In the latest weekly update, ISMG editors discuss the lasting effects of the takedown of the Hive ransomware group, why the U.S. government is warning of a surge in Russian DDoS attacks on hospitals, and why the lack of transparency in U.S. breach notices is creating more risk for consumers.
While malicious wipers have stolen most of the headlines in the Russia-Ukraine cyberwar, investigators say Russians are now using modified GammaLoad and GammaSteel info stealer malware to spy on compromised government employee accounts and avoid detection. The attack begins with a phishing email.
Researchers from cybersecurity firm WithSecure say they spotted a North Korean espionage campaign they dub "No Pineapple" that reveals a slew of tools in the Pyongyang hacking arsenal. They're confident the hackers were North Korean: One hacker connected to an infected server using a DPRK address.
U.S. federal authorities are establishing a new office to tackle supply chain security issues and help industry partners put federal guidance and policies into practice. Former GSA administrator Shon Lyublanovits says she is spearheading the launch of the new organization.
Security researchers say they found the Russian intelligence-linked Sandworm threat actor deploying a novel disk wiper against an energy sector company located in Ukraine. Data wipers have played a key role in Russia's hacking campaign against Ukraine.
Valuations are down, some companies have left the market altogether, and some even have announced deep rounds of layoffs. Yet, Alberto Yépez of Forgepoint Capital retains optimism for the cybersecurity marketplace in 2023 and says now is the ideal time to be ramping up investments in innovation.
An update to acquisition regulations within the Department of Veterans Affairs says that contractors have one hour to report a security and privacy incident. The clock starts ticking after the incident has been discovered. The department says the rule change only codifies an existing requirement.
Contractors for the Federal Aviation Administration who attempted to correct a database synchronization issue ended up causing an hourslong outage to a key flight safety system, says the agency. No evidence exists that hackers caused the Jan. 11 airspace snafu.
Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.
Ukraine's top information protection agency says Russian cyberattacks are focusing on destruction of critical information infrastructure, spying and disinformation. Although efforts are underway, it will require $1.79 billion to completely restore the telecommunication sector, it says.
The U.S. Department of Defense is looking for a few good hackers to penetrate a facilities network underpinning the Pentagon's basement, mezzanine, and the command and communications center used by the president and the secretary of defense. Defense has hosted white hat hacking sessions since 2016.
Senior U.S. and Japanese officials pledged deepened cooperation in cyberspace while signaling readiness to rebuff China through deployment of an upgraded Marine Corps unit to Okinawa. U.S. President Joe Biden is set to meet Friday with Japanese Prime Minister Fumio Kishida at the White House.
The Vice Society ransomware group today claimed responsibility for a December 2022 attack on an Australian state fire department that led to a widespread IT outage. Fire Rescue Victoria warned current and former employees and job applicants of data leak.
The United Nations will commence a hearing for its first-ever global treaty on cybercrime this week to focus on state response to cybercrime and coordinated intelligence sharing. The proposed treaty seeks to legally categorize various cybercrimes and develop a unified international response.
Hundreds of U.S. counties continue to work with pen and paper after a cyberattack on their digital records management vendor last week disrupted methods to view, add and edit government records. The attack slowed the processing of birth certificates, marriage licenses and real estate transactions.