Latest

►

Digital Identity

Secure Digital Identity in the Age of Coronavirus

Tom Field  •  June 2, 2020

Jeremy Grant has spent more than two decades championing the cause of secure digital identities. But as the COVID-19 pandemic has created a remote workforce of unprecedented scale seemingly overnight, are current approaches to securing the identity management and attestation practice up to the challenge?

Identity & Access Management

Study: Breach Victims Rarely Change Passwords

Akshaya Asokan  •  June 2, 2020

Even after being notified that their personal data has been compromised in a breach, only about a third of users change their passwords - and most are not strong or unique, according to a study by researchers at Carnegie Mellon University, who call for changes in breach notification procedures.

Cybercrime

TrickBot Update Makes Malware Harder to Detect: Report

Ishita Chigilli Palli  •  June 1, 2020

The developers behind TrickBot have updated it to run from an infected device's memory to help better avoid detection, according to researchers at Palo Alto Network's Unit 42. The use of this malware has increased during the COVID-19 pandemic.

Application Security

Researcher Discloses 'Sign in with Apple' Zero-Day Flaw

Doug Olenick  •  June 1, 2020

An independent security researcher disclosed a zero-day vulnerability contained in the "Sign in with Apple" feature that, if exploited, could have resulted in a full account takeover. The vulnerability has been patched, and Apple says it found no account misuse tied to it.

Cybercrime

Top Ransomware Attack Vectors: RDP, Drive-By, Phishing

Mathew J. Schwartz  •  May 29, 2020

Ransomware-wielding attackers are typically breaking into victims' networks using remote desktop protocol access, phishing emails or malware that's sometimes used in drive-by attacks against browsers, experts warn, advising organizations to make sure they have the right defenses in place.

Cybercrime

NSA: Russian Hackers Targeting Vulnerable Email Servers

Akshaya Asokan  •  May 29, 2020

A Russian government-backed hacking group that's been tied to a series of cyberespionage campaigns has been quietly exploiting a critical remote code execution vulnerability in Exim email servers since 2019, the U.S. National Security Agency warns in an alert.

Breach Notification

Capital One Must Turn Over Mandiant's Forensics Report

Jeremy Kirk  •  May 29, 2020

A federal judge has ordered Capital One to turn over a forensics report covering its 2019 data breach, which has been sought by plaintiffs in a class action lawsuit. The report, if it becomes public, could shed light on one of last year's biggest breaches.

Governance & Risk Management

Hackers Breached 6 Unpatched Cisco Internal Servers

Doug Olenick  •  May 29, 2020

Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities. The company did not describe the damage done, saying only that "a limited set of customers" was impacted.

Cybercrime

Revamped Valak Malware Targets Exchange Servers

Ishita Chigilli Palli  •  May 29, 2020

A recently revamped version of the Valak strain of malware is targeting Microsoft Exchange servers in the U.S. and Germany, according to recent research from Cybereason. The malware has been redesigned to act as an information stealer that can extract corporate data.

COVID-19

Analysis: Surge in Attacks Against Banks

Nick Holland  •  May 29, 2020

The latest edition of the ISMG Security Report analyzes why cyberattacks against banks have surged in recent weeks. Plus: The increasingly ruthless tactics of ransomware gangs; cybersecurity strategies for small businesses.

Cybercrime

Ransomware Gangs' Ruthlessness Leads to Bigger Profits

Mathew J. Schwartz  •  May 28, 2020

Ransomware-wielding criminals are growing increasingly ruthless, based on the size of their extortion demands, their increasing propensity to leak data in an attempt to force victims to pay and their greater focus on taking down big targets. These tactics, unfortunately, appear to be working.

COVID-19

'Hack for Hire' Groups Spoof WHO Emails to Steal Data

Akshaya Asokan  •  May 28, 2020

"Hack for hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group.