Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Report: Cooperation Is Required to Protect US Critical Infrastructure Scott Ferguson (Ferguson_Writes) • July 16, 2021 The Pentagon (Photo: Political Office via Flickr/CC) A greater level of cooperation is needed between the Department of Defense and the Department of Homeland Security to ensure that U.S….
Governance & Risk Management , IT Risk Management , Patch Management Company Also Plans to Upgrade All Page Loads to HTTPS Rashmi Ramesh • July 16, 2021 Google will soon release a security update to address eight vulnerabilities in its Chrome browser, including a high-severity zero-day flaw that’s being exploited in the wild….
Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities. “Candiru is a secretive Israel-based company that sells spyware exclusively to governments,” Citizen Lab explained in a report published today. “Reportedly, their spyware can infect and monitor iPhones,…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Fraud Risk Management Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools Dan Gunderman (dangun127) • July 16, 2021 Illustration: Palo Alto Networks The gang behind ransomware known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly…
Breach Notification , Fraud Management & Cybercrime , Incident & Breach Response DarkSide Ransomware Operation Had Claimed Clothing Retailer Was Victim of Its Attack Mathew J. Schwartz (euroinfosec) • July 13, 2021 Guess store in Miami (Photo: Phillip Pessar via Flickr/CC) Clothing retailer Guess suffered a ransomware attack and data breach earlier this…
If you’re a member of the US military who’s gotten friendly Facebook messages from private-sector recruiters for months on end, suggesting a lucrative future in the aerospace or defense contractor industry, Facebook may have some bad news. On Thursday, the social media giant revealed that it has tracked and at least partially disrupted a long-running…
At least 120 people have died and hundreds are unaccounted for after some of the worst flooding in western Europe in decades. The acting mayor of Liege in Belgium, Christine Defraigne, told BBC World News that while the river level was now dropping, the city was now facing a “terrible aftermath”. “I think our population…
Microsoft Windows July 2021 Patch Tuesday just rolled out, patching 12 critical security vulnerabilities in a total of 116 issues. It is noteworthy that three of the issues addressed this month were actively exploited in the wild. These bugs include a critical scripting engine memory corruption issue known as CVE-2021-34448, and two Windows kernel elevation-of-privilege…
Blockchain & Cryptocurrency , Critical Infrastructure Security , Cryptocurrency Fraud If Ransomware Should Decline as a Viable Criminal Business Model, What Comes Next? Mathew J. Schwartz (euroinfosec) • July 16, 2021 Source: Cisco Talos The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Social Media ‘Tortoiseshell’ Group Used the Social Network to Contact Targets Doug Olenick (DougOlenick) • July 15, 2021 Facebook’s threat intelligence team says it has disrupted an Iranian advanced persistent threat group that was using the social network as part of an effort…
