Latest

Governance & Risk Management

FBI Removing Web Shells From Infected Exchange Servers

Jeremy Kirk  •  April 14, 2021

In an unprecedented action, the FBI is removing web shells from on-premises Microsoft Exchange servers at organizations in at least eight states that were infected in a wave of attacks earlier this year. Security experts offer an analysis of the bold move that the FBI took without notifying the organizations.

Endpoint Security

State of the Marketplace: A Conversation With Dave DeWalt

Tom Field  •  April 14, 2021

Dave DeWalt, former CEO of FireEye and McAfee, has been appointed vice chair of the board of LogDNA, a log management company, and he’s committed to the popular “shift left” movement. But he’s also got a keen eye on the broader cybersecurity marketplace and shares insights on its seismic changes.

DDoS Protection

Millions of Devices Potentially Vulnerable to DNS Flaws

Doug Olenick  •  April 13, 2021

Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices.

Anti-Phishing, DMARC

A Tale of 3 Data 'Leaks': Clubhouse, LinkedIn, Facebook

Jeremy Kirk , Mathew J. Schwartz  •  April 13, 2021

Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.

Artificial Intelligence & Machine Learning

Microsoft to Buy Nuance Communications for $19.7 Billion

Marianne Kolbasuk McGee  •  April 12, 2021

Microsoft Corp. on Monday announced it will acquire cloud-based speech technology and artificial intelligence vendor Nuance Communications in an all-cash transaction valued at $19.7 billion. The deal is expected to close by the end of this year.

Cyberwarfare / Nation-State Attacks

US Blacklists 7 Chinese Supercomputer Entities

Scott Ferguson  •  April 9, 2021

Citing national security concerns, the U.S. Commerce Department has placed seven Chinese supercomputer organizations on the Entity List, which effectively bars them from receiving supplies or components from U.S. companies.

Cybercrime

Crisis Communications: How to Handle Breach Response

Anna Delaney  •  April 9, 2021

The latest edition of the ISMG Security Report features an analysis of why transparent communication in the aftermath of a data breach pays off. Also featured: Mastercard on digital identity issues; building a more diverse and inclusive cybersecurity workforce.

Identity & Access Management

Death to 'Fluffy': Please Stop With the Pet Name Passwords

Mathew J. Schwartz  •  April 9, 2021

Loving your pet and creating tough-to-crack passwords should remain two distinctly separate activities. Unfortunately, Britain's National Cyber Security Center reports that more than 1 in 6 Brits admit to using the name of a pet as their password. And the problem is global.

Governance & Risk Management

Rockwell Automation Fixes 9 Flaws in FactoryTalk AssetCentre

Prajeet Nair  •  April 8, 2021

Researchers have uncovered nine critical vulnerabilities in Rockwell Automation's FactoryTalk AssetCentre product, which, if exploited, potentially could enable attackers to control an OT network. An updated version of the product mitigates the flaws.

Fraud Management & Cybercrime

Attackers Target Unpatched SAP Applications

Akshaya Asokan  •  April 7, 2021

Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.

Breach Notification

Ransomware Cleanup Costs Scottish Agency $1.1 Million

Mathew J. Schwartz  •  April 6, 2021

How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.

Application Security

FBI and CISA: APT Groups Targeting Government Agencies

Akshaya Asokan  •  April 3, 2021

CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government agencies and companies for cyberespionage.