President Joe Biden (Photo: Wikipedia)

US Sanctions Russia Over SolarWinds Attack, Election Meddling

Scott Ferguson • April 15, 2021

The Biden administration has formally sanctioned Russia over the cyber operation that targeted SolarWinds and its customers as well as the disinformation campaign against the 2020 U.S. elections. The NSA and other agencies also attributed the SolarWinds attack to Russia's Foreign Intelligence Service, or SVR.

Governance & Risk Management

Death to 'Fluffy': Please Stop With the Pet Name Passwords

Latest

3rd Party Risk Management

Does FBI Exchange Remediation Action Set a Precedent?

Anna Delaney • April 16, 2021

The latest edition of the ISMG Security Report features an analysis of whether the FBI removing malicious web shells from hundreds of compromised Microsoft Exchange Servers could set a precedent. Also featured is a description of an unusual fraud scam plus an update on security product development trends.

Breach Notification

Bank Groups Object to Proposed Breach Notification Regulation

Doug Olenick • April 15, 2021

The American Bankers Association and three other banking groups have voiced objections to provisions in a proposed federal cyber incident notification regulation. For example, they say the definition of a reportable "computer security incident" is too broad and would result in the reporting of insignificant events.

Cryptocurrency Fraud

Lazarus E-Commerce Attackers Also Targeted Cryptocurrency

Mathew J. Schwartz • April 15, 2021

Hackers with apparent ties to North Korea who hit e-commerce shops via Magecart-style attacks to steal payment card data also tested malicious tools for stealing cryptocurrency, reports cybersecurity firm Group-IB. Such functionality could trick customers into paying with cryptocurrency.

COVID-19

Phishing Campaign Targeting COVID Vaccine 'Cold Chain' Expands

Marianne Kolbasuk McGee • April 14, 2021

Cybercriminals, likely backed by nation-states, are expanding global spear-phishing campaigns targeting the COVID-19 vaccine "cold chain" in an attempt to steal credentials so they can gain "privileged insight" into sensitive information, the IBM Security X-Force says in an updated report.

3rd Party Risk Management

Senators Push for Changes in Wake of SolarWinds Attack

Scott Ferguson • April 14, 2021

The SolarWinds supply chain attack that led to follow-on attacks on nine government agencies and 100 companies points to the need for a federal law requiring prompt breach notification, several senators said at a Wednesday hearing.

Fraud Management & Cybercrime

Defining Synthetic ID Fraud: How It Helps With Mitigation

Suparna Goswami • April 14, 2021

Now that the Federal Reserve has issued a definition for synthetic ID fraud, fraud-fighting efforts likely will improve because it will be easier to identify red flags, some security experts say.

Cyberwarfare / Nation-State Attacks

Sweden: Russians Behind Sports Confederation Hack

Akshaya Asokan • April 14, 2021

The Russian state-sponsored group Fancy Bear was responsible for breaches at the Swedish Sports Confederation that resulted in hackers accessing sensitive athlete information, including doping test results, according to the Swedish Prosecution Authority. But Sweden will not pursue legal action in the case.

Endpoint Security

State of the Marketplace: A Conversation With Dave DeWalt

Tom Field • April 14, 2021

Dave DeWalt, former CEO of FireEye and McAfee, has been appointed vice chair of the board of LogDNA, a log management company, and he’s committed to the popular “shift left” movement. But he’s also got a keen eye on the broader cybersecurity marketplace and shares insights on its seismic changes.

Business Email Compromise (BEC)

How Fraudsters Nearly Stole $17.5 Million via PPE Fraud

Mathew J. Schwartz • April 14, 2021

Interpol says Dutch and Nigerian suspects created a cloned version of a legitimate personal protective equipment provider's website to trick a German health authority seeking face masks. The case is a reminder that a "sophisticated" scheme need not require extreme technical sophistication to succeed.

Cyberwarfare / Nation-State Attacks

Former DHS Leader Shares Details on SolarWinds Attack

Scott Ferguson • April 13, 2021

Chad Wolf, the former acting secretary for the Department of Homeland Security, has confirmed the accuracy of an earlier news report saying that the SolarWinds supply chain attackers gained access to his unclassified DHS email accounts, which included calendar details.

Cyberwarfare / Nation-State Attacks

Intelligence Report: 4 Nations Pose Serious Cyberthreat to US

Scott Ferguson • April 13, 2021

China, Russia, North Korea and Iran continue to pose significant cybersecurity threats to the U.S. because each is capable of launching disruptive attacks, according to a report published Tuesday by the Office of the Director of National Intelligence.

3rd Party Risk Management

Modern Bank Heists: Attackers Go Beyond Account Takeover

Tom Field • April 13, 2021

Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the new Modern Bank Heists report authored by Tom Kellermann at VMware Carbon Black.