FBI Director Christopher Wray testifying before the Senate Homeland Security Committee on Tuesday.

FBI Director Questioned Over Kaseya Decryption Key

Scott Ferguson • September 21, 2021

FBI Director Christopher Wray faced questions during a Senate hearing Tuesday concerning a published report that the bureau for almost three weeks withheld a decryption key that agents obtained from the ransomware gang that targeted software firm Kaseya.

Access Management

Conti Ransomware Threat Rising as Group Gains Affiliates

Latest

Anti-Phishing, DMARC

COVID-19's Positive Impact on Cybersecurity

Tarun Kumar • September 23, 2021

The COVID-19 crisis has posed an unparalleled challenge for cybersecurity. Like COVID-19, cyberattacks spread fast and far - creating more and more damage. But the pandemic has also had a positive impact on the cybersecurity function, which Tarun Kumar, CISO at Nissan, describes here.

DDoS Protection

Russians Prevent Mēris Botnet From Hijacking 45,000 Devices

Mihir Bagwe • September 22, 2021

Russian cybersecurity firm Rostelecom-Solar reports that it prevented what it believes is the Mēris botnet from an attempted takeover of 45,000 new devices. The company's president says it also stopped 19 distributed denial-of-service attacks targeting Russia’s remote electronic voting system.

3rd Party Risk Management

US DHS, FBI Face Ransomware Questions from Congress

Dan Gunderman • September 22, 2021

U.S. FBI and Department of Homeland Security leaders fielded several cybersecurity questions from House lawmakers Wednesday, particularly around the surge in ransomware attacks, diplomatic efforts to curb ransomware's financial model, and the nation-states that harbor cybercriminals.

Anti-Phishing, DMARC

Microsoft Analyzes Phishing-as-a-Service Operation

Doug Olenick • September 22, 2021

Microsoft Security on Tuesday issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription all the tools needed to conduct a campaign. The gang remains operational.

Application Security

Researcher Finds Exposed Data of 106 Million Thai Visitors

Mihir Bagwe • September 22, 2021

Researcher Bob Diachenko has discovered an unsecured database containing personal information of 106 million foreign nationals who have visited Thailand in the past decade. The 200GB database, which has now been secured, has not been accessed by unauthorized personnel, Thai authorities say.

3rd Party Risk Management

Russian-Linked Group Using Secondary Backdoor Against Targets

Scott Ferguson • September 22, 2021

A Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed, Cisco Talos report. Victims include U.S., German and Afghan organizations.

Application Security

Zero-Day Vulnerability Found in UK Virgin Media Routers

Prajeet Nair • September 22, 2021

Researchers have found a zero-day vulnerability in U.K. broadband and cable TV provider Virgin Media’s Super Hub 3 routers that enables an attacker to unmask IP addresses of VPN users. But a Virgin Media spokesperson says the risk of that happening is "very low."

3rd Party Risk Management

US Treasury Blacklists Russia-Based Crypto Exchange

Dan Gunderman • September 22, 2021

The U.S. Department of the Treasury has blacklisted Russia-based cryptocurrency exchange Suex for allegedly laundering tens of millions of dollars for ransomware operators, scammers and darknet markets. It is the first such designation for a virtual currency exchange.

3rd Party Risk Management

BlackMatter Knocks Marketron Off the Air

Doug Olenick • September 22, 2021

Marketron Broadcast Solutions was hit over the weekend by a ransomware attack launched by the BlackMatter gang, and the attack has taken down a number of the marketing firm's products. Marketron is currently in talks with its attacker.

Electronic Healthcare Records

Facilitating the Secure Exchange of Health Data

Marianne Kolbasuk McGee • September 22, 2021

The acquisition of the SAFE Identity consortium and its trust framework by DirectTrust, best known for creating and maintaining trust frameworks for secure email messaging in healthcare, will help facilitate new secure health information exchange use cases, says DirectTrust CEO Scott Stuewe.

Breach Notification

Hacking Incidents Lead to 2 Big Eye Care Provider Breaches

Marianne Kolbasuk McGee • September 21, 2021

Two eye care entities are among the latest healthcare provider organizations recently reporting hacking breaches each affecting tens of thousands of individuals. One of the incidents involved a foiled wire transfer fraud attempt.

Blockchain & Cryptocurrency

Coinbase Contracts With DHS for Blockchain Analytics

Dan Gunderman • September 21, 2021

U.S.-based cryptocurrency exchange Coinbase has contracted with the U.S. Department of Homeland Security to provide its blockchain monitoring software, according to government tracking sites. The U.S.-based exchange also withdrew plans to launch a crypto lending program amid tensions with the SEC.