A phishing message tied to the OldGremlin ransomware gang claimed to have been sent by Minsk Tractor Works. (Source: Group-IB)

Ransomware Danger: Russian-Speaking Gang Targets Russians

Mathew J. Schwartz • September 23, 2020

Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.

COVID-19

5 Chinese Suspects Charged in Connection With 100 Breaches

Latest

COVID-19

FBI, CISA Warn of Election Results Disinformation Campaigns

Prajeet Nair • September 23, 2020

With less than 45 days to go before the November election, the FBI and CISA have issued a warning that nation-state hackers and cybercriminals may attempt to spread disinformation regarding the final vote tallies as a way to undermine confidence in the voting process.

HIPAA/HITECH

HHS Issues Yet Another Big HIPAA Breach-Related Fine

Marianne Kolbasuk McGee • September 23, 2020

For the second time this week, federal regulators have doled out a hefty financial fine in a HIPAA settlement after an investigation of a breach tied to a hacking incident.

COVID-19

COVID-19 Update: 'Live Like You're Contagious'

Tom Field • September 23, 2020

With colder weather, the flu season and the holidays ahead, the northern hemisphere is at risk of another major COVID-19 outbreak. Pandemic expert Regina Phelps says it's time to change behavior, and that starts here: "Live like you're contagious."

Cybercrime

Attacks Using Lokibot Information Stealer Surge

Akshaya Asokan • September 23, 2020

The U.S. Cybersecurity and Infrastructure Security Agency is warning of an uptick in attacks using LokiBot, an information stealer capable of sweeping up credentials. Fraudsters are using new methods to spread the malware.

Governance & Risk Management

Hefty HIPAA Fine After Breach Involving 'The Dark Overlord'

Marianne Kolbasuk McGee • September 22, 2020

Federal regulators have announced a $1.5 million HIPAA settlement with a Georgia orthopedic clinic stemming from a 2016 breach involving The Dark Overlord hacking group. The case serves as a warning of the potentially hefty cost of failure to implement a comprehensive HIPAA compliance program.

Cybercrime

'Dark Overlord' Hacker Sentenced to 5-Year Prison Term

Chinmay Rautmare • September 22, 2020

A U.K. resident who was a member of The Dark Overlord hacking group pleaded guilty to federal charges Monday and was sentenced to five years in prison, according to the U.S. Justice Department. The group targeted several healthcare organizations and others.

Business Continuity Management / Disaster Recovery

Cybersecurity Leadership: Risk Exposure Awareness

Tom Field • September 22, 2020

It might be new, but are we ready to call this "normal?" In this latest in a series of CEO/CISO panels, cybersecurity leaders talk frankly about the new risk surface and the role emerging technologies play in helping us keep pace with our adversaries.

Application Security

CISA Pushes Government Agencies to Patch 'Zerologon' Flaw

Jeremy Kirk • September 22, 2020

U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.

Cyberwarfare / Nation-State Attacks

Will US Indictments of Iranian Hackers Be a Deterrent?

Akshaya Asokan • September 22, 2020

Will recent U.S. indictments of several alleged Iranian hackers - as well as government sanctions against an APT group - have a deterrent effect? Security experts share their opinions on the impact of these actions.

Cybercrime

Congress Questions NASA on Cybersecurity Efforts

Chinmay Rautmare • September 21, 2020

Foreign and domestic hacking activity targeting NASA continues to grow at a time when many staffers are working at home, space agency officials testified at a Friday Congressional hearing where they were questioned about risk mitigation efforts.

Cybercrime

Exclusive: Hackers Hit Virgin Mobile in Saudi Arabia

Jeremy Kirk • September 21, 2020

Hackers compromised the network of Saudi Arabia's Virgin Mobile KSA, gained email system access and offered stolen data for sale on the dark web. According to a source with knowledge of the attack, the incident - remediated late last week - is one of a string of attacks against organizations in the Middle East.

Endpoint Security

Hacking Group Used Malware to Bypass 2FA on Android Devices

Akshaya Asokan • September 19, 2020

A hacking group targeting Iranian dissidents has developed malware that can bypass two-factor authentication protection on Android devices to steal passwords, according to Check Point Research. The hackers have also targeted victims' Telegram accounts.