Latest

Business Continuity Management / Disaster Recovery

Is White House Crackdown on Ransomware Having Any Effect?

Mathew J. Schwartz  •  September 17, 2021

The latest edition of the ISMG Security Report features an analysis of the state of the Biden administration's efforts to disrupt ransomware attackers, as well as how a newly patched Apple iMessage flaw was being targeted by Pegasus spyware to effect zero-click exploits.

Business Continuity Management / Disaster Recovery

Is Grief's Threat to Wipe Decryption Key Believable?

Doug Olenick  •  September 16, 2021

Regarding the recent tactical innovation by the Grief ransomware gang that is threatening to wipe a victim's data and decryption key if the victim engages a ransom negotiator, analysts are calling this a desperate ploy to scare a target into paying the ransom demand.

CISO Trainings

Profiles in Leadership: Tim Nedyalkov, Commonwealth Bank

Jeremy Kirk  •  September 16, 2021

Cloud-based services are affecting governance, risk management and compliance practices in Australia, says Tim Nedyalkov, who is a technology information security officer with Commonwealth Bank. He discusses the differences between how managers and practitioners approach the problems.

Access Management

Microsoft Fully Ditches the Password

Doug Olenick  •  September 15, 2021

Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.

Access Management

Travis CI Flaw Exposed Secrets From Public Repositories

Jeremy Kirk  •  September 15, 2021

Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.

3rd Party Risk Management

Top Initial Attack Vectors: Passwords, Bugs, Trickery

Mathew J. Schwartz  •  September 14, 2021

The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.

Application Security

Apple Patched iMessage. But Can It Be Made Safer Overall?

Jeremy Kirk  •  September 14, 2021

Apple patched a software vulnerability on Monday that researchers say was used to deliver spyware via its iMessage platform to the mobile phones of activists. But a few changes to iMessage could make it safer overall for individuals at high risk of surveillance, says an Apple security expert.

►

Access Management

Building AI & ML-Based Capabilities to Respond to Incidents

Geetha Nandikotkur  •  September 13, 2021

As a strategy, organizations need to harness technologies that can provide real-time visibility to threats combined with intelligence-based automated technologies that can help contain the incidents, says Ajay Kumar, regional head of Cyber Security Services, Asia at Crowdstrike.

Critical Infrastructure Security

Bad News: Innovative REvil Ransomware Operation Is Back

Mathew J. Schwartz  •  September 13, 2021

Security experts say the notorious REvil - aka Sodinokibi - ransomware-as-a-service operation, which went dark in July, appears to be back in business. The group's data leak site and payment portal are back online, and one expert says the group appears to have begun amassing new victims.

►

Blockchain & Cryptocurrency

ISMG Editors' Panel: Ransomware Affiliates Seek New Gangs

Anna Delaney  •  September 10, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.

Cybercrime

United Nations Says Attackers Breached Its Systems

Jeremy Kirk  •  September 10, 2021

The United Nations says its networks were accessed by attackers earlier this year, leading to follow-on intrusions. One cybercrime analyst reports that he'd alerted NATO after seeing access credentials for one of its enterprise resource planning software systems for sale via the cybercrime underground.

Critical Infrastructure Security

Ransomware: Hot or Not? Here's Attackers' Ideal Target

Anna Delaney  •  September 10, 2021

The latest edition of the ISMG Security Report features an analysis of the most sought-after type of victim for ransomware-wielding attackers. Also featured: fighting extortion schemes and stress management tips.