NotPetya outbreak ground zero: Kiev-based servers hosting M.E.Doc software updates (Photo: Ukrainian police)

Analysis: Can Russia's Cyber Destruction Appetite Be Curbed?

Mathew J. Schwartz • October 21, 2020

The U.S. indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction. Experts say more than indictments will be required to curb such activity.

Cyberwarfare / Nation-State Attacks

Analysis: Will Trickbot Takedown Impact Be Temporary?

Latest

Fraud Management & Cybercrime

Phishing Emails Target Coinbase Exchange Users

Chinmay Rautmare • October 21, 2020

Fraudsters are sending phishing emails with messages about the Coinbase cryptocurrency exchange to Microsoft Office 365 users in an attempt to take over their inboxes and gain access to data, according to the security firm KnowBe4.

Cybercrime

Microsoft Continues Trickbot Crackdown

Prajeet Nair • October 21, 2020

Microsoft and its partners are continuing to put pressure on the Trickbot malware operation, eliminating an estimated 94% of its infrastructure. But some security researchers warn that the botnet's operators are developing workarounds to re-establish its infrastructure, enabling the group to resume its activities.

Cybercrime

Tom Kellermann on the Price of Digital Transformation

Tom Field • October 20, 2020

VMware Carbon Black is out with its latest Global Incident Response Threat Report, which describes "the perfect storm" for increasingly sophisticated attacks heading into 2021. Cybersecurity strategist Tom Kellermann discusses what that means - and how these trends should inform our defensive strategies.

Anti-Money Laundering (AML)

Bitcoin 'Mixer' Fined $60 Million

Akshaya Asokan • October 20, 2020

The Treasury Department has fined the owner of two bitcoin "mixing" sites $60 million for violating anti-money laundering laws. It's the first time the department's Financial Crimes Enforcement Network has issued a civil monetary penalty against the operator of a cryptocurrency site.

Governance & Risk Management

Sensitive Voicemail Transcripts Exposed

Marianne Kolbasuk McGee • October 19, 2020

A security researcher recently discovered an unsecure Elasticsearch database cluster exposed on the internet that contained transcripts of sensitive voicemail messages, including some for medical clinics and financial service companies.

Cyberwarfare / Nation-State Attacks

FCC Wants More Information on Threat Posed by China Unicom

Chinmay Rautmare • October 19, 2020

The FCC is asking the Justice Department and other executive branch agencies if China Unicom's operations within the U.S. pose a significant enough national security threat to merit revoking the company's business license.

Critical Infrastructure Security

Google Offers Fresh Details on China-Linked Hacking Group

Akshaya Asokan • October 17, 2020

A report from Google's Threat Analysis Group offers fresh details about the hacking group that targeted Democratic presidential candidate Joe Biden's campaign with phishing emails earlier this year. The phishing effort was linked to a little-known hacking group called APT31, which has connections to China.

Anti-Money Laundering (AML)

20 Arrested in Money-Laundering Crackdown

Prajeet Nair • October 16, 2020

A international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network, which helped launder cash and cryptocurrency for other cybercriminals.

Cybercrime

For Sale: 3 Million Cards Used at Dickey's Barbeque Pit

Chinmay Rautmare • October 16, 2020

The Joker's Stash darknet marketplace has posted a fresh collection of 3 million credit cards that are likely related to a breach of the Dickey's Barbecue Pit chain of franchised restaurants, according to Gemini Advisory.

ATM / POS Fraud

'Black Box' and Physical Attacks Against ATMs Surge

Mathew J. Schwartz • October 16, 2020

Criminals have been seeking innovative new ways to steal cash from ATMs. In the U.S., there has been a surge in physical attacks, while Europe has seen a sharp increase in "black box" attacks designed to make ATMs dispense cash on demand.

Business Continuity Management / Disaster Recovery

Iranian Hacking Group Suspected of Deploying Ransomware

Akshaya Asokan • October 16, 2020

A hacking group with links to Iran's government is suspected of using ransomware in attempts to damage the systems of organizations in Israel and other countries, the security firm ClearSky reports.

Endpoint Security

Singapore Launches IoT Cybersecurity Labelling

Jeremy Kirk • October 16, 2020

Singapore has launched an IoT cybersecurity labelling program intended to improve the baseline security of internet-connected consumer products. The program is voluntary, but Singapore eventually intends to make it mandatory.