Ryuk ransom note (Source: Coveware, Malwarebytes)

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Mathew J. Schwartz • March 1, 2021

Prolific Ryuk ransomware has a new trick up its sleeve. "A Ryuk sample with worm-like capabilities - allowing it to spread automatically within networks it infects" was recently discovered during an incident response effort, warns CERT-FR, the French government's computer emergency response team.

COVID-19

Eye Care Practice: Vendor Paid Ransom for Return of Data

Latest

3rd Party Risk Management

Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains

Tom Field • March 1, 2021

Jamil Farshchi has been there. As CISO of Equifax, he knows what it’s like to be a victim of a high-profile cyberattack. And he knows breached companies have a choice: "Are they going to be a force for good by helping the rest of the industry learn from their experience?"

Critical Infrastructure Security

NSA Issues Guidance on 'Zero Trust' Implementation

Akshaya Asokan • February 27, 2021

The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.

3rd Party Risk Management

House SolarWinds Hearing Focuses on Updating Cyber Laws

Scott Ferguson • February 26, 2021

A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.

Fraud Management & Cybercrime

Ransomware: Beware of 13 Tactics, Tools and Procedures

Mathew J. Schwartz • February 26, 2021

Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. More than ever, the onus is on potential victims to ensure they have essential defenses in place - and if possible, to proactively hunt for attackers who may already be inside their network.

Cyberwarfare / Nation-State Attacks

Microsoft Releases Queries for SolarWinds Attack Detection

Prajeet Nair • February 26, 2021

Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.

Fraud Management & Cybercrime

DHS to Provide $25 Million More for Cybersecurity Grants

Doug Olenick • February 26, 2021

The U.S. Department of Homeland Security will provide an additional $25 million in grants to state and local cybersecurity preparedness programs with a particular focus on combatting ransomware, Secretary Alejandro Mayorkas announced Thursday.

Breach Notification

Analysis: Feds Crack Down on Cryptocurrency Scams

Anna Delaney • February 26, 2021

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

Governance & Risk Management

6,000 VMware vCenter Devices Vulnerable to Remote Attacks

Prajeet Nair • February 25, 2021

Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware has issued recommendations for patching the flaw.

3rd Party Risk Management

Executive Order Focuses on Supply Chain Risk Management

Scott Ferguson • February 25, 2021

In light of the global shortage of semiconductors, President Joe Biden signed an executive order Wednesday requiring a federal review of supply chain risks for these chips. Also to be reviewed: supply chain risks for information and communications technology and the pharmaceutical industry.

Cyberwarfare / Nation-State Attacks

Senate SolarWinds Hearing: 4 Key Issues Raised

Scott Ferguson • February 24, 2021

The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.

Endpoint Security

Cybersecurity Agencies Warn of Accellion Vulnerability Exploits

Doug Olenick • February 24, 2021

The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.

Artificial Intelligence & Machine Learning

Using ID Screening to Fight COVID-19 Economic Relief Fraud

Nick Holland • February 24, 2021

High-speed identity screening can play a critical role in cracking down on fraud tied to COVID-19 economic relief efforts without impeding legitimate access to funds, says Dr. Gary Shiffman, CEO of Giant Oak, which offers artificial intelligence technology.