Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains

Tom Field • March 1, 2021

Jamil Farshchi has been there. As CISO of Equifax, he knows what it’s like to be a victim of a high-profile cyberattack. And he knows breached companies have a choice: "Are they going to be a force for good by helping the rest of the industry learn from their experience?"

Forensics

Accellion: How Attackers Stole Data and Ransomed Companies

Latest

Cryptocurrency Fraud

Cryptomining Botnet Uses Bitcoin Wallet to Avoid Detection

Prajeet Nair • March 1, 2021

A cryptomining botnet campaign is using bitcoin blockchain transactions to hide command-and-control server addresses and stay under the radar, defeating takedown attempts, according to security firm Akamai.

Critical Infrastructure Security

NSA Issues Guidance on 'Zero Trust' Implementation

Akshaya Asokan • February 27, 2021

The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.

Cyberwarfare / Nation-State Attacks

Microsoft Releases Queries for SolarWinds Attack Detection

Prajeet Nair • February 26, 2021

Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.

Fraud Management & Cybercrime

DHS to Provide $25 Million More for Cybersecurity Grants

Doug Olenick • February 26, 2021

The U.S. Department of Homeland Security will provide an additional $25 million in grants to state and local cybersecurity preparedness programs with a particular focus on combatting ransomware, Secretary Alejandro Mayorkas announced Thursday.

Breach Notification

Analysis: Feds Crack Down on Cryptocurrency Scams

Anna Delaney • February 26, 2021

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

Governance & Risk Management

6,000 VMware vCenter Devices Vulnerable to Remote Attacks

Prajeet Nair • February 25, 2021

Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware has issued recommendations for patching the flaw.

3rd Party Risk Management

Executive Order Focuses on Supply Chain Risk Management

Scott Ferguson • February 25, 2021

In light of the global shortage of semiconductors, President Joe Biden signed an executive order Wednesday requiring a federal review of supply chain risks for these chips. Also to be reviewed: supply chain risks for information and communications technology and the pharmaceutical industry.

Business Continuity Management / Disaster Recovery

Federal Reserve's Money Transfer Services Suffer Outage

Doug Olenick • February 24, 2021

The Federal Reserve's online money transfer system, including Fedwire Funds and FedCash, suffered an outage for more than three hours Wednesday afternoon, with the Fed citing technical issues as the cause and not a cyber incident. Systems were restored by late afternoon.

Artificial Intelligence & Machine Learning

Using ID Screening to Fight COVID-19 Economic Relief Fraud

Nick Holland • February 24, 2021

High-speed identity screening can play a critical role in cracking down on fraud tied to COVID-19 economic relief efforts without impeding legitimate access to funds, says Dr. Gary Shiffman, CEO of Giant Oak, which offers artificial intelligence technology.

Cybercrime

Silver Sparrow Malware Infects 30,000 Macs

Doug Olenick • February 23, 2021

A previously undetected malware variant has infected almost 30,000 Apple Macs. So far, however, researchers have not seen the code, called Silver Sparrow, deliver any malicious payloads to these endpoints, according to a new report.

Cybercrime

Chinese Hacking Group 'Cloned' NSA Exploit Tool

Scott Ferguson • February 22, 2021

A Chinese hacking group reportedly "cloned" and deployed a zero-day exploit developed by the NSA's Equation Group before Microsoft patched the Windows flaw being exploited, according to Check Point Research. The analysis shows how some U.S. cyber weapons have been turned against their developers.

Anti-Phishing, DMARC

Sequoia Capital Investigating 'Cybersecurity Incident'

Prajeet Nair • February 22, 2021

Venture capital firm Sequoia Capital confirmed it was recently involved in a "cybersecurity incident," but offered no details on exactly what may have transpired. Cybersecurity teams and law enforcement agencies have been notified.