COVID-19 Update: 'We're in a Bad Place'

Tom Field • October 29, 2020

COVID-19 infections are hitting new daily highs in the U.S., and some European countries are re-imposing restrictions. Plus, the flu season is just around the corner. "We're in a bad place," says pandemic expert Regina Phelps, who shares insights on pandemic trends and response.

Cybercrime

US Officials Blame Data Exfiltration on Russian APT Group

Latest

Critical Infrastructure Security

US Hospitals Warned of Fresh Wave of Ransomware Attacks

Prajeet Nair • October 29, 2020

The FBI and CISA warn U.S. hospitals about a fresh wave of Ryuk ransomware attacks that have recently targeted healthcare facilities across the country. Over the past week, several hospitals have publicly reported attacks, which appear to be financially motivated.

Governance & Risk Management

100,000 Windows Devices Still Exposed to SMBGhost Flaw

Doug Olenick • October 29, 2020

Almost eight months after Microsoft warned of a critical vulnerability in Windows called SMBGhost, more than 100,000 unpatched devices remain vulnerable, according to security researchers. The COVID-19 pandemic and ensuing rush to move workers into home offices may have led to delays in applying the fix.

Cybercrime

Russian Hacking Group Upgrades Malicious Toolset

Akshaya Asokan • October 29, 2020

Turla, a hacking group based in Russia, is deploying a revamped set of customized tools to target potential victims, including a European government agency, for its espionage campaigns, according to Accenture.

Endpoint Security

How an IoT Door Lock Actually Provided a Way In

Jeremy Kirk • October 29, 2020

Although IoT door locks are ultimately designed to keep people out, they may actually be the way in. Craig Young of Tripwire describes problems he found in U-tec's Ultraloq and other issues with IoT security.

Encryption & Key Management

Analysis: The Security of 5G Devices, Networks

Doug Olenick • October 28, 2020

So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security.

COVID-19

CISOs' Pandemic Challenge: More Disruption, Less Budget

Mathew J. Schwartz • October 28, 2020

The imperative for CISOs during the COVID-19 pandemic is to do more with less. While disruptive attacks - as well as privacy concerns - keep rising, budgets are down. As organizations rapidly adopt new technologies, however, EY's Kris Lovejoy says CISOs must seize the opportunity to streamline.

Application Security

Apps Infected With Adware Found on Google Play Store

Chinmay Rautmare • October 27, 2020

Some 21 malicious Android apps containing intrusive adware were discovered on the Google Play Store, but most have now been removed, according to a new report from the security firm Avast.

Cybercrime

Even in Test Mode, New Mirai Variant Infecting IoT Devices

Doug Olenick • October 26, 2020

A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab.

Blockchain & Cryptocurrency

KashmirBlack Botnet Targets Content Management Systems

Prajeet Nair • October 26, 2020

Security researchers at Imperva have uncovered a botnet that attacks vulnerabilities in websites' underlying content management systems and then uses these compromised servers to mine for cryptocurrency or send spam to more victims.

Fraud Management & Cybercrime

Phishing Campaign Mimics Microsoft Teams Alerts

Chinmay Rautmare • October 23, 2020

Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials.

Forensics

LockBit Ransomware Uses Automation Tools to Pick Targets

Prajeet Nair • October 23, 2020

The operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also assist in picking specific targets, according to Sophos.

Critical Infrastructure Security

Analysis: The Significance of Russian Hackers' Indictment

Anna Delaney • October 23, 2020

The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.