Latest

Cybercrime

Ryuk Ransomware Delivered Using Malware-as-a-Service Tool

Prajeet Nair  •  October 28, 2020

The operators behind the Ryuk strain of malware are increasingly relying on a malware-as-a-service tool - the Buer loader - to deliver the malware, rather than botnets such as Trickbot and Emotet, the security firm Sophos reports.

Encryption & Key Management

Analysis: The Security of 5G Devices, Networks

Doug Olenick  •  October 28, 2020

So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security.

►

COVID-19

CISOs' Pandemic Challenge: More Disruption, Less Budget

Mathew J. Schwartz  •  October 28, 2020

The imperative for CISOs during the COVID-19 pandemic is to do more with less. While disruptive attacks - as well as privacy concerns - keep rising, budgets are down. As organizations rapidly adopt new technologies, however, EY's Kris Lovejoy says CISOs must seize the opportunity to streamline.

►

Standards, Regulations & Compliance

Advice on International Compliance With US Laws

Suparna Goswami  •  October 27, 2020

Even if a company has no operations in the U.S., it should follow the compliance guidance offered by the U.S. Department of Justice in June, says Benjamin Haley, partner at Covington & Burling LLP, an international law firm.

Endpoint Security

New Online Platform Coordinates IoT Bug Reports

Jeremy Kirk  •  October 27, 2020

A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices. The IoT Security Foundation and Oxford Information Labs say the platform could help vendors comply with new IoT regulations and standards.

Cybercrime

Even in Test Mode, New Mirai Variant Infecting IoT Devices

Doug Olenick  •  October 26, 2020

A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab.

Blockchain & Cryptocurrency

KashmirBlack Botnet Targets Content Management Systems

Prajeet Nair  •  October 26, 2020

Security researchers at Imperva have uncovered a botnet that attacks vulnerabilities in websites' underlying content management systems and then uses these compromised servers to mine for cryptocurrency or send spam to more victims.

Fraud Management & Cybercrime

Phishing Campaign Mimics Microsoft Teams Alerts

Chinmay Rautmare  •  October 23, 2020

Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials.

Forensics

LockBit Ransomware Uses Automation Tools to Pick Targets

Prajeet Nair  •  October 23, 2020

The operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also assist in picking specific targets, according to Sophos.

Critical Infrastructure Security

Analysis: The Significance of Russian Hackers' Indictment

Anna Delaney  •  October 23, 2020

The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.

Breach Notification

Indian Pharmaceutical Company Investigates Security Incident

Prajeet Nair  •  October 22, 2020

Dr. Reddy's Laboratories, a multinational pharmaceutical company based in India that's testing a COVID-19 vaccine, says it isolated its data center services Thursday following what it calls a "detected cyberattack."

Cyberwarfare / Nation-State Attacks

Elite Russian Sandworm Hackers' Epic OPSEC Problem

Mathew J. Schwartz  •  October 22, 2020

An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?