Cybersecurity researchers say a Chinese for-profit threat group tracked as 8220 Gang is targeting cloud providers and poorly secured applications with a custom-built crypto miner and IRC bot. The malware can slow system performance, drive up costs and expose systems to security risks.
Optiv has gone beyond examining log data and classic managed security services work to pursue threats across a broader swath of structured and unstructured data. The company has focused on finding threats outside of a log environment by examining system-to-system interfaces and transactional data.
In the latest weekly update, ISMG editors discuss why being a CISO is like being the first family doctor in a small village, why you can't trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt from Morgan Stanley to fuel its SASE offering.
Security appliances are targets for sophisticated threat actors who take advantage of devices' limited configuration and logging features, as well as their incompatibility with endpoint detection and response. Suspected Chinese hackers took advantage of a Fortinet zero-day to implant a backdoor.
Competition between rival Russian-language darknet markets remains fierce since police shuttered Hydra last year. The latest to fall dark is Solaris, which controlled an estimated 25% of the darknet drug trade. It got hacked by newcomer rival Kraken. But that wasn't Solaris' only problem.
eSentire has used the $325 million it received in February to leverage data from its Atlas XDR platform and strengthen customers' positions around cyber resiliency. The Kitchener, Canada-based company has shifted its focus from alerts and data to business worries and business risk.
Contractors for the Federal Aviation Administration who attempted to correct a database synchronization issue ended up causing an hourslong outage to a key flight safety system, says the agency. No evidence exists that hackers caused the Jan. 11 airspace snafu.
T-Mobile disclosed Thursday that hackers had access for approximately six weeks to an application programming interface that exposed customer data including names, birthdates and email addresses. No payment information or passwords were part of the breach, the company said.
Cryptocurrency wallet BitKeep says it will compensate victims of a December 2022 hack that cost the users $8 million. The wallet says it will pay victims in USDT stablecoin to counter asset fluctuation. This isn't the first time BitKeep has made customers whole following a hack.
Vulnerability management issues are a common problem for many healthcare entities and can become an even bigger concern when unremediated issues are left to linger for years. That appears to be the case at some VA medical facilities, according to a report from the Office of Inspector General.
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
RiskRecon recently studied the impact of destructive ransomware incidents and the unique tie between ransomware susceptibility and an organization's cybersecurity posture. Kelly White of RiskRecon discusses the findings and how to use them to help secure the digital supply chain.
Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.