Latest

Fraud Management & Cybercrime

Ransomware: Beware of 13 Tactics, Tools and Procedures

Mathew J. Schwartz  •  February 26, 2021

Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. More than ever, the onus is on potential victims to ensure they have essential defenses in place - and if possible, to proactively hunt for attackers who may already be inside their network.

Cyberwarfare / Nation-State Attacks

Microsoft Releases Queries for SolarWinds Attack Detection

Prajeet Nair  •  February 26, 2021

Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.

Breach Notification

Analysis: Feds Crack Down on Cryptocurrency Scams

Anna Delaney  •  February 26, 2021

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

Governance & Risk Management

6,000 VMware vCenter Devices Vulnerable to Remote Attacks

Prajeet Nair  •  February 25, 2021

Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware has issued recommendations for patching the flaw.

3rd Party Risk Management

Executive Order Focuses on Supply Chain Risk Management

Scott Ferguson  •  February 25, 2021

In light of the global shortage of semiconductors, President Joe Biden signed an executive order Wednesday requiring a federal review of supply chain risks for these chips. Also to be reviewed: supply chain risks for information and communications technology and the pharmaceutical industry.

Cyberwarfare / Nation-State Attacks

Senate SolarWinds Hearing: 4 Key Issues Raised

Scott Ferguson  •  February 24, 2021

The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.

Endpoint Security

Cybersecurity Agencies Warn of Accellion Vulnerability Exploits

Doug Olenick  •  February 24, 2021

The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.

►

Artificial Intelligence & Machine Learning

Using ID Screening to Fight COVID-19 Economic Relief Fraud

Nick Holland  •  February 24, 2021

High-speed identity screening can play a critical role in cracking down on fraud tied to COVID-19 economic relief efforts without impeding legitimate access to funds, says Dr. Gary Shiffman, CEO of Giant Oak, which offers artificial intelligence technology.

3rd Party Risk Management

Senators Grill Cybersecurity Execs on SolarWinds Attack

Doug Olenick  •  February 23, 2021

The CEOs of SolarWinds, Microsoft, FireEye and CrowdStrike rolled out a series of cybersecurity recommendations to a U.S. Senate panel Tuesday while detailing how foreign actors gained access into their firms' systems as a result of the SolarWinds supply chain attack.

►

Business Continuity Management / Disaster Recovery

Creating a Digital ID to Verify COVID-19 Testing

Nick Holland  •  February 22, 2021

The Good Health Pass Collaborative is developing a road map for digital health passes that international travelers could use to prove they have been tested for COVID-19. Dakota Gruener, executive director of ID2020, which launched the project, describes the effort, including privacy-protection measures.

Breach Notification

Accellion: How Attackers Stole Data and Ransomed Companies

Jeremy Kirk  •  February 22, 2021

Software company Accellion has released preliminary findings around the security incident that stung customers using its 20-year-old File Transfer Appliance. The attackers swiftly stole data from compromised systems, and some of those organizations have subsequently been extorted.

Application Security

SonicWall Was Hacked. Was It Also Extorted?

Jeremy Kirk  •  February 22, 2021

SonicWall was recently attacked via a zero-day flaw in one of its own products. Curiously, SonicWall hasn't said much about the extent and damage of the breach since its announcement. But there are strong indications it may have been targeted by an extortion attempt.