Latest

►

Cybercrime

Ransomware Operations 'Based on a Culture of Mistrust'

Mathew J. Schwartz  •  June 24, 2021

Two cybercrime ecosystem cornerstones today are high-end bulletproof hosting services and ransomware, says Mark Arena, CEO of Intel 471. He notes that ransomware-as-a-service operations don't function like gangs or the Mafia, but rather as individuals collaborating "based on a culture of mistrust."

Cybercrime as-a-service

Repurposed REvil Ransomware Used in Attacks

Prajeet Nair  •  June 24, 2021

A newly identified threat group is using a repurposed version of REvil ransomware to wage attacks, according to security company Secureworks’ Counter Threat Unit.

COVID-19

Battling Ongoing COVID-19-Themed Attacks and Scams

Marianne Kolbasuk McGee  •  June 24, 2021

Advanced persistent threat actors will continue to "up their game," including taking advantage of the COVID-19 pandemic even as its impact diminishes, says Kelvin Coleman, executive director of the National Cyber Security Alliance.

Fraud Management & Cybercrime

John McAfee Found Dead in Spanish Prison Cell

Doug Olenick  •  June 23, 2021

Cybersecurity pioneer John McAfee, 75, was found dead in a Spanish prison cell Wednesday, hours after a Spanish court had authorized his extradition to the U.S. to face tax evasion charges, according to news reports.

►

Fraud Management & Cybercrime

Best Practices for Fighting Authorized Push Payment Fraud

Suparna Goswami  •  June 23, 2021

How can financial institutions deal with the problem of authorized push payment fraud? Three experts - Karen Boyer of People’s United Bank, Alasdair MacFarlane of NatWest Bank and Dave Excell of Featurespace - offer their insights on best practices.

►

Security Operations

Using Automation to Update a SOC

Suparna Goswami  •  June 21, 2021

How can organizations update their SOCs to ensure they keep up with evolving cyberthreats? Three experts - Sean Duca of Palo Alto Networks, Rishi Rajpal of Concentrix and Anish Ravindranathan of Tata Digital - offer insights.

Critical Infrastructure Security

Fake DarkSide Ransomware Gang Targets Energy, Food Sectors

Akshaya Asokan  •  June 20, 2021

Fraudsters falsely claiming to be the now-shuttered DarkSide ransomware gang are targeting organizations in the food and energy sectors by sending hoax emails that attempt to extort ransoms from victims, the security firm Trend Micro reports. None of the victims has detected a data compromise so far.

►

Fraud Management & Cybercrime

ISMG Editors’ Panel: NATO's Cybersecurity Policy and More

Anna Delaney  •  June 18, 2021

In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including NATO's new cyber defense policy, the outlook for congressional regulatory action to address the ransomware threat, and cybersecurity comments by U.S. Rep. Jim Langevin.

Critical Infrastructure Security

Ransomware Roundup: Avaddon Exits; Clop Suspects Arrested

Anna Delaney  •  June 18, 2021

The latest edition of the ISMG Security Report features an analysis of the Avaddon ransomware gang's retirement and the crackdown on the Clop ransomware gang in Ukraine. Also featured: Bitcoin as ally in the ransomware battle; strengthening U.S. cybersecurity defenses.

Cybercrime

Analysis: The Cyber Impact of Biden/Putin Summit Meeting

Scott Ferguson  •  June 17, 2021

After U.S. President Joe Biden and Russian President Vladimir Putin discussed cybersecurity issues at their Wednesday summit meeting in Geneva, security experts and analysts began sizing up what the next steps might be following what some are calling a "transformational moment."

Governance & Risk Management

Cyberium Domain Targets Tenda Routers in Botnet Campaign

Akshaya Asokan  •  June 17, 2021

Malware hosting domain Cyberium has spread multiple Mirai variants, including one that targeted vulnerable Tenda routers as part of a botnet campaign, AT&T Alien Labs reports.

Cyberwarfare / Nation-State Attacks

Biden Promises Retaliation Unless Putin Stops Cyberattacks

Doug Olenick  •  June 16, 2021

U.S. President Joe Biden issued a clear warning to Russian President Vladimir Putin at their Geneva summit Wednesday, saying that should Russia continue to launch cyberattacks against U.S. critical infrastructure sectors, or hack software supply chains, then Moscow should expect to see retaliation.