Lazarus Hits Defense Firms with ThreatNeedle Malware

Doug Olenick • February 25, 2021

Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a backdoor called ThreatNeedle that moves laterally through networks and can overcome network segmentation, according to researchers at Kaspersky.

3rd Party Risk Management

IRS Warns of Fresh Fraud Tactics as Tax Season Starts

Latest

Breach Notification

Analysis: Feds Crack Down on Cryptocurrency Scams

Anna Delaney • February 26, 2021

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

Endpoint Security

Improving Connected Vehicle Cybersecurity

Jeremy Kirk • February 25, 2021

Connected vehicles are rife with cybersecurity risks. But Faye Francy of Auto-ISAC says automakers and suppliers are increasingly sharing critical information and strengthening supply chains.

Governance & Risk Management

6,000 VMware vCenter Devices Vulnerable to Remote Attacks

Prajeet Nair • February 25, 2021

Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware has issued recommendations for patching the flaw.

Cybercrime

Researchers Show How Digitally Signed PDFs Can Be Manipulated

Akshaya Asokan • February 25, 2021

Hackers could manipulate certain digitally signed PDF documents to add malicious content, according to a study by researchers at Germany's Ruhr University of Bochum.

Cryptocurrency Fraud

Not 'Above the Law' - Feds Target ICO Cryptocurrency Scams

Mathew J. Schwartz • February 25, 2021

Authorities have accused Serbia-based scammers of capitalizing on the "initial coin offering" bubble that began in 2017, bilking global cryptocurrency investors out of $70 million via Bitcoiin2Gen and other supposed coins and hiring actor Steven Seagal to endorse them.

Business Continuity Management / Disaster Recovery

Federal Reserve's Money Transfer Services Suffer Outage

Doug Olenick • February 24, 2021

The Federal Reserve's online money transfer system, including Fedwire Funds and FedCash, suffered an outage for more than three hours Wednesday afternoon, with the Fed citing technical issues as the cause and not a cyber incident. Systems were restored by late afternoon.

Endpoint Security

Cybersecurity Agencies Warn of Accellion Vulnerability Exploits

Doug Olenick • February 24, 2021

The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.

Artificial Intelligence & Machine Learning

Using ID Screening to Fight COVID-19 Economic Relief Fraud

Nick Holland • February 24, 2021

High-speed identity screening can play a critical role in cracking down on fraud tied to COVID-19 economic relief efforts without impeding legitimate access to funds, says Dr. Gary Shiffman, CEO of Giant Oak, which offers artificial intelligence technology.

Cybercrime

Russian Hacking Group Deploys IronPython Malware Loader

Akshaya Asokan • February 24, 2021

The Russian hacking group known as Turla is deploying a new IronPython-based malware loader called "IronNetInjector" as part of a new campaign, Palo Alto Networks' Unit42 reports. It comes with capabilities to obfuscate malware codes and encrypt and decrypt NET injector and payloads.

Fraud Management & Cybercrime

Updated Minebridge RAT Targets Security Researchers

Prajeet Nair • February 24, 2021

The operators behind the Minebridge remote-access Trojan have updated the malware, which is targeting security researchers by using a malicious payload disguised in an attached document, according to the security firm Zscaler.

Cybercrime

Ransomware Attack Cripples Finnish IT Provider TietoEVRY

Akshaya Asokan • February 24, 2021

Finnish IT giant TietoEVRY announced Tuesday that ransomware crippled its infrastructure, forcing it to take down affected systems to contain the spread of the malware.

Application Security

Python Software Rushes to Tackle RCE Vulnerability

Prajeet Nair • February 23, 2021

The Python Software Foundation is issuing updates for Python 3.9.2 and 3.8.8 to address critical security vulnerabilities, including a remote code execution vulnerability that can be exploited to shut down systems.