Innovative REvil Ransomware Operation Is Back

Innovative REvil Ransomware Operation Is Back

Critical Infrastructure Security , Cybercrime , Cyberwarfare / Nation-State Attacks Group Specializing in Big Game Hunting Has Amassed Millions in Ransom Payments Mathew J. Schwartz (euroinfosec) • September 13, 2021     REvil ransom note seen by victims of the ransomware attack involving Kaseya’s software (Source: Cisco Talos) Has the notorious REvil ransomware group resumed…

‘Potential Cyber Incident’ Disrupted EMEA System

‘Potential Cyber Incident’ Disrupted EMEA System

Cybercrime , Cybercrime as-a-service , Endpoint Security Some Reports Suggest BlackMatter Was Attacker Mihir Bagwe • September 13, 2021     (Image Source: Flickr) Olympus, a Japanese company that manufactures optics and reprography products, has reported that a portion of its IT system in the EMEA region was affected by a “potential cybersecurity incident” on…

Indonesian Intelligence Agency Reportedly Breached

Indonesian Intelligence Agency Reportedly Breached

Breach Notification , Critical Infrastructure Security , Incident & Breach Response At Least 10 Indonesian Government Ministries and Agencies Affected Prajeet Nair (@prajeetspeaks) • September 13, 2021     Insikt Group, the threat research division of threat intelligence firm Recorded Future, says it has discovered Chinese hackers have breached the internal records of at least…

Howard University shuts down network after ransomware attack

Howard University shuts down network after ransomware attack

The private Howard University in Washington disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems. University officials expect full recovery from the incident to take a long time although work is being done to remediate the situation as quickly as possible. Classes canceled, WiFi down The…

Biden Administration Releases Draft Zero-Trust Guidance

Biden Administration Releases Draft Zero-Trust Guidance

The federal government is pushing hard for agencies to adopt zero-trust cybersecurity architectures, with new guidance released Tuesday from the administration’s policy arm—the Office of Management and Budget—and lead cybersecurity agency—the Cybersecurity and Infrastructure Security Agency. The administration released several documents Tuesday for public comment, seeking feedback on the overarching federal policy from OMB and draft…

White House Pushing Federal Agencies Toward ‘Zero Trust’

White House Pushing Federal Agencies Toward ‘Zero Trust’

3rd Party Risk Management , Critical Infrastructure Security , Cybercrime CISA and OMB Creating Road Maps So Departments Can Adopt by 2024 Scott Ferguson (Ferguson_Writes) • September 8, 2021     Source: Flickr The White House is preparing executive branch agencies to adopt “zero trust” network architectures by September 2024, with the U.S. Cybersecurity and…

8,000+ Confluence Servers Still Vulnerable to Atlassian Flaw

8,000+ Confluence Servers Still Vulnerable to Atlassian Flaw

3rd Party Risk Management , Application Security , Breach Notification Server Taken Offline Following Exploitation of Vulnerability Mihir Bagwe • September 8, 2021     Last weekend’s confirmed attack on the Jenkins project – an open-source automation server used in software development – using a recently discovered vulnerability in the Atlassian Confluence service, could be…