HHS Seeking Input on Improving Security Risk Analysis Tool

Marianne Kolbasuk McGee • July 23, 2021

The Department of Health and Human Services is seeking comments on how it can improve its security risk assessment tool, which is designed to help smaller organizations conduct assessments as required under HIPAA. Some critics have said the tool is too difficult to use.

Critical Infrastructure Security

Alert for Ransomware Attack Victims: Here's How to Respond

Business Continuity Management / Disaster Recovery

Kaseya Obtains Decryption Tool After REvil Ransomware Hit

US: Chinese Government Waged Microsoft Exchange Attacks

Latest

Endpoint Security

Congress Focuses on Industrial Control System Security

Scott Ferguson • July 23, 2021

A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure.

Cyberwarfare / Nation-State Attacks

ISMG Editors’ Panel: Examining the Pegasus Project

Anna Delaney • July 23, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.

Business Continuity Management / Disaster Recovery

Resiliency Is Key to Surviving a CDN Outage

Doug Olenick • July 23, 2021

A short-lived outage at the content delivery network supplier Akamai on Thursday which briefly knocked offline many corporate websites, is another indicator that companies need resiliency built into their systems. That means they should avoid relying on just one CDN provider, security experts say.

Application Security

Analysis: Implications of the Pegasus Spyware Investigation

Anna Delaney • July 23, 2021

This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.

Governance & Risk Management

Patch Roundup: Windows, Linux, Oracle, Juniper

Prajeet Nair • July 22, 2021

A patch is forthcoming for a privilege escalation vulnerability in the Windows operating system that can allow hackers to gain a foothold. Meanwhile, Linux OS users also need to adopt system upgrades to fix a flaw, and Oracle and Juniper have announced product patches.

Fraud Management & Cybercrime

Has REvil Disbanded? White House Says It Doesn't Know

Mathew J. Schwartz • July 22, 2021

What's up with REvil? Questions have been mounting since the notorious ransomware operation went quiet on July 13, not long after unleashing a mega-attack via remote management software vendor Kaseya's software. The Biden administration has welcomed REvil's online shutdown but says it doesn't know the cause.

Application Security

NIST Publishes 'Critical Software' Security Guidance

Dan Gunderman • July 21, 2021

New guidance from the National Institute of Standards and Technology spells out security measures for "critical software" used by federal agencies and minimum standards for testing its source code. The best practices could be a model for the private sector as well.

Cyberwarfare / Nation-State Attacks

Spyware Zero-Day Hits Show Apple Ecosystem's Imperfections

Mathew J. Schwartz • July 21, 2021

Following revelations that commercial spyware vendor NSO Group was able to exploit the latest model of the Apple iPhone to install surveillance software, experts describe how Apple could be doing more to lock down its iOS mobile operating system as well as curtail attacks by making them much costlier to run.

Business Email Compromise (BEC)

Microsoft Disrupts Business Email Compromise Domains

Doug Olenick • July 21, 2021

Microsoft has announced the takedown of 17 domains that an unnamed threat group operating out of West Africa used to host fake Microsoft websites when conducting business email compromise attacks.

Fraud Management & Cybercrime

Incident Response: Why Persistence Is Vital

Anna Delaney • July 21, 2021

Marcus Christian, a former executive assistant U.S. attorney, implores businesses to not immediately abandon their incident response plans once it appears a suspected incident is resolved.

Network Detection & Response

Cybereason, Rapid7 and Microsoft Announce Acquisitions

Doug Olenick • July 21, 2021

Cybereason, Rapid7 and Microsoft announced acquisitions this week designed to boost their security capabilities. Meanwhile, DevOps security firm Sysdig made a move to add infrastructure-as-code security to its portfolio.

Cyberwarfare / Nation-State Attacks

World Leaders Included on Alleged Spyware Targeting List

Mathew J. Schwartz • July 21, 2021

Can NSO Group and other commercial spyware vendors survive the latest revelations into how their tools get used? The Israeli firm is again being accused of selling spyware to repressive regimes, facilitating the surveillance of journalists, political opponents, business executives and even world leaders.