?
Curry, Kellermann and King on Why You Should Be Outraged by Adversaries' Cyber AssaultsHas the nation-state threat become like the weather - something everyone talks about, but no one can do anything about? It's time for a strategic change. A panel of experts offers a frank discussion of nation-state actors, their ongoing intrusions and what "taking off the gloves" might look like.
DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and MoreThe U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying destructive NotPetya malware - tied to more than $10 billion in damages - and attacking the 2018 Olympics.
DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and MoreThe U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying NotPetya ransomware - causing over $10 billion in damages - and attacking the 2018 Olympics.
Researcher Finds Unsecure Elasticsearch Database Cluster Accessible via the InternetA security researcher recently discovered an unsecure Elasticsearch database cluster exposed on the internet that contained transcripts of sensitive voicemail messages, including some for medical clinics and financial service companies.
Douglas Kantor of Secure Payments Partnership Says Standards Must EvolveDouglas Kantor, counsel to the Secure Payments Partnership, a coalition of retail groups and payment networks, argues that U.S. card payments need more open standards to build in better security.
Asks Justice Department to Spell Out National Security ThreatThe FCC is asking the Justice Department and other executive branch agencies if China Unicom's operations within the U.S. pose a significant enough national security threat to merit revoking the company's business license.
Bank Policy Institute's Nancy Guglielmo on Choosing the Right TechTo help prevent fraud, banks must leverage technologies such as behavioral analytics, device biometrics and one-time passcodes, says Nancy Guglielmo, senior vice president at the Bank Policy Institute.
Probe Will Determine Whether Facebook, Instagram's Owner, Violated GDPRIreland's Data Protection Commissioner has launched an investigation into whether Facebook's Instagram service improperly displayed the email addresses and phone numbers of minors on its platform. Facebook, Instagram's owner, could face a GDPR fine if it's found to have violated privacy requirements.
Crowdstrike's Jennifer Ayers on Understanding the Indicators of AttacksTo mitigate the risks posed by ransomware attacks, enterprises need to move from file-based security to a behavior-based approach, says Jennifer Ayers, vice president of the OverWatch division of Crowdstrike.
SharePoint Remains Top Hacker Target, UK's National Cyber Security Centre WarnsSecurity experts are urging organizations to patch a newly revealed, serious flaw in Microsoft SharePoint as quickly as possible, especially because proof-of-concept exploit code is already available. The U.K.'s National Cyber Security Centre warns that hackers frequently target fresh SharePoint flaws.
Digital identity is coming of age as a way to enable COVID-19 contact tracing, crack down on payment fraud and much more, says Tony Craddock of the Emerging Payments Association.
Here's Why Stopping the Extortion Epidemic Isn't Easy
As ransomware continues to slam organizations, a lively debate has ensued about whether ransom payments should be banned in all cases. Attempting to ban ransom payments, however, likely would only make the problem worse.
Innovation and Privacy Enhancements Complicate Law Enforcement Investigations
Cybercrime wouldn't exist as we know it today without there being a multitude of technologies and services that criminals have been able to turn to their advantage, and cryptocurrency is one of the prime examples, especially when it comes to ransomware, darknet markets and money laundering.
'Lawful Access' Means Weak Crypto on Which Anyone Can Eavesdrop - Not Just the Cops
Stop me if you think that you've heard this one before: The U.S., U.K. and some allied governments are continuing to pretend that criminals will get a free pass - and police won't be able to crack cases - so long as individuals and businesses have access to products and services that use strong encryption.
Judge Lauds Plaintiffs' Use of 'Cisco's Technical Documents in an Unaltered Form'
Plaintiffs in the patent infringement case Centripetal Networks v. Cisco Networks won the day thanks to clear testimony and using Cisco's own technical documents in unaltered form. By contrast, the judge slammed Cisco for offering disagreeing witnesses and attempting to focus on old, irrelevant technology.
The latest edition of the ISMG Security Report analyzes cybersecurity firm McAfee's plans to again become a publicly traded company. Also featured: 'Zero trust' strategic insights and an IoT security flaw saga.
Group Allegedly Laundered Cash, Cryptocurrency for Other CybercriminalsA international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network, which helped launder cash and cryptocurrency for other cybercriminals.
Fined $26 Million in Connection With 2018 BreachBritain's Information Commissioner's Office announced this week a dramatic reduction in its fine against British Airways for violating the EU's General Data Protection Regulation. The company will pay a $26 million fine instead of $238 million in a case tied to a 2018 breach.
Joker's Stash Darknet Marketplace Offering Payment Cards Used at Franchise RestaurantsThe Joker's Stash darknet marketplace has posted a fresh collection of 3 million credit cards that are likely related to a breach of the Dickey's Barbecue Pit chain of franchised restaurants, according to Gemini Advisory.
The FDIC has announced a series of steps intended to provide regulatory relief to financial institutions and facilitate recovery in areas of Illinois affected by severe storms, straight-line winds, and tornadoes.
Five federal regulatory agencies encourage financial institutions to work with customers affected by the federal government shutdown.
The FFIEC on Oct. 7 issued a joint statement concerning Microsoft's discontinuation of support for its Windows XP operating system as of April 8, 2014.
The FDIC is clarifying its policy and supervisory approach related to facilitating payment processing services directly, or indirectly through a third party, for merchant customers engaged in higher-risk activities.
The latest edition of the ISMG Security Report analyzes a new report that labels ransomware as the No. 1 cybercrime threat. Also featured: A former FBI agent offers an update on "disruptionware" attacks; how Tesla's autopilot is tricked by phantom images.
The latest edition of the ISMG Security Report analyzes why clothing retailer H&M was hit with a hefty fine for violating the EU's General Data Protection Rule. Also featured: The coming of age of digital identities; deputy CSO at Mastercard on top priorities for 2021.
Analysis Shines Light on Group that Targeted Biden's Campaign OfficesA report from Google's Threat Analysis Group is offering fresh details about the hacking group that targeted Joe Biden's campaign earlier this year with phishing emails. The attacks were linked to a little known hacking group called APT31, which has connections to China.