Capital One Must Turn Over Mandiant's Forensics Report

Jeremy Kirk • May 29, 2020

A federal judge has ordered Capital One to turn over a forensics report covering its 2019 data breach, which has been sought by plaintiffs in a class action lawsuit. The report, if it becomes public, could shed light on one of last year's biggest breaches.

Cybercrime

RagnarLocker Deploys a Virtual Machine to Hide Ransomware

Latest

Account Takeover

Suspected Hacker Faces Money Laundering, Conspiracy Charges

Akshaya Asokan • May 30, 2020

A New York City man is facing federal charges after FBI agents arrested him at John F. Kennedy Airport with a PC allegedly containing thousands of stolen credit card numbers. Prosecutors also believe the suspect used bitcoin to launder millions in illicit funds.

Cybercrime

Top Ransomware Attack Vectors: RDP, Drive-By, Phishing

Mathew J. Schwartz • May 29, 2020

Ransomware-wielding attackers are typically breaking into victims' networks using remote desktop protocol access, phishing emails or malware that's sometimes used in drive-by attacks against browsers, experts warn, advising organizations to make sure they have the right defenses in place.

Cybercrime

NSA: Russian Hackers Targeting Vulnerable Email Servers

Akshaya Asokan • May 29, 2020

A Russian government-backed hacking group that's been tied to a series of cyberespionage campaigns has been quietly exploiting a critical remote code execution vulnerability in Exim email servers since 2019, the U.S. National Security Agency warns in an alert.

Governance & Risk Management

Hackers Breached 6 Unpatched Cisco Internal Servers

Doug Olenick • May 29, 2020

Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities. The company did not describe the damage done, saying only that "a limited set of customers" was impacted.

Cybercrime

Revamped Valak Malware Targets Exchange Servers

Ishita Chigilli Palli • May 29, 2020

A recently revamped version of the Valak strain of malware is targeting Microsoft Exchange servers in the U.S. and Germany, according to recent research from Cybereason. The malware has been redesigned to act as an information stealer that can extract corporate data.

COVID-19

Analysis: Surge in Attacks Against Banks

Nick Holland • May 29, 2020

The latest edition of the ISMG Security Report analyzes why cyberattacks against banks have surged in recent weeks. Plus: The increasingly ruthless tactics of ransomware gangs; cybersecurity strategies for small businesses.

Legislation & Litigation

Bipartisan Bill Would Boost Cybersecurity Research

Ishita Chigilli Palli • May 28, 2020

A bipartisan group of lawmakers has introduced a bill that calls for investing $100 billion in research on science and emerging technologies, including cybersecurity, quantum computing and artificial intelligence.

Governance & Risk Management

How Smaller Companies Can Set Cybersecurity Priorities

Anna Delaney • May 28, 2020

Small and midsize companies don't need to spend money on expensive security products, says cybersecurity consultant Nic Miller, but they must consider several critical factors as they devise their strategies.

Governance & Risk Management

Researcher Contends Trend Micro's RootkitBuster Busted

Jeremy Kirk • May 28, 2020

Last week, security researcher Bill Demirkapi said that Trend Micro used a trick to get one of its drivers to pass Microsoft's approval process. Trend Micro has withdrawn the driver and says it's working with Microsoft on incompatibility issues that are unrelated to the researcher's findings.

COVID-19

Videoconferencing: Think Twice Before Hitting 'Record'

Mathew J. Schwartz • May 27, 2020

As a result of the COVID-19 pandemic, work-from-home employees have rushed to adopt videoconferencing tools. But Kroll's Alan Brill warns that sound security and privacy practices - backed by legal, risk management and HR teams - too often lag. Here are his top concerns and tips on how to address them.

Governance & Risk Management

Why an Information Asset Register Plays Important Role

Anna Delaney • May 26, 2020

Security practitioners need to know what data their organization has and where it is kept so they can ensure it's protected. That inventory process that can be simplified by creating an information asset register, says Bilal Ghafoor, a data protection consultant.

Cloud Security

Setting IAM Priorities in the Shift to the Cloud

Anna Delaney • May 26, 2020

As more organizations rely more heavily on cloud-based applications as a result of a remote workforce, they must avoid taking identity and access management shortcuts, says James Gosnold of the cloud consultancy CloudKubed, who calls for the addition of another layer of authentication.