Russian-Linked Group Using Secondary Backdoor Against Targets

Scott Ferguson • September 22, 2021

A Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed, Cisco Talos report. Victims include U.S., German and Afghan organizations.

Critical Infrastructure Security

Bad News: Innovative REvil Ransomware Operation Is Back

Latest

Breach Notification

Ransomware Attack Reportedly Cripples European Call Center

Prajeet Nair • September 25, 2021

GSS, the Spanish and Latin America division of Europe's largest call center provider Covisian, has informed that it has been subjected to a ransomware attack, which froze its IT systems and crippled call centers across its Spanish-speaking customer base.

Critical Infrastructure Security

REvil Ransomware Group's Latest Victim: Its Own Affiliates

Mathew J. Schwartz • September 25, 2021

Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.

Anti-Phishing, DMARC

Lawsuits: Negligence Led to UC San Diego Health Incident

Marianne Kolbasuk McGee • September 24, 2021

Two proposed class action lawsuits filed this week in a California federal court allege negligence and a variety of other claims against UC San Diego Health in the wake of a phishing incident that affected nearly 496,000 individuals.

Anti-Phishing, DMARC

Researcher Finds Malware Targeting Mac Users via Baidu Ad

Mihir Bagwe • September 24, 2021

Chinese security researcher Zhi has discovered a malware targeting Mac users. The malware, spread via a paid advertisement on search engine Baidu, is intended to harvest user credentials, he says. The advertisement has now been taken down.

Breach Notification

CISA Director: Attackers Targeted Port of Houston

Scott Ferguson • September 24, 2021

During testimony before a U.S. Senate committee hearing Thursday, CISA Director Jen Easterly told lawmakers that a recent joint alert issued by her agency, the FBI and the Coast Guard Cyber Command stemmed from an attempted attack against the Port of Houston in August.

3rd Party Risk Management

ISMG Editors’ Panel: The Rise of Quadruple Extortion Attacks

Anna Delaney • September 24, 2021

Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.

Business Continuity Management / Disaster Recovery

Ransomware Updates: Conti Attacks Rise, New Players Surface

Anna Delaney • September 24, 2021

The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.

Governance & Risk Management

Applying Critical, Systems and Design Thinking to Security

Steve King • September 24, 2021

Brian Barnier, a director of analytics who is developing a course on critical and design thinking in cybersecurity for CyberEd.io, is a firm believer in the importance of critical thinking today. He discusses how that, plus systems and design thinking, can improve the way cybersecurity functions.

Critical Infrastructure Security

Karma Seeks Free Publicity to Fulfill Ransomware Destiny

Mathew J. Schwartz • September 24, 2021

A new and still little-known ransomware group called Karma has been pursuing a novel strategy to pressure victims into paying: Get journalists to publicize businesses hit by the ransomware operation, adding pressure on victims to pay the ransom demand.

Critical Infrastructure Security

Lawmakers Share Huawei Concerns with US State Department

Dan Gunderman • September 23, 2021

Republican lawmakers have expressed additional concerns around Chinese telecom giant Huawei to the nation's top diplomat. In a letter to Secretary of State Antony Blinken, Sen. Tom Cotton and Rep. Mike Gallagher outline Huawei's global cloud services and seek answers on privacy concerns.

Critical Infrastructure Security

Senators Debate Cyber Rules for US Critical Infrastructure

Scott Ferguson • September 23, 2021

As the Senate Homeland Security Committee considers new cyber rules and regulations for U.S. critical infrastructure, lawmakers heard testimony from CISA's Jen Easterly and National Cyber Director Chris Inglis on Thursday in support of these measures, which include updates to FISMA.

Blockchain & Cryptocurrency

Fed Chair Says Central Bank Evaluating Digital Currency

Dan Gunderman • September 23, 2021

The U.S. Federal Reserve said Wednesday it is continuing to evaluate the creation of a central bank digital currency, or CBDC, and that it intends to publish research on the subject shortly, according to Chair Jerome Powell.