BlackMatter's dedicated data leak site (Source: Recorded Future)

BlackMatter Ransomware Claims To Be Best of REvil, DarkSide

Mathew J. Schwartz • July 28, 2021

A new ransomware group called BlackMatter has debuted, claiming to offer the best features of REvil and DarkSide - both apparently defunct - as well as LockBit. A new attack using REvil's code appears has also been spotted, but a security expert says it's likely the work of a former affiliate.

►

Cybercrime

US: Chinese Government Waged Microsoft Exchange Attacks

Latest

Cyberwarfare / Nation-State Attacks

Israeli Government Visits NSO Group Amidst Spyware Claims

Jeremy Kirk • July 29, 2021

The Israeli government paid a visit on Wednesday to NSO Group, the company whose spyware has been alleged to have been covertly installed on the mobile devices of journalists and activists. The visit comes as Israel faces growing pressure to see if NSO Group's spyware, called Pegasus, has been misused.

Critical Infrastructure Security

Biden Calls for Critical Infrastructure Security Standards

Scott Ferguson • July 28, 2021

President Joe Biden signed an executive national security memorandum on Wednesday calling for the development of new critical infrastructure cybersecurity standards for various industries. CISA and NIST will develop the standards, and compliance will be voluntary - at least initially.

Business Continuity Management / Disaster Recovery

Measuring Success of No More Ransom Project

Rashmi Ramesh • July 28, 2021

Europol says the No More Ransom Project, a portal launched five years ago, so far has helped more than 6 million ransomware victims worldwide recover their files for free so they could avoid paying almost 1 billion euros ($1.2 billion) in ransoms.

Cyberwarfare / Nation-State Attacks

Pegasus Spyware: World Leaders Demand Israeli Probe

Mathew J. Schwartz • July 27, 2021

Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."

Fraud Management & Cybercrime

Congress Urged to Update Federal Laws to Combat Ransomware

Scott Ferguson • July 27, 2021

Congress needs to update and expand federal laws to combat the surge in ransomware attacks, federal cybersecurity experts told a Senate committee at a Tuesday hearing.

COVID-19

SASE: Building a Migration Strategy

Geetha Nandikotkur • July 27, 2021

Security experts offer an analysis of Gartner's new strategic road map for SASE adoption that emphasizes the need for a detailed migration plan and offer tips for a successful rollout.

Business Continuity Management / Disaster Recovery

Kaseya Says It Paid No Ransom to Obtain Universal Decryptor

Doug Olenick • July 26, 2021

Remote management software company Kaseya says it obtained the ability to decrypt all victims of a massive REvil - aka Sodinokibi - attack via its software, without paying a ransom to attackers. But Kaseya has still not revealed how it obtained the decryption key, except to say it was supplied by a third party.

Governance & Risk Management

18 Companies to Participate in NIST 'Zero Trust' Project

Dan Gunderman • July 26, 2021

NIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which the private sector can also follow.

Cybercrime

Attackers Rely on 'Exotic' Languages for Malware Creation

Rashmi Ramesh • July 26, 2021

Malware developers increasingly are relying on "exotic" programming languages - such as Go, Rust, DLang and Nim - to create malicious code that can avoid detection by security tools and add a layer of obfuscation to an attack, according to a report released Monday by BlackBerry.

Cryptocurrency Fraud

Hackers Target Kubernetes Using Misconfigured Argo Workflows

Akshaya Asokan • July 26, 2021

A hacking campaign is targeting Kubernetes environments using misconfigured Argo Workflows to deploy cryptominers, a report by security firm Intezer finds.

Business Continuity Management / Disaster Recovery

IoT Security Dangers Loom as Office Workers Return

Doug Olenick • July 24, 2021

With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.

Endpoint Security

Congress Focuses on Industrial Control System Security

Scott Ferguson • July 23, 2021

A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure.