Latest

►

Cybercrime

How Russia's Ukraine War Disrupted the Cybercrime Ecosystem

Mathew J. Schwartz  •  March 20, 2023

Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.

Cyberwarfare / Nation-State Attacks

It's Raining Zero-Days in Cyberspace

Mihir Bagwe  •  March 20, 2023

Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.

3rd Party Risk Management

Hitachi Energy Latest Victim of Clop GoAnywhere Attacks

Prajeet Nair  •  March 18, 2023

Hitachi Energy joined the ranks of victims hit by the Clop ransomware group, which has exploited a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT. Clop claimed responsibility for the hack, which compromised networks used by 130 different organizations.

Fraud Management & Cybercrime

Breach Roundup: Med Devices, Hospitals and a Death Registry

Mihir Bagwe  •  March 16, 2023

In this week's data breach roundup: medical device manufacturer Zoll, CHU University hospitals, Australian company Latitude Financial, Hawaiian death registry, Los Angeles Housing Authority, Indian Railway ticketing app, updates on U.S. Marshals Service and Congress, and a new ransomware decryptor!

Endpoint Security

Microsoft, CrowdStrike Lead Endpoint Protection Gartner MQ

Michael Novinson  •  March 16, 2023

Microsoft and CrowdStrike once again dominate Gartner's Magic Quadrant for Endpoint Protection. Cybereason has risen to the leaders quadrant and Trellix has fallen to a niche player. The endpoint protection market has rapidly matured in recent years - 50% of organizations have already adopted EDR.

Blockchain & Cryptocurrency

Cryptohack Roundup: ChipMixer, Euler Finance, Unpatched Bugs

Rashmi Ramesh  •  March 16, 2023

Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 10 and 16: a ChipMixer takedown, Euler Finance and Poolz Finance hacks, bugs on 280 blockchains, Dero coin, and a report from the Financial Action Task Force on ransomware financing.

Cyberwarfare / Nation-State Attacks

Microsoft Fixes Russia-Exploited Zero-Day

Prajeet Nair  •  March 15, 2023

Microsoft's March dump of patches fixes two actively exploited zero-day vulnerabilities, including a critical issue in Outlook that Russian threat actor APT28 has used to target European companies. The vulnerability can be exploited before a user views the email in the Preview Pane.

3rd Party Risk Management

CISA Alert: 4-Year-Old Software Bug Exploited at US Agency

Cal Harrison  •  March 15, 2023

U.S. cybersecurity officials on Thursday issued an alert about a 4-year-old software vulnerability that has been exploited by hackers, including one APT group, in a federal civilian agency. Users are advised to immediately apply the software patch to the Progress Telerik UI for ASP.NET AJAX.

Fraud Management & Cybercrime

MKS Instruments Ransomware Attack Results in $200M Sales Hit

Michael Novinson  •  March 15, 2023

MKS Instruments expects a $200 million revenue hit from February's ransomware attack after the hack removed the company's ability to process orders or ship products. The Feb. 3 ransomware attack required the company to temporarily suspend operations at some MKS Instruments facilities.

►

Standards, Regulations & Compliance

Proof of Concept: Is New US Cyber Strategy Really Viable?

Anna Delaney  •  March 15, 2023

In the latest "Proof of Concept" panel discussion, two Capitol Hill observers at Venable, Grant Schneider and Jeremy Grant, join Information Security Media Group editors to break down the Biden administration's new U.S. national cybersecurity strategy and answer the question, "Is it really viable?"

Cybercrime

Emotet Is Back Again!

Prajeet Nair  •  March 14, 2023

Emotet malware is again active. Researchers marked the latest sighting of the Microsoft Office-loving Trojan in what's becoming a cycle of reemergence and hibernation. Among its improved evasion techniques: pasting a chunk of "Moby Dick" to bulk up the word count of macro-laden Word documents.

Breach Notification

Not-So-Cerebral Sharing of Mental Health Data Hits Millions

Marianne Kolbasuk McGee  •  March 10, 2023

A provider of online mental health services is notifying nearly 3.2 million people that the company used website tracking tools to share sensitive patient information with third parties including Facebook, Google and TikTok - without the individuals' consent.