Editors' Panel: What Impact Will Cisco's Splunk Acquisition Have on Industry?

Anna Delaney • September 29, 2023

In our latest weekly update, ISMG editors discuss key takeaways from a forum on developing a strategy for OT security, guidance issued by the U.S. Food and Drug Administration on cybersecurity in medical devices, and how the acquisition of Splunk by Cisco might impact the cybersecurity industry.

Artificial Intelligence & Machine Learning

Cisco to Bring XDR, SIEM Together With $28B Splunk Purchase

Latest

Next-Generation Technologies & Secure Development

CrowdStrike Boosts Israeli Startup Ties With AWS Partnership

Michael Novinson • September 29, 2023

CrowdStrike has joined forces with Amazon Web Services to familiarize themselves with more Israeli cyber startups earlier in their development lifecycle. The Cybersecurity Startup Accelerator will provide EMEA-based companies with mentorship, technical expertise and partnership opportunities.

Governance & Risk Management

Vulns Found In Another Progress Software File Transfer App

Prajeet Nair • September 29, 2023

Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero day in the company's MOVEit file transfer software in a hack affecting tens of millions.

Artificial Intelligence & Machine Learning

NSA Stands Up New Organization to Harness AI

Rashmi Ramesh • September 29, 2023

The NSA has set up a new organization to oversee artificial intelligence in national security systems. Dubbed the AI Security Center, the unit will consolidate the agency's AI activities and support the government's effort to "maintain its competitive edge in AI," said Army Gen. Paul Nakasone.

Network Detection & Response

IronNet Ceases Operations, Terminates All Remaining Staffers

Michael Novinson • September 29, 2023

The firm founded by retired four-star Gen. Keith Alexander and once valued at $1.2 billion has officially turned off the lights. IronNet Friday ceased business operations and terminated remaining employees after probing strategic alternatives and finding additional sources of liquidity unavailable.

Endpoint Security

Inside Look: FDA's Cyber Review Process for Medical Devices

Marianne Kolbasuk McGee • September 29, 2023

Medical device makers in their premarket submissions to the Food and Drug Administration under the agency's new refuse to accept policy for cybersecurity should pay close attention to details such as a product's software bill of materials and vulnerability management, said Jessica Wilkerson of FDA.

Governance & Risk Management

Chrome Patches 0-Day Exploited by Commercial Spyware Vendor

Mihir Bagwe • September 28, 2023

Google rolled out an urgent Chrome browser security update to address a zero day actively exploited by a commercial spyware vendor. The high-severity bug is the fifth zero day patched by Chrome this year. Google did not provide details, only stating that it is aware of an exploit in the wild.

Cryptocurrency Fraud

Study Reveals Conti Affiliates Money Laundering Practices

Akshaya Asokan • September 28, 2023

Contrary to the popular notion that ransomware hackers are sophisticated launderers of their stolen money, research shows they use straightforward mechanisms to transfer their bitcoin - allowing researchers to follow their money trail. Only a sliver transacted with a crypto mixer.

Security Operations

Nord Security Raises $100M on $3B Valuation to Go After M&A

Michael Novinson • September 28, 2023

The maker of the world's most popular VPN service hauled in $100 million on a $3 billion valuation to accelerate growth through mergers and acquisitions. The Warburg Pincus-led investment will allow the Lithuania-based internet privacy and security vendor to expand its product offering.

Cybercrime

Breach Roundup: Johnson Controls Suffers Ransomware Attack

Anviksha More • September 28, 2023

This week: Johnson Controls suffers a ransomware attack, the Philippine state health insurance program struggles to recover from a ransomware and Air Canada reports a cyberattack. Also: an APT group uses the American Red Cross as bait and new malware targets would-be users of Bitwarden.

Blockchain & Cryptocurrency

Cryptohack Roundup: $200M Mixin Network Hack

Rashmi Ramesh • September 28, 2023

This week: Mixin Network investigated a $200 million hack, Web3 lost $889 million to hacks, phishing scams and rug during the third quarter, hackers stole $8 million from HTX, Binance sought to dismiss the SEC wash trading case; and Nansen and OpenSea suffered third-party security incidents.

Artificial Intelligence & Machine Learning

Cyber Fail: More Bumbling Cybercrooks, Avoidable Breaches

Anna Delaney , Cal Harrison • September 28, 2023

Welcome to "Cyber Fail" - ISMG's roundup of all that's broken in the world of cybersecurity, where our panel of experts uncovers the fails so we can strengthen our defenses. In this episode, ISMG host Anna Delaney takes on bumbling cybercrooks, avoidable breaches and the ethics of paying a ransom.

Fraud Management & Cybercrime

ShadowSyndicate: A New Player in the RaaS Landscape

Mihir Bagwe • September 27, 2023

An apparently new hacking group has connections to a number of name-brand ransomware-as-a-service groups including Conti spinoffs and possibly Clop, making it a notably versatile addition to the criminal underground. Group-IB researchers dubbed the group ShadowSyndicate.