Latest

Cybercrime

Chinese APT Backdoor Bypasses Indonesian Antivirus

Jayant Chakravarti  •  June 2, 2023

A Chinese espionage threat group is using a novel backdoor to bypass popular Indonesian antivirus tool Smadav. Targets include European embassies in Southeast and East Asia. Smadav treats processes with no windows as suspect. The APT gets around that by opening a window not visible to users.

HIPAA/HITECH

Mistrial in Criminal HIPAA Case Against Army Doctor & Spouse

Marianne Kolbasuk McGee  •  June 2, 2023

A federal judge declared a mistrial in the criminal HIPAA conspiracy case against a married couple, both doctors, after the jury deadlocked on whether the two had been entrapped by the U.S. government into providing patient records to a supposed Russian operative. Prosecutors will seek a retrial.

►

Leadership & Executive Communication

Integrating a People-Centric Security Culture at Microsoft

Rashmi Ramesh  •  June 2, 2023

Enterprise cybersecurity is no longer just about a siloed team of professionals securing the firm's systems and servers. Security has evolved into a key business consideration with people at its core, according to Suraj Jayaraman, Microsoft's director of cloud security architecture.

Governance & Risk Management

Pentagon to Pay Starlink for Ukraine's Satellite Broadband

Mathew J. Schwartz  •  June 2, 2023

The U.S. Department of Defense says it will pay for Starlink satellite broadband access for Ukraine as it battles Russia's all-out invasion. Military experts say Starlink remains essential for supporting Ukraine's battlefield communications, including drone reconnaissance.

►

Leadership & Executive Communication

ISMG Editors: Why Communications Skills Matter for CISOs

Anna Delaney  •  June 2, 2023

In the latest weekly update, ISMG editors discuss why communication is vital to be an effective CISO in 2023, how the hack of Florida-based dental insurer MCNA affects nearly 9 million people, and how CyberArk is securing privileged users with a new browser.

Endpoint Protection Platforms (EPP)

SentinelOne Lays Off 5% of Staff as Data Consumption Tumbles

Michael Novinson  •  June 1, 2023

SentinelOne plans to ax approximately 105 workers after a significant drop in data usage for products with consumption-based pricing caused revenue to fall short of expectations. The company revealed plans to reduce its staff by 5% to remain on track with achieving non-GAAP profitability next year.

Endpoint Security

Kaspersky Discloses Apple Zero-Click Malware

Akshaya Asokan  •  June 1, 2023

Russian cybersecurity firm Kaspersky disclosed iOS zero-click malware on the same day the Kremlin claimed it had uncovered a U.S. intelligence smartphone spy campaign. "We have never worked with any government to insert a backdoor into any Apple product and never will," an Apple spokesperson said.

Fraud Management & Cybercrime

After Ransomware Attack, Oakland Faces Data Breach Lawsuit

Mathew J. Schwartz  •  June 1, 2023

A flurry of legal complaints and a lawsuit have been filed against the city of Oakland, California, after it fell victim to a ransomware attack. The Play group claimed credit for the attack and posted some of stolen information, which includes personal details, ID numbers and health information.

Fraud Management & Cybercrime

Breach Roundup: Amazon Settles US FTC Investigations

Prajeet Nair  •  June 1, 2023

This week: Amazon settled privacy and cybersecurity investigations with the U.S. FTC, SAS received a $3 million extortion demand and apparently Ukrainian hacktivists penetrated Russia's Skolkovo Foundation. Plus, breaches at Onix Group and Toyota and a warning about Salesforce "ghost sites."

Blockchain & Cryptocurrency

Cryptohack Roundup: Hacker Yields Control of Tornado Cash

Rashmi Ramesh  •  June 1, 2023

In the days between May 26 and June 1, Tornado Cash validators regained control, Tron patched a bug that could be exploited for $500 million, Binance said it will delist privacy coins in four European countries, Coinbase settled insider trading charges and Hong Kong police joined the metaverse.

Artificial Intelligence & Machine Learning

AI Tech Execs Put AI on Par With Nukes for Extinction Risk

David Perera  •  May 31, 2023

Artificial intelligence poses a global risk of extinction tantamount to nuclear war and pandemics, say a who's who of artificial intelligence executives in an open letter that evokes danger without suggesting how to mitigate it. Among the signatories are Sam Altman and Geoffrey Hinton.

Artificial Intelligence & Machine Learning

Cisco Buys Armorblox to Bring Generative AI to Its Portfolio

Michael Novinson  •  May 31, 2023

Cisco plans to make its third tuck-in cybersecurity acquisition of 2023 to protect email, cloud office applications and enterprise communications through natural language understanding. Cisco will take advantage of Armorblox's predictive and generative AI to help customers bolster their security.