Crypto Exchange Bug Reveals North Korean Monero Laundering

Jeremy Kirk • September 28, 2021

Weaknesses in the systems of ShapeShift, a U.K.-based cryptocurrency exchange, reveal how a North Korean-linked group laundered cryptocurrency that came from the WannaCry 2.0 attack four years ago. The issues undermined some protections in Monero, a cryptocurrency designed to provide a high degree of privacy.

Blockchain & Cryptocurrency

Groove Promises Maximum Profits for Ransomware Affiliates

Latest

3rd Party Risk Management

Russia-Linked Nobelium Deploying New 'FoggyWeb' Malware

Mihir Bagwe • September 28, 2021

The Russia-linked cyberespionage group Nobelium, which was responsible for the SolarWinds supply chain attack, has developed and deployed a new malware, dubbed FoggyWeb, according to a Microsoft Threat Intelligence Center security blog. Microsoft says FoggyWeb creates a backdoor to exfiltrate data.

Critical Infrastructure Security

Ransomware Patch or Perish: Attackers Exploit ColdFusion

Mathew J. Schwartz • September 27, 2021

For combating ransomware, doing the security basics is essential, including keeping systems updated and patched. Don't follow in the footsteps of one technology firm, which Sophos found got hit by Cring ransomware after attackers exploited ColdFusion software that hadn't been patched in 11 years.

Critical Infrastructure Security

REvil Ransomware Group's Latest Victim: Its Own Affiliates

Mathew J. Schwartz • September 25, 2021

Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.

3rd Party Risk Management

ISMG Editors’ Panel: The Rise of Quadruple Extortion Attacks

Anna Delaney • September 24, 2021

Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.

Business Continuity Management / Disaster Recovery

Ransomware Updates: Conti Attacks Rise, New Players Surface

Anna Delaney • September 24, 2021

The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.

Governance & Risk Management

Applying Critical, Systems and Design Thinking to Security

Steve King • September 24, 2021

Brian Barnier, a director of analytics who is developing a course on critical and design thinking in cybersecurity for CyberEd.io, is a firm believer in the importance of critical thinking today. He discusses how that, plus systems and design thinking, can improve the way cybersecurity functions.

Critical Infrastructure Security

Karma Seeks Free Publicity to Fulfill Ransomware Destiny

Mathew J. Schwartz • September 24, 2021

A new and still little-known ransomware group called Karma has been pursuing a novel strategy to pressure victims into paying: Get journalists to publicize businesses hit by the ransomware operation, adding pressure on victims to pay the ransom demand.

Anti-Phishing, DMARC

Microsoft Analyzes Phishing-as-a-Service Operation

Doug Olenick • September 22, 2021

Microsoft Security on Tuesday issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription all the tools needed to conduct a campaign. The gang remains operational.

Global Compliance

How to Keep Cybercrime's Foot off the Pedal with the Auto Industry and ISO/SAE 21434

Information Security Media Group • September 21, 2021

With automotive standard ISO 21434 just around the corner, this tutorial focuses on how it will form a key protective component against the cyber threats facing automation software developers.

Critical Infrastructure Security

Ransomware Reportedly Hits Iowa Farm Services Cooperative

Scott Ferguson , Doug Olenick • September 20, 2021

NEW Cooperative, an Iowa-based farm services cooperative, has reportedly been targeted by the BlackMatter ransomware gang, demanding a $5.9 million payment from the organization, according to security researchers and published reports. The cooperative is working with law enforcement agencies.

Blockchain & Cryptocurrency

Hacker Makes Off With $12 Million in Latest DeFi Breach

Dan Gunderman • September 20, 2021

In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork announced Sunday it had been hacked for 277 pBTC, a form of wrapped bitcoin, with losses worth over $12 million at current value.

Business Continuity Management / Disaster Recovery

Is White House Crackdown on Ransomware Having Any Effect?

Mathew J. Schwartz • September 17, 2021

The latest edition of the ISMG Security Report features an analysis of the state of the Biden administration's efforts to disrupt ransomware attackers, as well as how a newly patched Apple iMessage flaw was being targeted by Pegasus spyware to effect zero-click exploits.