Latest

►

Critical Infrastructure Security

Colonial Pipeline: 'A Global Day of Reckoning'

Tom Field  •  May 11, 2021

Gregory Touhill, the retired Air Force general and former federal CISO under President Obama, minces no words when he describes the Colonial Pipeline ransomware attack as a "global day of reckoning" for critical infrastructure protection.

►

Fraud Management & Cybercrime

Pipeline Attack: 'Time for a Disproportionate Response'

Tom Field  •  May 10, 2021

It’s serious, impactful and raises new questions about critical infrastructure protection. But don’t tell Philip Reitinger of the Global Cyber Alliance that the Colonial Pipeline ransomware attack is any kind of a “wake-up call.” He says we’re long past that.

Critical Infrastructure Security

Colonial Pipeline Confirms Ransomware Causing Disruptions

Scott Ferguson  •  May 8, 2021

Colonial Pipeline, which oversees more than 5,500 miles of pipeline that supplies fuel throughout the U.S. East Coast, confirmed Saturday that a ransomware attack has disrupted its services, and the company has taken some of its IT systems offline as a precaution.

Critical Infrastructure Security

US and UK Issue Joint Alert on Russian Cyber Activity

Doug Olenick  •  May 8, 2021

U.S. and U.K. cybersecurity, law enforcement and intelligence agencies issued a joint advisory Friday offering detailed information on how to defend against the activities of the Russian Foreign Intelligence Service, or SVR, in the wake of the 2020 SolarWinds supply chain attack.

Cybercrime

Malspam Campaign Used Hancitor to Download Cuba Ransomware

Akshaya Asokan  •  May 8, 2021

Attackers co-opted the Hancitor malware downloader and recently used it to deliver Cuba ransomware as part of an email spam campaign for data exfiltration and ransom extortion, a new report by security firm Group-IB finds.

Endpoint Security

How Patched Android Chip Flaw Could Have Enabled Spying

Prajeet Nair  •  May 7, 2021

A severe vulnerability in a system on certain Qualcomm chips, which has been patched, potentially could have enabled attackers to remotely control Android smartphones, access users' text messages and listen in on conversations, according to a new report from Check Point Software Technologies.

Cryptocurrency Fraud

'Panda Stealer' Targets Cryptocurrency Wallets

Prajeet Nair  •  May 7, 2021

Researchers at Trend Micro have uncovered a new cryptocurrency stealer variant that uses a fileless approach in its global spam email distribution campaign to evade detection.

►

Cryptocurrency Fraud

ISMG Editors Discuss Cryptocurrency Regulations and More

Anna Delaney  •  May 7, 2021

Four editors at Information Security Media Group discuss timely cybersecurity issues, including a call for cryptocurrency regulation and the impact of hospital ransomware attacks.

DDoS Protection

DNS Flaw Can Be Exploited for DDoS Attacks

Akshaya Asokan  •  May 7, 2021

Security researchers have uncovered a flaw dubbed TsuNAME in DNS resolver software that attackers could used to carry out distributed denial-of-service attacks against authoritative DNS servers. Google and Cisco have resolved the issue in their DNS servers.

Application Security

Can Evidence Collected by Cellebrite's Tools Be Trusted?

Anna Delaney  •  May 7, 2021

The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.

Endpoint Security

Intel, AMD Dispute Findings on Chip Vulnerabilities

Doug Olenick  •  May 6, 2021

Intel and AMD are disputing the findings of researchers from two universities who say they've discovered new attacks on Intel and AMD processors that can bypass most of the defenses put in place earlier for similar "Spectre" and "Meltdown" attacks.

Governance & Risk Management

Exim Patches 21 Flaws in Message Transfer Agent

Akshaya Asokan  •  May 6, 2021

Exim, one of the most-used message transfer agents, has issued patches for 21 flaws that could put thousands of users at risk of attacks, researchers at security firm Qualys say.