Conti flaunts the Costa Rica attack on its data leak site. (Source: Conti News site)

Conti Says It Has 'Insiders' in Costa Rican Government

Mihir Bagwe • May 17, 2022

Ransomware actor Conti, which has been targeting Costa Rican government entities since April 2022, has claimed on its leak site Conti News that it has "insiders" in the country's government, and they are working toward the compromise of "other systems."

Business Continuity Management / Disaster Recovery

Illuminate Education Mega-Breach Affects K-12 Students

Latest

Application Security

CISA Removes Windows Flaw From Exploited Catalog List

Prajeet Nair • May 17, 2022

The U.S. Cybersecurity and Infrastructure Security Agency has announced that it is temporarily removing a Windows protection defect from its Known Exploited Vulnerability Catalog because of a risk of authentication failures after the recent Microsoft patch update.

3rd Party Risk Management

Google Unveils Service to Secure Open-Source Dependencies

Michael Novinson , Brian Pereira • May 17, 2022

Google will offer customers access to the same technology it uses to lock down developer workflows to ensure open-source dependencies are addressed. Assured Open Source Software will allow clients to ensure third-party software they're using is scanned, analyzed and fuzz-tested for vulnerabilities.

Critical Infrastructure Security

Feds Say 'Multi-Tasking Doctor' Built Thanos Ransomware

Mathew J. Schwartz • May 17, 2022

U.S. authorities have charged a cardiologist based in Venezuela with developing and selling multiple strains of ransomware, including Jigsaw and Thanos, as well as recruiting affiliates to use the crypto-locking malware against victims in return for a cut of any ransoms paid.

Access Management

Proof of Concept: Apple/Microsoft/Google Back Passwordless

Anna Delaney • May 16, 2022

In the latest "Proof of Concept," Lisa Sotto, Jeremy Grant and ISMG editors discuss the significance of Apple, Google and Microsoft supporting the FIDO protocol's passwordless sign-in standard, progress made on Biden's cybersecurity executive order and updates on U.S. cybersecurity and privacy laws.

Breach Notification

AvosLocker Claims Data Theft From Another Healthcare Entity

Marianne Kolbasuk McGee • May 16, 2022

In its most recent assault against a healthcare entity, ransomware-as-a-service operator AvosLocker claims to be behind an attack allegedly involving data theft from Texas-based CHRISTUS Health, which operates hundreds of healthcare facilities in the U.S., Mexico and South America.

Breach Notification

EU Parliament, Council Agree on Cybersecurity Risk Framework

Prajeet Nair • May 16, 2022

The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations." Called NIS2, it is a modernized framework based on the EU Network and Information Security Directive.

Blockchain & Cryptocurrency

Cause for Concern? Ransomware Strains Trace to North Korea

Mathew J. Schwartz • May 16, 2022

If you were a nation with legions of hackers at your disposal, seeking to sidestep crippling international sanctions, would you look to ransomware to fund your regime? That question is posed by new research that finds state-sponsored North Korean hackers haven't stopped their ransomware experiments.

Next-Generation Technologies & Secure Development

Late-Stage Startups Feel the Squeeze on Funding, Valuations

Michael Novinson • May 13, 2022

Mature cybersecurity startups are beginning to slow hiring and prune operating expenses as macroeconomic storm clouds obscure future funding sources. Emerging vendors must grapple with an IPO market that has essentially dried up and investors unwilling to offer valuations anywhere near 2021 levels.

3rd Party Risk Management

A $150 Million Plan to Secure Open-Source Software

Brian Pereira • May 13, 2022

The Linux Foundation and the Open Source Security Foundation have put forth a nearly $150 million investment plan, spread across two years, to strengthen open-source security in the U.S. The plan was announced at the Open Source Software Security Summit II in Washington, D.C., on Thursday.

Cybercrime

Post-Exploitation Framework Targets Microsoft Servers

Brian Pereira • May 13, 2022

A post-exploitation framework dubbed IceApple has been targeting global organizations that use Internet Information Services - Microsoft's extensible web server software - and Microsoft Exchange servers since at least 2021, says Falcon OverWatch, the proactive threat hunting team at CrowdStrike.

Blockchain & Cryptocurrency

ISMG Editors: What Have We Learned From the Conti Leaks?

Anna Delaney • May 13, 2022

In the latest update, four editors at Information Security Media Group discuss the intriguing insights exposed by the leak of ransomware gang Conti's internal communications, the U.S. Treasury's first-ever sanctions on a cryptocurrency mixer and the latest cyber activity in Russia's hybrid war.

3rd Party Risk Management

COVID Delays Patching of Vulnerable Konica Minolta Printers

Mihir Bagwe • May 13, 2022

Hundreds of thousands of Konica Minolta printers used in businesses have reportedly been vulnerable to three critical flaws since 2019. Although a patch was available, deployment was delayed as the firmware update required physical access to the printers and COVID-19 made that difficult.