Two lawsuits allege UC San Diego Health security failures led to a breach found in 2021 involving a 2020 phishing incident.

Lawsuits: Negligence Led to UC San Diego Health Incident

Marianne Kolbasuk McGee • September 24, 2021

Two proposed class action lawsuits filed this week in a California federal court allege negligence and a variety of other claims against UC San Diego Health in the wake of a phishing incident that affected nearly 496,000 individuals.

Critical Infrastructure Security

HHS OCR's Latest HIPAA Enforcement Action

Latest

Critical Infrastructure Security

REvil Ransomware Group's Latest Victim: Its Own Affiliates

Mathew J. Schwartz • September 25, 2021

Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.

3rd Party Risk Management

ISMG Editors’ Panel: The Rise of Quadruple Extortion Attacks

Anna Delaney • September 24, 2021

Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.

Business Continuity Management / Disaster Recovery

Ransomware Updates: Conti Attacks Rise, New Players Surface

Anna Delaney • September 24, 2021

The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.

Governance & Risk Management

Applying Critical, Systems and Design Thinking to Security

Steve King • September 24, 2021

Brian Barnier, a director of analytics who is developing a course on critical and design thinking in cybersecurity for CyberEd.io, is a firm believer in the importance of critical thinking today. He discusses how that, plus systems and design thinking, can improve the way cybersecurity functions.

Critical Infrastructure Security

Senators Debate Cyber Rules for US Critical Infrastructure

Scott Ferguson • September 23, 2021

As the Senate Homeland Security Committee considers new cyber rules and regulations for U.S. critical infrastructure, lawmakers heard testimony from CISA's Jen Easterly and National Cyber Director Chris Inglis on Thursday in support of these measures, which include updates to FISMA.

3rd Party Risk Management

US DHS, FBI Face Ransomware Questions from Congress

Dan Gunderman • September 22, 2021

U.S. FBI and Department of Homeland Security leaders fielded several cybersecurity questions from House lawmakers Wednesday, particularly around the surge in ransomware attacks, diplomatic efforts to curb ransomware's financial model, and the nation-states that harbor cybercriminals.

Anti-Phishing, DMARC

Microsoft Analyzes Phishing-as-a-Service Operation

Doug Olenick • September 22, 2021

Microsoft Security on Tuesday issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription all the tools needed to conduct a campaign. The gang remains operational.

3rd Party Risk Management

Russian-Linked Group Using Secondary Backdoor Against Targets

Scott Ferguson • September 22, 2021

A Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed, Cisco Talos report. Victims include U.S., German and Afghan organizations.

Critical Infrastructure Security

FBI Director Questioned Over Kaseya Decryption Key

Scott Ferguson • September 21, 2021

FBI Director Christopher Wray faced questions during a Senate hearing Tuesday concerning a published report that the bureau for almost three weeks withheld a decryption key that agents obtained from the ransomware gang that targeted software firm Kaseya.

Critical Infrastructure Security

US to Unveil Sanctions on Use of Cryptocurrency for Ransoms

Dan Gunderman • September 20, 2021

The Biden administration may soon unveil plans to curtail the ransomware attacks that have crippled corporate networks this year. According to a report from The Wall Street Journal, the Treasury Department will announce sanctions and similar guidance designed to disrupt the ransomware model.

3rd Party Risk Management

US Warns Nation-State Groups May Exploit Flaw in Zoho Tool

Scott Ferguson • September 17, 2021

CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.

Critical Infrastructure Security

Good News: REvil Ransomware Victims Get Free Decryptor

Mathew J. Schwartz • September 17, 2021

Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt their files for free, thanks to a decryptor released by security firm Bitdefender.