BlackMatter ransom note (Source: Bleeping Computer)

Secrets and Lies: The Games Ransomware Attackers Play

Mathew J. Schwartz • August 5, 2021

A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.

Governance & Risk Management

BlackMatter Ransomware Claims to Be Best of REvil, DarkSide

Latest

Next-Generation Technologies & Secure Development

Cybersecurity M&A Update: Five Firms Make Moves

Doug Olenick • August 5, 2021

Cybersecurity acquisitions continue at an intense pace, with Ivanti, Sophos, Deloitte Risk & Financial Advisory, Cerberus Sentinel and Feedzai all making moves to bolster their security portfolios.

COVID-19

COVID 19: What Delta Variant Means to Business Recovery

Tom Field • August 4, 2021

Infection numbers are surging in the southern U.S., states and cities are enacting new mask mandates and the fall flu season looms as the great unknown. Sound familiar? COVID-19 is back with the highly contagious Delta variant. Pandemic expert Regina Phelps discusses what that means for business recovery.

Application Security

Microsoft Database Engine Vulnerabilities Patched

Rashmi Ramesh • August 4, 2021

Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.

Governance & Risk Management

Unsecured Database Exposed Data on Millions

Prajeet Nair • August 4, 2021

Researchers at vpnMentor say that B2B marketing company OneMoreLead exposed the data of up to 126 million Americans on a misconfigured Elasticsearch server.

Cyberwarfare / Nation-State Attacks

Chinese APT Groups Targeted Asian Telecoms

Dan Gunderman • August 3, 2021

Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason. As in other Chinese cyberattacks, these APT campaigns exploited flaws in Microsoft Exchange servers.

Fraud Management & Cybercrime

Global Incident Response: The Rise of Integrity Attacks

Tom Field • August 3, 2021

Tom Kellermann calls it a new "Twilight Zone" - an era in which cybersecurity adversaries can unleash destructive attacks that manipulate time, data, audio and video. The cybersecurity strategist shares insights and analysis from his latest Global Incident Response Threat Report.

Fraud Management & Cybercrime

Ransomware Actors Set Up a Call Center to Lure Victims

Jeremy Kirk • August 3, 2021

Ransomware actors have taken a page from the playbooks of tech support scammers of yore by guiding victims to download malware through persuasion over the phone. Microsoft says the technique is more dangerous than it first realized.

Fraud Management & Cybercrime

New RAT Targets Russian Speakers

Rashmi Ramesh • August 3, 2021

The Malwarebytes threat intelligence team has discovered a remote access Trojan apparently designed to target Russian speakers that may have combined a social engineering technique with a known exploit to maximize chances of infecting targets.

Fraud Management & Cybercrime

Fighting Ransomware With ‘Zero Trust’ Model

Geetha Nandikotkur • August 2, 2021

A "zero trust" security architecture is a strong defense against ransomware attacks because it's so effective at preventing intruders from accessing critical systems, says Anil Valluri, managing director and regional vice president-India and SAARC at Palo Alto Networks.

Fraud Management & Cybercrime

Ransomware Attackers Eying 'Pure Data-Leakage Model'

Mathew J. Schwartz • August 2, 2021

A funny thing happened on the way to the nonstop ransomware payday: Some groups hit the wrong targets - Ireland's health system, a major U.S. fuel pipeline - resulting in the U.S. moving to much more aggressively disrupt their business model, says Bob McArdle, director of cybercrime research at Trend Micro.

Cybercrime

FatalRAT Exploits Telegram to Deliver Malicious Links

Prajeet Nair • August 2, 2021

A remote access Trojan is being distributed via download links for software or media articles on Telegram channels, according to researchers at AT&T Alien Labs.

3rd Party Risk Management

SolarWinds Attackers Accessed US Attorneys' Office Emails

Scott Ferguson • August 1, 2021

The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. attorneys' offices in 15 states and Washington, D.C., throughout 2020, according to an update posted by the Justice Department.