July, 2021

When Ransomware Comes to (Your) Town

Dark Reading

While steps for defending against a ransomware attack vary based on the size of the government entity and the resources available to each one, rooting out ransomware ultimately will come down to two things: system architecture and partnerships

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

When millions of people around the world were sent home to work at the onset of the global COVD-19 pandemic, they left behind not only empty offices but also a host of Internet of Things (IoT) devices – from smartwatches to networked printers – that were still connected to corporate networks and cranking away.

IoT 113
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Congress Focuses on Industrial Control System Security

Data Breach Today

Senate Bill Would Require CISA to Identify and Respond to ICS Threats A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure

The Life Cycle of a Breached Database

Krebs on Security

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals.

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

ROUNDTABLE: Kaseya hack exacerbates worrisome supply-chain, ransomware exposures

The Last Watchdog

It was bound to happen: a supply-chain compromise, ala SolarWinds, has been combined with a ransomware assault, akin to Colonial Pipeline, with devasting implications. Related: The targeting of supply chains. Last Friday, July 2, in a matter of a few minutes, a Russian hacking collective, known as REvil, distributed leading-edge ransomware to thousands of small- and mid-sized businesses (SMBs) across the planet — and succeeded in locking out critical systems in at least 1,500 of them.

More Trending

De-anonymization Story

Schneier on Security

Holes in Linux Kernel Could Pose Problems for Red Hat, Ubuntu, Other Distros

eSecurity Planet

A pair of vulnerabilities in the Linux kernel disclosed this week expose major Linux operating systems that could let a hacker either gain root privileges on a compromised host or shut down the entire OS altogether.

Ransomware: Average Ransom Payment Drops to $137,000

Data Breach Today

Fewer Victims Paying Attackers Simply to Delete Stolen Data, Coveware Reports Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware.

Serial Swatter Who Caused Death Gets Five Years in Prison

Krebs on Security

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.

Assess and Advance Your Organization’s DevSecOps Practices

In this white paper, a DevSecOps maturity model is laid out for technical leaders to use to enable their organizations to stay competitive in the digital economy.

SHARED INTEL: ‘Credential stuffers’ leverage enduring flaws to prey on video game industry

The Last Watchdog

The video game industry saw massive growth in 2020; nothing like a global pandemic to drive people to spend more time than ever gaming. Related: Credential stuffers exploit Covid 19 pandemic. Now comes a report from Akamai detailing the extent to which cyber criminals preyed on this development. The video game industry withstood nearly 11 billion credential stuffing attacks in 2020, a 224 percent spike over 2019.

LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains

Security Affairs

A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0

Disrupting Ransomware by Disrupting Bitcoin

Schneier on Security

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons.

LemonDuck Shows Malware Can Evolve, Putting Linux and Microsoft at Risk

eSecurity Planet

The LemonDuck malware that for the past couple of years has been known for its cryptocurrency mining and botnet capabilities is evolving into a much broader threat, moving into new areas of cyber attacks, targeting both Linux and Microsoft systems and expanding its geographical reach, according to security researchers with Microsoft.

Mining 112

A Recruiter’s Guide To Hiring In 2021

With vaccination rates rising, consumers spending more money, and people returning to offices, the job market is going through a period of unprecedented adjustment. As the New York Times observed, “It’s a weird moment for the American economy.” And recruiting professionals are caught in the middle. To make the most of this disruption, you need to understand the economic drivers, develop a strong strategy for unearthing valuable talent, and use the latest tech tools to get the job done. Read this guide to get your recruiting practice ready to thrive in the new normal.

Kaseya Says It Did Not Pay Ransom to Obtain Universal Decryptor

Data Breach Today

Software Firm Continues Helping Ransomware Victims to Recover Remote management software company Kaseya said Monday that it obtained a universal decryptor key without paying a ransom to the REvil - aka Sodinokibi - gang that hit the firm with a ransomware attack.

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Krebs on Security

Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they’d had proper data backups.

NEW TECH: How the emailing of verified company logos actually stands to fortify cybersecurity

The Last Watchdog

Google’s addition to Gmail of something called Verified Mark Certificates (VMCs) is a very big deal in the arcane world of online marketing. Related: Dangers of weaponized email. This happened rather quietly as Google announced the official launch of VMCs in a blog post on July 12. Henceforth companies will be able to insert their trademarked logos in Gmail’s avatar slot; many marketers can’t wait to distribute email carrying certified logos to billions of inboxes.

CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines

Security Affairs

Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines.

Make Payment Optimization a Part of Your Core Payment Strategy

Everything you need to know about payment optimization – an easy-to-integrate, PCI-compliant solution that enables companies to take control of their PSPs, minimize processing costs, maximize approval rates, and keep control over their payments data.

NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists.

A New Kind of Ransomware Tsunami Hits Hundreds of Companies

WIRED Threat Level

An apparent supply chain attack exploited Kaseya's IT management software to encrypt a "monumental" number of victims all at once. Security Security / Security News

Mercenary Hacking Group Deploys Android Malware

Data Breach Today

StrongPity Campaign Targeted Syrian E-Governance Website Hack-for-hire group StrongPity deployed Android malware to target Syria's e-government site visitors as part of its latest cyberespionage campaign, a new report by security firm Trend Micro details

Another 0-Day Looms for Many Western Digital Users

Krebs on Security

Some of Western Digital’s MyCloud-based data storage devices. Image: WD.

Cloud 238

Address the Challenges of Siloed Monitoring Tools

Companies frequently experience monitoring tool sprawl. Find out why monitoring tool sprawl occurs, why it’s a problem for businesses, and the positive business impacts of monitoring tool consolidation.

NEW TECH: DigiCert Document Signing Manager leverages PKI to advance electronic signatures

The Last Watchdog

Most of us, by now, take electronic signatures for granted. Related: Why PKI will endure as the Internet’s secure core. Popular services, like DocuSign and Adobe Sign, have established themselves as convenient, familiar tools to conduct daily commerce, exclusively online. Yet electronic signatures do have their security limitations.

Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics

Security Affairs

Japanese researchers spotted an Olympics-themed wiper targeting Japanese users ahead of the 2021 Tokyo Olympics.

Vulnerability in the Kaspersky Password Manager

Schneier on Security

A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems.

Biden Puts a $10M Bounty on Foreign Hackers

WIRED Threat Level

Plus: REvil goes dark, spyware runs amok, and more of the week's top security news. Security Security / Security News

Reaching Unreachable Candidates

Speaker: Patrick Dempsey and Andrew Erpelding of ZoomInfo

What is ZoomInfo for Recruiters? Find and connect with the right talent to fill roles fast with more data, basic search, advanced search, candidate and company profiles, and export results. Watch this On-Demand Webinar today to see how ZoomInfo for Recruiters can work to get your talented candidates results.

Alert for Ransomware Attack Victims: Here's How to Respond

Data Breach Today

As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

Financial services giant Intuit this week informed 1.4

Black Hat insights: How Sonrai Security uses graph analytics to visualize, mitigate cloud exposures

The Last Watchdog

Modern civilization revolves around inextricably intertwined relationships. This is why our financial markets rise and fall in lock step; why climate change is accelerating; and why a novel virus can so swiftly and pervasively encircle the planet. Related: What it will take to truly secure data lakes. Complex relationships also come into play when it comes to operating modern business networks. A lack of understanding of these relationships is a big reason why cloud breaches happen.