Russian Hackers Coopted Iranian APT Group's Infrastructure

Mathew J. Schwartz • October 21, 2019

Turla, an advanced persistent threat group with apparent ties to Russia, seized attack infrastructure and tools used by OilRig, an Iranian APT group, U.K. and U.S. intelligence agencies have jointly reported. They say Turla used the coopted infrastructure to conduct its own reconnaissance and attacks.

Cybercrime

Thoma Bravo to Buy Sophos for $3.9 Billion

Latest

Governance

Zappos' Offer to Breach Victims: A 10 Percent Discount

Jeremy Kirk • October 21, 2019

Zappos is close to settling a long-running class action lawsuit filed by consumers over a 2012 data breach. The online shoe and clothing retailer's proposed compensation would be a 10 percent discount on a future online purchase. A federal judge has granted preliminary approval to the deal.

Cybercrime

Assange Denied Delay for US Extradition Hearing

Scott Ferguson • October 21, 2019

A British judge has denied WikiLeaks founder Julian Assange's request to delay a five-day hearing, slated to begin Feb. 25, on whether he should be extradited to the United States to face espionage charges.

Cybercrime

Malicious Tor Browser Fleeces Darknet Users of Bitcoins

Akshaya Asokan • October 18, 2019

ESET researchers have uncovered a new cybercriminal scheme that uses a trojanized version of the Tor browser for stealing bitcoins from darknet users. So far, the scam has netted about $40,000 in virtual currency, the security firm says.

General Data Protection Regulation (GDPR)

Fresh Privacy Legislation Would Jail CEOs for Violations

Suparna Goswami • October 18, 2019

New legislation introduced by Sen. Ron Wyden, D-Ore., would "bring meaningful punishments for companies that violate people's data privacy, including larger fines and potential jail time for CEOs," he says. But can Congress agree on a privacy law?

Fraud Management & Cybercrime

Russia-Linked Cyber Espionage Group APT29 Remains Active

Apurva Venkat • October 18, 2019

While the Russian-linked hacking group known as The Dukes, Cozy Bear and APT29 in recent years appeared to have gone somewhat quiet, researchers from ESET report that the hackers have been targeting various European embassies and ministries as part of what the security firm dubs "Operation Ghost."

Cybercrime

Darknet Markets: As Police Crack Down, Cybercriminals Adapt

Nick Holland • October 18, 2019

The latest edition of the ISMG Security Report discusses the shutdown of DeepDotWeb. Plus, dealing with breach fatigue and the Pitney Bowes ransomware attack.

Cybercrime

Phorpiex Botnet Behind Large-Scale 'Sextortion' Campaign

Apurva Venkat • October 17, 2019

Scammers are using the notorious Phorpiex botnet as part of an ongoing "sextortion" scheme, according to Check Point researchers. At one point, the botnet was sending out over 30,000 spam emails an hour and the attackers made about $110,000 in five months, researchers say.

3rd Party Risk Management

Robotic Process Automation: Security Essentials

Suparna Goswami • October 17, 2019

Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.

Application Security

How 'Zero Trust' Better Secures Applications and Access

Jeremy Kirk • October 17, 2019

Organizations are accepting that the network perimeter no longer serves as the "ultimate defense" and thus adapting zero-trust principles, including least privilege, based on the understanding that they may already have been compromised, says Darran Rolls of SailPoint.

Blockchain & Cryptocurrency

'Graboid' Cryptojacking Worm Spreads Through Containers

Jeffrey Burt • October 16, 2019

Attackers are using Docker containers to spread a cryptojacking worm in a campaign dubbed "Graboid," according to researchers at Palo Alto Network's Unit 42 threat research unit. Although the researchers describe the campaign as "relatively inept," they says it has the potential to become much more dangerous.

Blockchain & Cryptocurrency

Phony Company Used to Plant macOS Malware: Report

Apurva Venkat • October 16, 2019

Security researchers have found that a hacking group, which may have North Korean ties, recently created a phony company offering a cryptocurrency exchange platform as a step toward planting malware on the macOS devices of employees of cryptocurrency exchanges.

CISO Trainings

The Ultimate Missing Link in Cyber: Continuous Compromise Assessment

Information Security Media Group • October 16, 2019

According to Ricardo Villadiego, Lumu Technologies' Founder and CEO, organizations are "sitting on a gold mine: their own data". Under the single premise that organizations should assume they are compromised and prove otherwise, Lumu seeks to empower enterprises to answer the most basic question: Is your organization...