Ryuk ransom note (Source: Coveware, Malwarebytes)

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Mathew J. Schwartz • March 1, 2021

Prolific Ryuk ransomware has a new trick up its sleeve. "A Ryuk sample with worm-like capabilities - allowing it to spread automatically within networks it infects" was recently discovered during an incident response effort, warns CERT-FR, the French government's computer emergency response team.

Fraud Management & Cybercrime

Ransomware: Beware of 13 Tactics, Tools and Procedures

Application Security

NPower Shuts Down App After Breach

Cybercrime

Data Breaches: ShinyHunters' Dominance Continues

Microsoft's Smith: SolarWinds Attack Involved 1,000 Developers

Latest

3rd Party Risk Management

Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains

Tom Field • March 1, 2021

Jamil Farshchi has been there. As CISO of Equifax, he knows what it’s like to be a victim of a high-profile cyberattack. And he knows breached companies have a choice: "Are they going to be a force for good by helping the rest of the industry learn from their experience?"

COVID-19

Indian Vaccine Makers, Oxford Lab Reportedly Hacked

Marianne Kolbasuk McGee • March 1, 2021

Two Indian vaccine makers and an Oxford University lab are reportedly among the latest targets of hackers apparently seeking to steal COVID-19 research data.

Endpoint Security

Rockwell Controllers Vulnerable

Prajeet Nair • March 1, 2021

A critical authentication bypass vulnerability could enable hackers to remotely compromise programmable logic controllers made by industrial automation giant Rockwell Automation, according to the cybersecurity company Claroty. Rockwell has issued mitigation recommendations.

3rd Party Risk Management

House SolarWinds Hearing Focuses on Updating Cyber Laws

Scott Ferguson • February 26, 2021

A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.

Cyberwarfare / Nation-State Attacks

Microsoft Releases Queries for SolarWinds Attack Detection

Prajeet Nair • February 26, 2021

Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.

Breach Notification

Analysis: Feds Crack Down on Cryptocurrency Scams

Anna Delaney • February 26, 2021

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

Critical Infrastructure Security

Lazarus Hits Defense Firms with ThreatNeedle Malware

Doug Olenick • February 25, 2021

Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a backdoor called ThreatNeedle that moves laterally through networks and can overcome network segmentation, according to researchers at Kaspersky.

Endpoint Security

Improving Connected Vehicle Cybersecurity

Jeremy Kirk • February 25, 2021

Connected vehicles are rife with cybersecurity risks. But Faye Francy of Auto-ISAC says automakers and suppliers are increasingly sharing critical information and strengthening supply chains.

Governance & Risk Management

6,000 VMware vCenter Devices Vulnerable to Remote Attacks

Prajeet Nair • February 25, 2021

Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware has issued recommendations for patching the flaw.

Cryptocurrency Fraud

Not 'Above the Law' - Feds Target ICO Cryptocurrency Scams

Mathew J. Schwartz • February 25, 2021

Authorities have accused Serbia-based scammers of capitalizing on the "initial coin offering" bubble that began in 2017, bilking global cryptocurrency investors out of $70 million via Bitcoiin2Gen and other supposed coins and hiring actor Steven Seagal to endorse them.

Cyberwarfare / Nation-State Attacks

Senate SolarWinds Hearing: 4 Key Issues Raised

Scott Ferguson • February 24, 2021

The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.

Endpoint Security

Cybersecurity Agencies Warn of Accellion Vulnerability Exploits

Doug Olenick • February 24, 2021

The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.