Arrest of a suspected member of the REvil/Sodinokibi operation (Source: FSB)

Russia Charges 8 REvil Ransomware Suspects After Raids

Mathew J. Schwartz • January 17, 2022

Russian authorities have charged eight individuals with crimes tied to the REvil ransomware operation, after raiding 25 properties and detaining 14 suspects, thanks in part to U.S.-shared intelligence. The White House says one of the suspects was also responsible for last year's attack on Colonial Pipeline.

Cybercrime

FTC Threatens Action Against Orgs Failing to Mitigate Log4j

Latest

3rd Party Risk Management

GAO: SolarWinds, Exchange Hacks Reveal Info-Sharing Gaps

Dan Gunderman • January 17, 2022

GAO auditors say in a new report that the federal government's response to both the SolarWinds software supply chain attack and the exploitation of Microsoft Exchange Servers in 2021 sharpened its coordination efforts, but also exposed information-sharing gaps.

Business Continuity Management / Disaster Recovery

Doxbin Leak Includes Criminals' Data, Could Boost Hacking

Soumik Ghosh • January 17, 2022

Threat actors who use data-sharing website Doxbin have had passwords, decryptor keys, multifactor authentication codes and stealer log information leaked online, according to some security experts. Doxbin is used by threat actors to dump victims' personally identifiable information.

3rd Party Risk Management

Record Number of Major Health Data Breaches in 2021

Marianne Kolbasuk McGee • January 17, 2022

In the midst of a global pandemic, the federal breach tally shows that a record number of major health data breaches were reported in the U.S. in 2021, and the overwhelming majority of them involved hacking/IT incidents. Will those trends continue in 2022?

Application Security

Destructive Malware Discovered Targeting Ukrainian Systems

Mathew J. Schwartz • January 17, 2022

The defacement of Ukrainian government websites may have been intended as a smokescreen for a destructive malware attack that failed to execute or has yet to be unleashed, some security experts warn. Ukraine continues to investigate the attack, which it suggests may trace to Russia, Belarus or both.

Critical Infrastructure Security

A Structured Response to the Log4j Vulnerability

Geetha Nandikotkur • January 17, 2022

"We came up with a structured, documented approach to respond to mitigating the Log4j vulnerability using the EDR scanning tools along with a code validation, containerization, and sandboxing of our applications and networks," says Ian Keller, security director at Ericsson.

Blockchain & Cryptocurrency

OCC Chief Calls for Collaboration in Crypto Regulations

Devon Warren-Kachelein • January 15, 2022

With 16% of U.S. citizens using a cryptocurrency trading platform, OCC acting Chief Michael Hsu urges collaborative efforts to pass cryptocurrency regulations, which he says could lead to greater innovation in the space.

3rd Party Risk Management

Accellion Agrees to $8.1 Million Breach Settlement

Prajeet Nair • January 15, 2022

More than a year after the December 2020 cyberattack on Accellion's File Transfer Appliance, the company has agreed to an $ 8.1 million settlement to resolve a class action against it following the data exposure that resulted in the theft of both consumer and patient data.

Governance & Risk Management

FCC Proposes Stricter Telecom Breach Notification Measures

Dan Gunderman • January 14, 2022

The FCC is considering changes to its breach notification requirements for telecommunication companies. FCC Chairwoman Jessica Rosenworcel confirmed in a statement this week that the agency is strengthening its rules for both customer and federal law enforcement notification of breaches involving customer proprietary...

Blockchain & Cryptocurrency

North Korean Crypto Theft Totals $400 Million in 2021

Dan Gunderman • January 14, 2022

North Korean cybercriminals escalated their illicit campaigns throughout 2021, frequently carrying out crypto hacks to siphon funds, launder gains and cash out using a decentralized exchange. New data from Chainalysis says North Korean hackers lifted nearly $400 million in cryptoassets last year.

3rd Party Risk Management

Clinic Breach Affecting 200,000 Tied to Vendor's 2020 Attack

Marianne Kolbasuk McGee • January 14, 2022

A family medical practice is notifying nearly 200,000 individuals that their information was compromised in a 2020 ransomware attack on cloud hosting vendor Netgain Technology, an incident that also affected several of the vendor's other clients and hundreds of thousands of their patients.

Application Security

ISMG Editors: Is 2022 the Year of the SBOM?

Anna Delaney • January 14, 2022

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the importance of incident repose planning; the worldwide impact of the LOg4j flaw, which may lead to 2022 being the year of the SBOM; and the increasingly blurred line between conventional...

Application Security

18 Firefox 96 Security Fixes Include High-Risk Issues

Mihir Bagwe • January 14, 2022

Mozilla has released its latest Firefox browser version 96 with a host of new features and improvements for both desktop and mobile browsing. Mozilla has also fixed 18 security vulnerabilities, including 9 high-severity issues and 9 other medium- or low-severity flaws.