Exchange Server Attacks Spread After Disclosure of Flaws

Jeremy Kirk • March 6, 2021

Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.

3rd Party Risk Management

Data Breaches: ShinyHunters' Dominance Continues

3 North Koreans Indicted for Conspiring to Steal $1.3 Billion

Latest

Cybercrime

Supermicro and PulseSecure Issue Advisories on Trickboot

Doug Olenick • March 6, 2021

Supermicro and Pulse Secure have each issued advisories warning users that some of their products are vulnerable to an updated version of Trickbot malware that features a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities.

Business Continuity Management / Disaster Recovery

Mark of Ransomware's Success: $370 Million in 2020 Profits

Mathew J. Schwartz • March 5, 2021

Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.

Breach Notification

Supply Chain Attack Jolts Airlines

Prajeet Nair • March 5, 2021

An aviation IT company that says it serves 90% of the world's airlines has been breached in what appears to be a coordinated supply chain attack. Customers of at least four companies - Malaysia Airlines, Singapore Airlines, Finnair Airlines and Air New Zealand - may have been affected by the incident.

3rd Party Risk Management

Accellion Appliance Zero-Day Attack Breaches: Key Takeaways

Anna Delaney • March 5, 2021

This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.

Breach Notification

Russian Cybercrime Forum 'Maza' Suffers Data Breach

Akshaya Asokan • March 4, 2021

The Russian carding and fraud discussion forum Maza has been breached, and hackers have leaked what appear to be legitimate members' details, including email addresses and forum credentials, threat-intelligence firms report. The breach and data leak follows a recent wave of attacks against cybercrime forums.

Governance & Risk Management

Lesson From SolarWinds Attack: It's Time to Beef Up IAM

Scott Ferguson • March 4, 2021

The SolarWinds supply chain attack should prompt federal agencies and others to rethink how they approach security issues - especially identity and access management, according to a breakdown of the attack presented this week by NIST and CISA.

Identity & Access Management

Okta to Buy Auth0 for $6.5 Billion

Doug Olenick • March 4, 2021

The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to acquire the customer IAM technology supplier Auth0. Two other cybersecurity M&A deals were also announced this week.

Identity & Access Management

Changing Authentication for Employees

Suparna Goswami • March 4, 2021

New authentication models, including dynamic authorization and continuous authentication, that work well for consumers can be adopted for employees as well, says Thomas Malta, head of identity and access management at the Virginia-based Navy Federal Credit Union.

Application Security

Microsoft Patches Four Zero-Day Flaws in Exchange

Jeremy Kirk • March 3, 2021

Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.

Governance & Risk Management

Cybersecurity Leadership: Identity, Access, Complexity

Tom Field • March 3, 2021

In this era of "work from anywhere," identity and access management solutions are challenged more than ever. What are the strategies and solutions recommended by top CEOs and CISOs in the cybersecurity sector? An expert panel weighs in.

Breach Notification

Ticketcounter Data Stolen From Unsecured Server

Prajeet Nair • March 3, 2021

Ticketcounter, a Dutch e-ticketing platform, says a user database containing personal data on 1.9 million individuals was stolen from an unsecured staging server.

Business Continuity Management / Disaster Recovery

Ransomware Attack's Economic Impact: $67 Million

Marianne Kolbasuk McGee • March 2, 2021

In an eye-opening look at the cost burden of a ransomware attack, Universal Health Services reports that an incident last September had a $67 million economic impact - citing, for example, the need to divert patients to competing facilities for urgent care. But insurance may cover much of the cost.