(Source: Jarek Tuszyński via Wikipedia)

Senate SolarWinds Hearing: 4 Key Issues Raised

Scott Ferguson • February 24, 2021

The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.

3rd Party Risk Management

Data Breaches: ShinyHunters' Dominance Continues

3 North Koreans Indicted for Conspiring to Steal $1.3 Billion

Card Not Present Fraud

Darknet Markets Compete to Replace Joker's Stash

Application Security

Biden Assesses US Policies on China Cybersecurity Issues

Latest

Business Continuity Management / Disaster Recovery

Federal Reserve's Money Transfer Services Suffer Outage

Doug Olenick • February 24, 2021

The Federal Reserve's online money transfer system, including Fedwire Funds and Fedcash, suffered an outage for more than three hours Wednesday afternoon, citing technical issues for the event and not a cyber incident. Systems were restored by late afternoon.

Endpoint Security

Cybersecurity Agencies Warn of Accellion Vulnerability Exploits

Doug Olenick • February 24, 2021

The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.

Artificial Intelligence & Machine Learning

Using ID Screening to Fight COVID-19 Economic Relief Fraud

Nick Holland • February 24, 2021

High-speed identity screening can play a critical role in cracking down on fraud tied to COVID-19 economic relief efforts without impeding legitimate access to funds, says Dr. Gary Shiffman, CEO of Giant Oak, which offers artificial intelligence technology.

Cybercrime

Russian Hacking Group Deploys IronPython Malware Loader

Akshaya Asokan • February 24, 2021

The Russian hacking group known as Turla is deploying a new IronPython-based malware loader called "IronNetInjector" as part of a new campaign, Palo Alto Networks' Unit42 reports. It comes with capabilities to obfuscate malware codes and encrypt and decrypt NET injector and payloads.

Fraud Management & Cybercrime

Updated Minebridge RAT Targets Security Researchers

Theo Nassiokas, Head of Technology, Governance & Risk Controls, Westpac Group • February 24, 2021

The operators behind the Minebridge remote-access Trojan have updated the malware, which is targeting security researchers by using a malicious payload disguised in an attached document, according to the security firm Zscaler.

Application Security

Python Software Rushes to Tackle RCE Vulnerability

Prajeet Nair • February 23, 2021

The Python Software Foundation is issuing updates for Python 3.9.2 and 3.8.8 to address critical security vulnerabilities, including a remote code execution vulnerability that can be exploited to shut down systems.

Critical Infrastructure Security

Ukraine Blames Russia for DDoS Attack on Defense Websites

Prajeet Nair • February 23, 2021

The National Security and Defense Council of Ukraine accuses Russia of turning Ukrainian government servers into a botnet for massive distributed denial-of-service attacks that then caused the servers to be blocked.

Cybercrime

Silver Sparrow Malware Infects 30,000 Macs

Doug Olenick • February 23, 2021

A previously undetected malware variant has infected almost 30,000 Apple Macs. So far, however, researchers have not seen the code, called Silver Sparrow, deliver any malicious payloads to these endpoints, according to a new report.

Governance & Risk Management

US Marine Corps Looks to Expand Insider Threat Program

Scott Ferguson • February 23, 2021

The U.S. Marine Corps looks to expand its insider threat program and seeks proposals to include activity monitoring technology on its enterprise and classified networks. The goal is to give the Marines greater ability to monitor network traffic and stop insiders from exposing data.

Anti-Phishing, DMARC

France Warns of Stolen Healthcare Credentials

Marianne Kolbasuk McGee • February 23, 2021

French authorities are warning the country's healthcare sector of the discovery of a glut of stolen credentials, apparently belonging to hospital workers, that were found for sale on the dark web. The alert comes amid a recent rise in ransomware attacks on hospitals and other healthcare entities.

Application Security

Fraudsters Using Telegram API to Harvest Credentials

Prajeet Nair • February 22, 2021

A newly-discovered phishing campaign posts harvested credentials using the Telegram messaging app's application programming interface to bypass secure email gateways, report researchers at the Cofense Phishing Defense Center.

Cybercrime

Chinese Hacking Group 'Cloned' NSA Exploit Tool

Scott Ferguson • February 22, 2021

A Chinese hacking group reportedly "cloned" and deployed a zero-day exploit developed by the NSA's Equation Group before Microsoft patched the Windows flaw being exploited, according to Check Point Research. The analysis shows how some U.S. cyber weapons have been turned against their developers.