A file image of Microsoft, which has outlined recent activity by Nobelium, the group behind the SolarWinds campaign

Report: SolarWinds Hackers Targeting IT Supply Chain

Dan Gunderman • October 25, 2021

The actor behind the cyberattack targeting SolarWinds customers - Nobelium - is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says 140 resellers and tech service providers have been notified that they have been targeted by the group.

Cryptocurrency Fraud

BlackByte: Free Decryptor Released for Ransomware Strain

Latest

Business Continuity Management / Disaster Recovery

US State Department to Create Dedicated Cyber Office

Dan Gunderman • October 27, 2021

The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape.

Breach Notification

Cyberattack Reportedly Cripples Iran Gas Stations

Prajeet Nair • October 27, 2021

An attack on systems that govern fuel subsidies in Iran reportedly hit all fuel stations and left many of the country’s citizens without gas for hours. Islamic Republic of Iran Broadcasting says that a cyberattack caused widespread disruption to the country's fuel distribution network.

3rd Party Risk Management

REvil's Cybercrime Reputation in Tatters - Will It Reboot?

Mathew J. Schwartz • October 27, 2021

Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation's brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.

Breach Notification

Why Healthcare Entities Fall Short Managing Security Risk

Marianne Kolbasuk McGee • October 27, 2021

Why do so many HIPAA -covered entities and their vendors do such a poor job managing security risk and safeguarding patient's protected health information? Many critical factors come into play, say Roger Severino, ex- director of HHS OCR, and Bob Chaput, founder of security consultancy Clearwater.

Blockchain & Cryptocurrency

US DOJ: Global Darknet Sting Nabs 150 Suspects

Dan Gunderman • October 26, 2021

International law enforcement officials on Tuesday announced that some 150 suspects have been arrested globally for buying or selling illegal goods, following a 10-month sting operation, code name "Operation DarkHunTOR," targeting the dark web.

Fraud Management & Cybercrime

The Need for Systems Thinking in Cybersecurity

Brian Barnier • October 26, 2021

In preparation for the relaunch of ISMG’s education platform, CyberEd.io, Ron Ross of the National Institute of Standards and Technology and Brian Barnier, who is designing a course on critical thinking and design thinking, discuss the need for reorienting toward systems thinking in cybersecurity.

Business Continuity Management / Disaster Recovery

Groove Operators Reportedly Ask Peers to Attack US

Prajeet Nair • October 26, 2021

The operators behind Groove ransomware are calling on other extortion gangs to join forces to attack the U.S. public sector, according to chatter seen on underground forums, reports malware research organization vx-underground, citing a blog posted by the gang on a Russian site.

3rd Party Risk Management

Defending Against Open-Source Supply Chain Attacks

Anna Delaney • October 26, 2021

Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.

Critical Infrastructure Security

Why Hive Attacks Are the Latest Menace to Healthcare Sector

Marianne Kolbasuk McGee • October 26, 2021

Several characteristics of the Hive ransomware group make the threat actor particularly menacing to its victims, which include healthcare sector targets, says Adam Meyers, vice president of intelligence at security firm CrowdStrike.

Critical Infrastructure Security

Forget Hacking Back: Just Waste Ransomware Gangs' Time

Mathew J. Schwartz • October 26, 2021

Who's been launching distributed denial-of-service attacks against ransomware operators' sites and cybercrime markets? Disrupting ransomware operations that rely on Tor-based data leak sites and payment portals for double extortion is an obvious move for cutting into their profits.

Blockchain & Cryptocurrency

DarkSide Transfers $7 Million Worth of Bitcoin

Prajeet Nair • October 25, 2021

Following an outage of the REvil - aka Sodinokibi - ransomware operation due to coordinated law enforcement efforts involving the U.S. and foreign partners, the operators behind DarkSide ransomware have moved bitcoin worth almost $7 million to multiple new wallets, making it more difficult to track.

3rd Party Risk Management

Case Study: Intrusion Prevention, Detection in the Cloud

Marianne Kolbasuk McGee • October 25, 2021

Chronic disease management firm Omada Health has been changing its approach to cloud intrusion prevention and detection, which is reducing time spent on investigating false positives, says the company's information security leader, Bill Dougherty.