Latest

►

Fraud Management & Cybercrime

Assessing the SolarWinds Hack's Impact on Fraud

Suparna Goswami  •  January 25, 2021

What impact could the SolarWinds supply chain hack have on fraud trends? Al Pascual of Breach Clarity offers an analysis.

Cryptocurrency Fraud

Russian Pleads Guilty to Running Cybercrime Forum

Prajeet Nair  •  January 25, 2021

A Russian national who served as the administrator for the now-defunct Deer.io online clearinghouse - which sold stolen credentials, hacked servers and criminal services, such as assistance performing hacking activities - has pleaded guilty to a federal charge.

Cybercrime as-a-service

DDoS Attackers Revive Old Campaigns to Extort Ransom

Akshaya Asokan  •  January 23, 2021

Threat actors behind a distributed denial-of-service campaign targeted the same set of victims again after the organizations refused to pay the initial ransom demand, a new report by security firm Radware finds.

Breach Notification

Intel Investigating Hack of Confidential Financial Report

Doug Olenick  •  January 23, 2021

Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned.

Business Email Compromise (BEC)

Fraudsters Are Using Google Forms to Evade Email Filters

Prajeet Nair  •  January 23, 2021

Fraudsters are using Google forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to identify targets for a possible follow-up business email compromise attack.

COVID-19

Biden's COVID-19 Plan Calls for Assessment of Cyberthreats

Marianne Kolbasuk McGee  •  January 22, 2021

President Joe Biden's COVID-19 response strategy calls for an assessment of "ongoing cyberthreats and foreign interference campaigns targeting COVID-19 vaccines and related public health efforts."

►

3rd Party Risk Management

How to Manage Software Supply Chain Risks

Jeremy Kirk  •  January 22, 2021

The threat posed by software supply chain attacks is growing, but organizations can take steps to minimize the risks. Trey Herr of the Atlantic Council outlines ways to gain more insight into supply chain problems.

Fraud Management & Cybercrime

Texas Medical Center Breach Affects 640,000

Marianne Kolbasuk McGee  •  January 22, 2021

An apparent ransomware incident at a Texas healthcare organization has potentially compromised the protected health information of more than 640,000 individuals.

Cryptocurrency Fraud

DreamBus Botnet Targets Linux Systems

Prajeet Nair  •  January 22, 2021

Zscaler's ThreatLabz research team is tracking a new botnet dubbed DreamBus that's installing the XMRig cryptominer on powerful, enterprise-class Linux and Unix systems with the goal of using their computing power to mine monero.

Governance & Risk Management

Researchers Identify SAP Flaw Exploit

Akshaya Asokan  •  January 22, 2021

An exploit that takes advantage of an authentication vulnerability in SAP Solution Manager can lead to a compromise of other connected SAP applications, according to Onapsis Research Labs.

Fraud Management & Cybercrime

Hackers Leave Stolen Email Credentials Exposed

Akshaya Asokan  •  January 22, 2021

Hackers waging a phishing campaign stole more than 1,000 corporate email credentials and then stored the stolen data in a database accessible via a simple Google search, Check Point Research says.

3rd Party Risk Management

Analysis: How Will Biden Address Cybersecurity Challenges?

Anna Delaney  •  January 22, 2021

The latest edition of the ISMG Security Report features an analysis of the cybersecurity challenges the Biden administration must address. Also featured: payments security advice from Verizon; the outlook for the lifting of restrictions tied to the COVID-19 pandemic.