Author Archives: BankInfoSecurity.com RSS Syndication

100,000 Windows Devices Still Exposed to SMBGhost Flaw

COVID-19 Distractions May Have Delayed Patching, Experts Say
Almost eight months after Microsoft warned of a critical vulnerability in Windows called SMBGhost, more than 100,000 unpatched devices remain vulnerable, according to security researchers. The COVID-19 pandemic and ensuing rush to move workers into home offices may have led to delays in applying the fix.

COVID-19 Update: ‘We’re in a Bad Place’

Pandemic Expert Regina Phelps on What to Expect Headed Into Flu Season
COVID-19 infections are hitting new daily highs in the U.S., and some European countries are re-imposing restrictions. Plus, the flu season is just around the corner. "We're in a bad place," says pandemic expert Regina Phelps, who shares insights on pandemic trends and response.

Cloud Pak for Security

Cloud Pak for Security

Digital transformation is accelerating. Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets.

This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to:

  • Gain insights without moving your data;
  • Respond faster to secuirty incidents with automation and investigative capabilities;
  • Run anywhere, connect security openly.

Sizing Up Activities of North Korea’s Kimsuky APT Group

Alert From CISA, FBI Describes Espionage Campaigns
The U.S. Cybersecurity and Infrastructure Security Agency and the FBI have issued an alert providing details on the activities of a North Korean hacking group dubbed Kimsuky. The group, which has primarily focused on South Korean targets, has also conducted espionage campaigns in the U.S. and Japan.

Analysis: The Security of 5G Devices, Networks

Security Experts Outline Their Concerns
So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security.

Sizing Up Nation-State Cyberthreats to the US Election

Digital Shadows: Disinformation, Ransomware, Phishing Attacks Prevail
Online disinformation campaigns by nation-state actors are the biggest cyberthreat to the U.S. election as hackers attempt to influence final vote tallies as a way to undermine confidence, according to a Digital Shadows report. Russian hackers are most active, followed by Iran and China.

New Online Platform Coordinates IoT Bug Reports

VulnerableThings.com Seeks to Improve Bug Reporting for Connected Devices
A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices. The IoT Security Foundation and Oxford Information Labs say the platform could help vendors comply with new IoT regulations and standards.

Insider Sentenced for Sabotaging PPE Shipments

Prosecutors: Actions Disrupted Deliveries of Critical Supplies During Pandemic
A former vice president of a personal protective equipment packaging firm has been sentenced to prison and ordered to pay restitution for sabotaging the company's electronic shipping records during the COVID-19 pandemic - causing delays in deliveries - after he was terminated from his job.

US Treasury Sanctions Russian Entity Over Triton Malware

Officials Have Also Slapped Sanctions on Iran Over Disinformation
The Treasury Department has issued sanctions against a Russian research institute that U.S. officials now claim helped deploy Triton, a destructive malware designed to damage industrial control systems. The announcement follows other economic penalties levied against Iran in the same week.

Elite Russian Sandworm Hackers’ Epic OPSEC Problem

US Indictment Airs Russian Military and Operators' Dirty Laundry
An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?

US Officials Blame Election Data Theft on Russian APT Group

'Berserk Bear' Hacking Team Known for 'Gaining Footholds in Critical Infrastructure'
U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September, and stolen data. So far, however, the attackers do not appear to have attempted to otherwise interfere with or disrupt those networks.

Microsoft Continues Trickbot Crackdown

But Some Researchers Say Botnet's Operators Using Workarounds to Restore Activity
Microsoft and its partners are continuing to put pressure on the Trickbot malware operation, eliminating an estimated 94% of its infrastructure. But some security researchers warn that the botnet's operators are developing workarounds to re-establish its infrastructure, enabling the group to resume its activities.

Home Loan Trading Platform Exposes Mortgage Documentation

Atlanta-Based Maxex Left Software Development Platform Open
Maxex, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.

Bitcoin ‘Mixer’ Fined $60 Million

FinCEN: Helix and Coin Ninja Sites Violated Anti-Money Laundering Laws
The Treasury Department has fined the owner of two bitcoin "mixing" sites $60 million for violating anti-money laundering laws. It's the first time the department's Financial Crimes Enforcement Network has issued a civil monetary penalty against the operator of a cryptocurrency site.

Tom Kellermann on the Price of Digital Transformation

Analysis of Latest Global Incident Response Threat Report
VMware Carbon Black is out with its latest Global Incident Response Threat Report, which describes "the perfect storm" for increasingly sophisticated attacks heading into 2021. Cybersecurity strategist Tom Kellermann discusses what that means - and how these trends should inform our defensive strategies.

6 Takeaways: Russian Spies Accused of Destructive Hacking

Experts Say Day of Reckoning Overdue; How Might Moscow Respond?
U.S. officials have accused the Russian government of behaving "maliciously or irresponsibly" by taking steps such as crashing Ukraine power grids in the dead of winter and causing more than $10 billion in damages via NotPetya malware. But why make the accusations now? And how might Moscow respond?

Cybersecurity’s Inconvenient Truth: The Nation-State Threat

Curry, Kellermann and King on Why You Should Be Outraged by Adversaries' Cyber Assaults
Has the nation-state threat become like the weather - something everyone talks about, but no one can do anything about? It's time for a strategic change. A panel of experts offers a frank discussion of nation-state actors, their ongoing intrusions and what "taking off the gloves" might look like.

6 Russians Indicted for Destructive NotPeyta Attacks

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More
The U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying destructive NotPetya malware - tied to more than $10 billion in damages - and attacking the 2018 Olympics.

6 Russians Indicted for NotPeyta Campaign, Other Attacks

DOJ: Russian GRU Officers Targeted 2018 Olympics, French Elections and More
The U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying NotPetya ransomware - causing over $10 billion in damages - and attacking the 2018 Olympics.

Sensitive Voicemail Transcripts Exposed

Researcher Finds Unsecure Elasticsearch Database Cluster Accessible via the Internet
A security researcher recently discovered an unsecure Elasticsearch database cluster exposed on the internet that contained transcripts of sensitive voicemail messages, including some for medical clinics and financial service companies.

Instagram Investigated for Exposure of Minors’ Details

Probe Will Determine Whether Facebook, Instagram's Owner, Violated GDPR
Ireland's Data Protection Commissioner has launched an investigation into whether Facebook's Instagram service improperly displayed the email addresses and phone numbers of minors on its platform. Facebook, Instagram's owner, could face a GDPR fine if it's found to have violated privacy requirements.

‘Active Threat’ Warning: Patch Serious SharePoint Flaw Now

SharePoint Remains Top Hacker Target, UK's National Cyber Security Centre Warns
Security experts are urging organizations to patch a newly revealed, serious flaw in Microsoft SharePoint as quickly as possible, especially because proof-of-concept exploit code is already available. The U.K.'s National Cyber Security Centre warns that hackers frequently target fresh SharePoint flaws.

Criminals Still Going Crazy for Cryptocurrency

Innovation and Privacy Enhancements Complicate Law Enforcement Investigations
Cybercrime wouldn't exist as we know it today without there being a multitude of technologies and services that criminals have been able to turn to their advantage, and cryptocurrency is one of the prime examples, especially when it comes to ransomware, darknet markets and money laundering.

Strong Crypto Again the Target of Western Governments

'Lawful Access' Means Weak Crypto on Which Anyone Can Eavesdrop - Not Just the Cops
Stop me if you think that you've heard this one before: The U.S., U.K. and some allied governments are continuing to pretend that criminals will get a free pass - and police won't be able to crack cases - so long as individuals and businesses have access to products and services that use strong encryption.

Star Witness in Case Against Cisco: Its Own Documents

Judge Lauds Plaintiffs' Use of 'Cisco's Technical Documents in an Unaltered Form'
Plaintiffs in the patent infringement case Centripetal Networks v. Cisco Networks won the day thanks to clear testimony and using Cisco's own technical documents in unaltered form. By contrast, the judge slammed Cisco for offering disagreeing witnesses and attempting to focus on old, irrelevant technology.