The disruption of the Netwalker ransomware group in January 2021 by U.S. and Bulgarian authorities highlights how blockchain can be an Achilles' heel for cryptocurrency-using criminals, says Jackie Burns Koven, cyberthreat intelligence lead at Chainalysis.
The dangers associated with compromising critical infrastructure assets burst into public view with the May 2021 Colonial Pipeline ransomware attack, prompting significant investment from both the government and the private sector, according to Claroty Chief Product Officer Grant Geyer.
As the Russia-Ukraine war continues, and analysts watch for retaliatory cyberattacks against Ukraine's allies, cybercrime tracker Jon DiMaggio of Analyst1 says there's good news, in that Russian cybercriminals seem to have little or no incentive to move against U.S. critical infrastructure.
Unit 42 researchers have uncovered a new remote access Trojan dubbed PingPull being used by the persistent threat actor Gallium, a group suspected of Chinese state sponsorship and known for targeting telecommunications, finance and government organizations across Southeast Asia, Europe and Africa.
Security leaders shouldn't ignore current geopolitical tensions, which are going to infiltrate into private sectors, says Troy Leach of the Cloud Security Alliance. And John Kindervag of ON2IT Cybersecurity says - for that reason - organizations need to stop being cheap on cybersecurity.
Top Russian diplomat Andrei Krutskikh is pressuring the U.S. to back down in cyberspace after the director of U.S. Cyber Command, Army Gen. Paul Nakasone, acknowledged America has conducted a "full spectrum" of virtual operations in support of Ukraine.
A recently identified Chinese hacking group dubbed Aoqin Dragon has been targeting government, education and telecommunication organizations in Southeast Asia and Australia since 2013 as part of an ongoing cyberespionage campaign, according to research from SentinelLabs.
While adversaries are often still using many of the same old methods and exploits to compromise their victims, the exposure and consequences of these attacks are becoming increasingly damaging, says Bryan Ware, CEO of LookingGlass Cyber Solutions. He discusses how to keep ahead of the adversaries.
CISA says Chinese state-sponsored threat actors are exploiting known vulnerabilities to target public and private companies in the United States, and a related joint advisory from CISA, the FBI and the NSA describes how major telcos and network service providers have been exploited since 2020.
Art Coviello, former CEO of RSA and current partner with Rally Ventures, describes the cybersecurity industry trends he's watching closely as we hit the midway point of 2022, as well as which emerging technologies have not quite evolved in the way he might have anticipated.
The broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine on Sunday was interrupted in Ukraine by a cyberattack that targeted OLL.TV, a Ukrainian online broadcaster. Traffic was rerouted to a Russian propaganda-based channel, the SSSCIP says.
Cyberwarfare has emerged as the bridge between espionage and kinetic conflict. "It's here," says Chase Cunningham of Ericom Software. He discusses how enterprise cybersecurity leaders should now think more deeply about their adversaries' motivations and capabilities.
The website of the Russian Ministry of Construction, Housing and Utilities was reportedly hacked and defaced on Sunday. The attacker demands a 1-million-ruble ransom be paid by Tuesday to ensure the security of stolen data. A ministry spokesperson told a state news agency that all data is protected.
In the latest weekly update, four ISMG editors discuss important cybersecurity issues, including the trending topics at this year's RSA Conference, how security researchers are tracking a zero-day vulnerability in Microsoft Office and what Broadcom's acquisition of VMware means for security.
The U.S. has conducted offensive cyber activities in support of Ukraine, Cyber Command Director Gen. Paul Nakasone reportedly said on Wednesday at the NATO Cooperative Cyber Defense Center of Excellence conference. The White House says these operations do not violate historic policies with Moscow.