Latest

Application Security

Zero-Day Vulnerability Found in UK Virgin Media Routers

Prajeet Nair  •  September 22, 2021

Researchers have found a zero-day vulnerability in U.K. broadband and cable TV provider Virgin Media’s Super Hub 3 routers that enables an attacker to unmask IP addresses of VPN users. But A Virgin Media spokesperson says the risk of that happening is "very low."

3rd Party Risk Management

US Treasury Blacklists Russia-Based Crypto Exchange

Dan Gunderman  •  September 22, 2021

The U.S. Department of the Treasury has blacklisted Russia-based cryptocurrency exchange Suex for allegedly laundering tens of millions of dollars for ransomware operators, scammers and darknet markets. It is the first such designation for a virtual currency exchange.

3rd Party Risk Management

BlackMatter Knocks Marketron Off the Air

Doug Olenick  •  September 22, 2021

Marketron Broadcast Solutions was hit over the weekend by a ransomware attack launched by the BlackMatter gang, and the attack has taken down a number of the marketing firm's products. Marketron is currently in talks with its attacker.

Breach Notification

Hacking Incidents Lead to 2 Big Eye Care Provider Breaches

Marianne Kolbasuk McGee  •  September 21, 2021

Two eye care entities are among the latest healthcare provider organizations recently reporting hacking breaches each affecting tens of thousands of individuals. One of the incidents involved a foiled wire transfer fraud attempt.

Critical Infrastructure Security

FBI Director Questioned Over Kaseya Decryption Key

Scott Ferguson  •  September 21, 2021

FBI Director Christopher Wray faced questions during a Senate hearing Tuesday concerning a published report that the bureau for almost three weeks withheld a decryption key that agents obtained from the ransomware gang that targeted software firm Kaseya.

Critical Infrastructure Security

Ransomware Reportedly Hits Iowa Farm Services Cooperative

Scott Ferguson , Doug Olenick  •  September 20, 2021

NEW Cooperative, an Iowa-based farm services cooperative, has reportedly been targeted by the BlackMatter ransomware gang, demanding a $5.9 million payment from the organization, according to security researchers and published reports. The cooperative is working with law enforcement agencies.

Blockchain & Cryptocurrency

Hacker Makes Off With $12 Million in Latest DeFi Breach

Dan Gunderman  •  September 20, 2021

In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork announced Sunday it had been hacked for 277 pBTC, a form of wrapped bitcoin, with losses worth over $12 million at current value.

Active Defense & Deception

Chinese APT Data-Harvesting Campaign Analyzed

Rashmi Ramesh  •  September 20, 2021

Earlier this month, McAfee Enterprise's Advanced Threat Research team, working with McAfee's Professional Services IR team, reported that an APT campaign dubbed Operation Harvest had been in operation for years. Their analysis provides insight into the group's tools, tactics and techniques.

Breach Notification

Post-Attack, Health Agency Notifying 'All Alaskans'

Marianne Kolbasuk McGee  •  September 20, 2021

Alaska's Department of Health and Social Services says it is notifying "all Alaskans" that their personal and protected health information may have been compromised in a nation-state-sponsored cyberattack that was detected in May, from which the department is still recovering.

Business Continuity Management / Disaster Recovery

CISA Must Update Critical Infrastructure Protection Plans

Scott Ferguson  •  September 20, 2021

CISA must update its plans to improve the security - both physical and cyber - within the nation's critical infrastructure, according to a report that specifically looked at issues related to the country's dams and levees. Attacks targeting critical infrastructure have raised the issue.

Business Continuity Management / Disaster Recovery

Mēris: How to Stop the Most Powerful Botnet on Record

Mihir Bagwe  •  September 20, 2021

The Mēris botnet, responsible for huge waves of DDoS attacks recorded by cybersecurity firms Qrator Labs and Cloudflare, is still active, using "abandoned" MikroTik routers. The attack signatures saw a spike of 21.8 million requests per second, exploiting a vulnerable version of MikroTik RouterOS.

Cybercrime

Spanish and Italian Police Break Up Phishing Gang

Doug Olenick  •  September 20, 2021

The Spanish and Italian national police agencies, in conjunction with Europol, have arrested 106 individuals who allegedly are linked to the Italian mafia on a variety of online fraud charges that authorities say earned the group at least 10 million euros ($11.7 million) in illegal profits.