First American Financial's SEC Breach Settlement: $488,000

Jeremy Kirk • June 21, 2021

Title insurance company First American Financial Corp. will pay the SEC a $488,000 penalty as a result of a data breach revealed two years ago. Information security staff members were aware of the vulnerability in the company's EaglePro document-sharing system for five months but failed to fix it, the SEC reports.

Cybercrime

How Did FBI Recover Colonial Pipeline's DarkSide Bitcoins?

Latest

Security Operations

Using Automation to Update a SOC

Suparna Goswami • June 21, 2021

How can organizations update their SOCs to ensure they keep up with evolving cyberthreats? Three experts - Sean Duca of Palo Alto Networks, Rishi Rajpal of Concentrix and Anish Ravindranathan of Tata Digital - offer insights.

Business Continuity Management / Disaster Recovery

Senate Approves Chris Inglis as National Cyber Director

Scott Ferguson • June 18, 2021

The U.S. Senate has unanimously approved Chris Inglis as national cyber director. He assumes the role as the country is still reeling from a series of ransomware attacks and the SolarWinds supply chain attack. Meanwhile, confirmation of a new CISA director is on hold.

Breach Notification

Senators Draft a Federal Breach Notification Bill

Scott Ferguson • June 18, 2021

A bipartisan group of senators is circulating a draft of a federal breach notification bill that would require federal agencies, federal contractors and businesses that have oversight over critical infrastructure to report significant cyberthreats to CISA within 24 hours of discovery.

Fraud Management & Cybercrime

ISMG Editors’ Panel: NATO's Cybersecurity Policy and More

Anna Delaney • June 18, 2021

In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including NATO's new cyber defense policy, the outlook for congressional regulatory action to address the ransomware threat, and cybersecurity comments by U.S. Rep. Jim Langevin.

NSA Offers Tips on Securing Unified Communication Channels

Akshaya Asokan • June 18, 2021

The U.S. National Security Agency has released new guidance to help federal agencies as well as business enterprises protect their unified communications channels and voice/video over IP calls from cyberthreats.

DDoS Protection

Peak DDoS Traffic Up 100%, Researchers Report

Rashmi Ramesh • June 18, 2021

The daily peak of DDoS attack traffic increased 100% from January 2020 to May 2021, reaching 3 Tbps, with most of the high-bandwidth, high-intensity attacks originating from fewer than 50 hosting companies, Nokia Deepfield reports.

Governance & Risk Management

Pay Attention to the Fine Print on 'War Exclusions' in Cyber Policies

Marianne Kolbasuk McGee • June 18, 2021

When seeking cyber insurance or other types of insurance policies that provide organizations with coverage for certain data security incidents, it's critical to carefully consider the "war exclusions" contained in those policies, says insurance attorney Peter Halprin.

Critical Infrastructure Security

Ransomware Roundup: Avaddon Exits; Clop Suspects Arrested

Anna Delaney • June 18, 2021

The latest edition of the ISMG Security Report features an analysis of the Avaddon ransomware gang's retirement and the crackdown on the Clop ransomware gang in Ukraine. Also featured: Bitcoin as ally in the ransomware battle; strengthening U.S. cybersecurity defenses.

Cybercrime

Analysis: The Cyber Impact of Biden/Putin Summit Meeting

Scott Ferguson • June 17, 2021

After U.S. President Joe Biden and Russian President Vladimir Putin discussed cybersecurity issues at their Wednesday summit meeting in Geneva, security experts and analysts began sizing up what the next steps might be following what some are calling a "transformational moment."

Business Email Compromise (BEC)

Behind the Scenes of a Business Email Compromise Attack

Rashmi Ramesh • June 16, 2021

The Microsoft 365 Defender research team says it has “disrupted a large-scale business email compromise infrastructure hosted in multiple web services.” It describes in a blog post how the BEC fraud scheme worked.

Cybercrime

How 'SEO Poisoning' Is Used to Deploy Malware

Prajeet Nair • June 16, 2021

SolarMarker malware operators are using "SEO poisoning" techniques to deploy the remote access Trojan to steal sensitive information, Microsoft reports.

Biometrics

P2P Payments: How to Balance Security and Convenience

Suparna Goswami • June 16, 2021

Jim Bray of Identité, an authentication solutions firm, and Steve Ledford of The Clearing House, a payments platform that all federally insured U.S. depository institutions are eligible to use for payments, discuss the role that biometrics can play in preventing P2P payment fraud while maintaining consumer...