New link to Tehran: Facebook cyber experts determined that some of the hackers’ malware was developed by the Iranian IT company Mahak Rayan Afraz, which has ties to Iran’s Islamic Revolutionary Guard Corps. “As far as I know, this is the first public attribution of the group’s malware to a vendor or front company with…
Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Commerce Department Says Organizations Are Aligned With Russian Intelligence Dan Gunderman (dangun127) • July 17, 2021 U.S. Department of Commerce (Source: Brandon Mowinkel/Unsplash) The Department of Commerce is restricting trade with four Russian information technology and cybersecurity firms, along with…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management If Backups Unavailable, Victims Should Retain Encrypted Files in Case Decryptor Released Doug Olenick (DougOlenick) • July 16, 2021 REvil’s original post of the Kaseya attack on its darknet site Some ransomware gangs that have shut down…
3rd Party Risk Management , Cybercrime , Fraud Management & Cybercrime Discussion Also Tackles Vendor Security Issues Anna Delaney (annamadeline) • July 16, 2021 Clockwise, from top left: Tom Field, Anna Delaney, Scott Ferguson and Marianne Kolbasuk McGee In the latest weekly update, four…
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Report: Cooperation Is Required to Protect US Critical Infrastructure Scott Ferguson (Ferguson_Writes) • July 16, 2021 The Pentagon (Photo: Political Office via Flickr/CC) A greater level of cooperation is needed between the Department of Defense and the Department of Homeland Security to ensure that U.S….
Governance & Risk Management , IT Risk Management , Patch Management Company Also Plans to Upgrade All Page Loads to HTTPS Rashmi Ramesh • July 16, 2021 Google will soon release a security update to address eight vulnerabilities in its Chrome browser, including a high-severity zero-day flaw that’s being exploited in the wild….
Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities. “Candiru is a secretive Israel-based company that sells spyware exclusively to governments,” Citizen Lab explained in a report published today. “Reportedly, their spyware can infect and monitor iPhones,…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Fraud Risk Management Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools Dan Gunderman (dangun127) • July 16, 2021 Illustration: Palo Alto Networks The gang behind ransomware known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly…
Breach Notification , Fraud Management & Cybercrime , Incident & Breach Response DarkSide Ransomware Operation Had Claimed Clothing Retailer Was Victim of Its Attack Mathew J. Schwartz (euroinfosec) • July 13, 2021 Guess store in Miami (Photo: Phillip Pessar via Flickr/CC) Clothing retailer Guess suffered a ransomware attack and data breach earlier this…
If you’re a member of the US military who’s gotten friendly Facebook messages from private-sector recruiters for months on end, suggesting a lucrative future in the aerospace or defense contractor industry, Facebook may have some bad news. On Thursday, the social media giant revealed that it has tracked and at least partially disrupted a long-running…
