India Moves Toward Limiting What Telecom Tech Can Be Used

Prajeet Nair • June 17, 2021

In a key move toward ensuring telecom companies only use technologies from trustworthy sources, the government of India has launched a Trusted Telecom Portal designed to evaluate and approve technologies and suppliers.

Blockchain & Cryptocurrency

Ransomware to Riches Story: JBS Pays Criminals $11 Million

Latest

Critical Infrastructure Security

Ransomware Roundup: Avaddon Exits; Clop Suspects Arrested

Anna Delaney • June 18, 2021

The latest edition of the ISMG Security Report features an analysis of the Avaddon ransomware gang's retirement and the crackdown on the Clop ransomware gang in Ukraine. Also featured: Bitcoin as ally in the ransomware battle; strengthening U.S. cybersecurity defenses.

Cybercrime

Analysis: The Cyber Impact of Biden/Putin Summit Meeting

Scott Ferguson • June 17, 2021

After U.S. President Joe Biden and Russian President Vladimir Putin discussed cybersecurity issues at their Wednesday summit meeting in Geneva, security experts and analysts began sizing up what the next steps might be following what some are calling a "transformational moment."

Governance & Risk Management

Cyberium Domain Targets Tenda Routers in Botnet Campaign

Akshaya Asokan • June 17, 2021

Malware hosting domain Cyberium has spread multiple Mirai variants, including one that targeted vulnerable Tenda routers as part of a botnet campaign, AT&T Alien Labs reports.

Business Email Compromise (BEC)

Behind the Scenes of a BEC Attack

Rashmi Ramesh • June 16, 2021

The Microsoft 365 Defender research team says it has “disrupted a large-scale BEC infrastructure hosted in multiple web services.” It describes in a blog post how the fraud scheme worked.

Cybercrime

How 'SEO Poisoning' Is Used to Deploy Malware

Prajeet Nair • June 16, 2021

SolarMarker malware operators are using "SEO poisoning" techniques to deploy the remote access Trojan to steal sensitive information, Microsoft reports.

Endpoint Security

Apple Patches 3 Flaws Affecting Certain Devices

Akshaya Asokan • June 16, 2021

Apple has released patches for two zero-day vulnerabilities and a fix for another security issue, all of which affected devices running iOS version 12.5.3. It says the zero-day flaws are being exploited in the wild.

Cybercrime

The Best of Virtual RSA Conference 2021

Information Security Media Group • June 15, 2021

With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.

Cyberwarfare / Nation-State Attacks

NATO Endorses Cybersecurity Defense Policy

Scott Ferguson • June 15, 2021

The U.S. and its NATO allies endorsed a new cybersecurity defense policy during President Biden's visit this week with member states in Brussels. The policy agreement comes as Biden prepares to meet Russian President Vladimir Putin on Wednesday to discuss cybersecurity and other issues.

Breach Notification

Volkswagen, Audi Notify 3.3 Million of Data Breach

Jeremy Kirk • June 15, 2021

Volkswagen and its Audi subsidiary are notifying 3.3 million people in the U.S and Canada of a breach of personal information by a marketing services supplier. Volkswagen says 90,000 of those affected may have also had their driver's license number, loan data and other personal information exposed.

Cybercrime

Report: China-Connected APT41 Likely Behind Attacks on Airlines

Doug Olenick • June 15, 2021

The China-backed advanced persistence threat group APT41 apparently was responsible for the breach of SITA, an international provider of IT services for the air transport industry worldwide, that led to customer data at Air India and other airlines being compromised, according to Group-IB. SITA disputes the findings.

Cybercrime

'Fear' Likely Drove Avaddon's Exit From Ransomware Fray

Mathew J. Schwartz • June 15, 2021

Based on Russian-language cybercrime chatter, "fear" likely drove the lucrative Avaddon ransomware-as-a-service operation to announce its retirement as the U.S. exerts increasing diplomatic pressure on Moscow to disrupt such activity, experts say. But are criminals simply laying low until the heat dies down?

Privileged Access Management

Using PAM in an OT Environment

Suparna Goswami • June 14, 2021

To enhance privileged access management for operational technology, organizations should use specialized remote access solutions for vendors that are allowed to access OT networks, says Felix Gaehtgens, an analyst at Gartner.