Buyers' and sellers' listings on darknet forums for access to organizations' networks (Source: Positive Technologies)

9 Ransomware Enablers - And Tactics for Combating Them

Mathew J. Schwartz • July 29, 2021

Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks. Given that attackers first need remote access to victims' systems, robust patch management and remote desktop protocol security remain obvious must-have defenses.

Critical Infrastructure Security

US: Chinese Government Waged Microsoft Exchange Attacks

Latest

Account Takeover Fraud

Card Stealer Malware Uses New Evasion Technique

Akshaya Asokan • July 29, 2021

A new card stealer malware campaign that loads JavaScript malware from blocked domain lists to evade detection is targeting e-commerce sites that run Adobe's Magento, software security firm Sucuri reports.

Cyberwarfare / Nation-State Attacks

Israeli Government Visits NSO Group Amid Spyware Claims

Jeremy Kirk • July 29, 2021

The Israeli government paid a visit on Wednesday to NSO Group, the company whose spyware is alleged to have been covertly installed on the mobile devices of journalists and activists. The visit comes as Israel faces growing pressure to see if NSO Group's spyware, called Pegasus, has been misused.

Recruitment & Reskilling Strategy

Tips on Recruiting, Retaining Cybersecurity Staff

Anna Delaney • July 28, 2021

To recruit and retain cybersecurity specialists, organizations must "stop expecting people just to be sort of 'focused monkeys' and doing one particular task and turning the handle," says Keith Martin, professor of information security at Royal Holloway University in the U.K.

Business Continuity Management / Disaster Recovery

Measuring Success of 'No More Ransom' Project

Rashmi Ramesh • July 28, 2021

Europol says the "No More Ransom" project, a portal launched five years ago, so far has helped more than 6 million ransomware victims worldwide recover their files for free so they could avoid paying almost 1 billion euros ($1.2 billion) in ransoms.

Cyberwarfare / Nation-State Attacks

Pegasus Spyware: World Leaders Demand Israeli Probe

Mathew J. Schwartz • July 27, 2021

Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."

Cybercrime

New Project Studies Online Payments Fraud Prevention

Suparna Goswami • July 27, 2021

The Federal Reserve Bank of Atlanta and Georgia State University’s Evidence-Based Cybersecurity Research Group are working together on a research project focused on how to prevent online payments fraud. Two participants describe the project's goals.

COVID-19

SASE: Building a Migration Strategy

Geetha Nandikotkur • July 27, 2021

Security experts offer an analysis of Gartner's new strategic road map for SASE adoption that emphasizes the need for a detailed migration plan and offer tips for a successful rollout.

Business Continuity Management / Disaster Recovery

Kaseya Says It Paid No Ransom to Obtain Universal Decryptor

Doug Olenick • July 26, 2021

Remote management software company Kaseya says it obtained the ability to decrypt all victims of a massive REvil - aka Sodinokibi - attack via its software, without paying a ransom to attackers. But Kaseya has still not revealed how it obtained the decryption key, except to say it was supplied by a third party.

Cybercrime

Attackers Rely on 'Exotic' Languages for Malware Creation

Rashmi Ramesh • July 26, 2021

Malware developers increasingly are relying on "exotic" programming languages - such as Go, Rust, DLang and Nim - to create malicious code that can avoid detection by security tools and add a layer of obfuscation to an attack, according to a report released Monday by BlackBerry.

Cryptocurrency Fraud

Hackers Target Kubernetes Using Misconfigured Argo Workflows

Akshaya Asokan • July 26, 2021

A hacking campaign is targeting Kubernetes environments using misconfigured Argo Workflows to deploy cryptominers, a report by security firm Intezer finds.

Business Continuity Management / Disaster Recovery

IoT Security Dangers Loom as Office Workers Return

Doug Olenick • July 24, 2021

With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.

Cyberwarfare / Nation-State Attacks

ISMG Editors’ Panel: Examining the Pegasus Project

Anna Delaney • July 23, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.