LockBit's data leak site listing for Royal Mail (Image: ISMG)

LockBit Group Goes From Denial to Bargaining Over Royal Mail

Mathew J. Schwartz • February 7, 2023

The LockBit group has gone from denying it had any involvement in the ransomware attack on Britain's Royal Mail, to trying to bargain for a ransom. The ransomware group's site now lists Royal Mail as a victim, and demands it pay a ransom or see stolen data get dumped.

Endpoint Security

Illumio CEO on Fighting Ransomware via Endpoint Segmentation

Latest

Business Continuity Management / Disaster Recovery

Microsoft Experiences Second Major Cloud Outage in 2 Weeks

Mathew J. Schwartz • February 7, 2023

Microsoft suffered its second major outage in less than two weeks, as users in North American and beyond were left unable to send, receive or search emails via Outlook.com, as well as to access some additional functionality, including calendar APIs. Microsoft blamed unspecified "recent changes."

Incident & Breach Response

UScellular Customer Data On Hacker Forum

Mihir Bagwe • February 6, 2023

U.S. wireless telecom USCellular says a data breach at a third party vendor resulted in a leak of 52,000 named and email addresses. The company confirmed that data from the leak is available for download on a criminal data breach forum.

Endpoint Security

'PixPirate" Banking Trojan Targets Brazilian Pix Users

Prajeet Nair • February 6, 2023

An Android banking Trojan is targeting Brazilian adopters of an instant payment platform known as Pix, marking another foray by the South American country's criminal underground into digital larceny. Brazil has a has been a hotbed of Trojan activity perpetuated by domestic cyber criminals.

Governance & Risk Management

Lawsuit Alleges GoodRx Unlawfully Shared Health Data

Marianne Kolbasuk McGee • February 6, 2023

On the heels of an enforcement action last week by the Federal Trade Commission, telehealth and discount prescription drug provider GoodRX now faces a proposed class action lawsuit also over its data sharing practices with third-parties and the use of website tracking code.

Fraud Management & Cybercrime

Check Fraud: What Hurdles Are Facing Banks?

Suparna Goswami • February 6, 2023

Banks are losing hundreds of millions of dollars a year to check fraud - if not more, says David Maimon, professor of criminal justice and criminology at Georgia State University. The major hurdle facing banks is that they are not able to share information with each about fraudulent checks.

Fraud Management & Cybercrime

Massive Ransomware Campaign Targets VMware ESXi Servers

Prajeet Nair • February 4, 2023

A massive automated ransomware campaign is targeting VMware ESXi hypervisors worldwide, warns CERT-FR, the French government's computer emergency readiness team that's part of the National Cybersecurity Agency of France. VMware is advising customers to patch affected servers and scan for malware.

Attack Surface Management

CrowdStrike CEO on Why It's Tough to Defend Sensitive Assets

Michael Novinson • February 3, 2023

Organizations today struggle with both new attack surface challenges such as cloud configuration and exposed buckets and long-standing ones around vulnerable ports and infrastructure. CEO George Kurtz says CrowdStrike's recent purchase of Reposify will help customers defend their priority assets.

Cyberwarfare / Nation-State Attacks

Hackers Posing as Ukrainian Ministry Deploy Info Stealers

Mihir Bagwe • February 3, 2023

Ukrainian and Polish cyber defenders are warning against a slew of phishing websites that mimic official sites, in particular a page that mimics the Ministry of Foreign Affairs of Ukraine. A hacking group likely comprised of Russian speakers uses the pages to lure users into downloading software.

Attack Surface Management

IBM Security GM on Seeing a Target Through the Hacker's Eyes

Michael Novinson • February 3, 2023

Companies can be blinded by their inside-out view and often benefit from another set of eyes that see their business the same way an attacker would, says IBM's Mary O'Brien. IBM's acquisition of attack surface management firm Randori gives clients another view of areas that need to be remediated.

Network Firewalls, Network Access Control

Jeetu Patel on Having a Consistent Design at Cisco Security

Michael Novinson • February 3, 2023

Cisco plans to debut a common design language across its network and security offerings so that products such as Cisco Meraki and Umbrella will no longer look or feel different from one another, says Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco.

Governance & Risk Management

CEO Faitelson on How Varonis' SaaS Migration Helps Customers

Michael Novinson • February 3, 2023

Varonis has dedicated most of its engineering resources to SaaS since the onset of COVID-19 to provide more automation to customers, says CEO Yaki Faitelson. The company has focused on delivering robust data protection to customers without them having to dedicate hardware or personnel to the task.

Fraud Management & Cybercrime

Indian Official Highlights Djvu Ransomware as Threat

Jayant Chakravarti • February 3, 2023

An Indian cybersecurity official highlighted Djvu ransomware as a threat, saying that "maximum companies" are attacked by the malware, a variant of the Stop family of ransomware. Djvu often infects computers by masquerading as software whose activation key has been cracked by hackers.