BlackMatter's dedicated data leak site (Source: Recorded Future)

Is REvil Ransomware Operation Returning as 'BlackMatter'?

Mathew J. Schwartz • July 28, 2021

Has the REvil ransomware operation come storming back? Experts say a new operation called BlackMatter has wielded REvil's code against at least one victim, claims to combine "the best features of DarkSide, REvil and LockBit," and may be a former affiliate of one or more of these ransomware operations.

►

Cybercrime

US: Chinese Government Waged Microsoft Exchange Attacks

Latest

Cyberwarfare / Nation-State Attacks

Pegasus Spyware: World Leaders Demand Israeli Probe

Mathew J. Schwartz • July 27, 2021

Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."

Fraud Management & Cybercrime

Congress Urged to Update Federal Laws to Combat Ransomware

Scott Ferguson • July 27, 2021

Congress needs to update and expand federal laws to combat the surge in ransomware attacks, federal cybersecurity experts told a Senate committee at a Tuesday hearing.

COVID-19

SASE: Building a Migration Strategy

Geetha Nandikotkur • July 27, 2021

Security experts offer an analysis of Gartner's new strategic road map for SASE adoption that emphasizes the need for a detailed migration plan and offer tips for a successful rollout.

Business Continuity Management / Disaster Recovery

Kaseya Says It Paid No Ransom to Obtain Universal Decryptor

Doug Olenick • July 26, 2021

Remote management software company Kaseya says it obtained the ability to decrypt all victims of a massive REvil - aka Sodinokibi - attack via its software, without paying a ransom to attackers. But Kaseya has still not revealed how it obtained the decryption key, except to say it was supplied by a third party.

Governance & Risk Management

18 Companies to Participate in NIST 'Zero Trust' Project

Dan Gunderman • July 26, 2021

NIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which the private sector can also follow.

Cybercrime

Attackers Rely on 'Exotic' Languages for Malware Creation

Rashmi Ramesh • July 26, 2021

Malware developers increasingly are relying on "exotic" programming languages - such as Go, Rust, DLang and Nim - to create malicious code that can avoid detection by security tools and add a layer of obfuscation to an attack, according to a report released Monday by BlackBerry.

Cryptocurrency Fraud

Hackers Target Kubernetes Using Misconfigured Argo Workflows

Akshaya Asokan • July 26, 2021

A hacking campaign is targeting Kubernetes environments using misconfigured Argo Workflows to deploy cryptominers, a report by security firm Intezer finds.

Business Continuity Management / Disaster Recovery

IoT Security Dangers Loom as Office Workers Return

Doug Olenick • July 24, 2021

With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.

Endpoint Security

Congress Focuses on Industrial Control System Security

Scott Ferguson • July 23, 2021

A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure.

Cyberwarfare / Nation-State Attacks

ISMG Editors’ Panel: Examining the Pegasus Project

Anna Delaney • July 23, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.

Business Continuity Management / Disaster Recovery

Resiliency Is Key to Surviving a CDN Outage

Doug Olenick • July 23, 2021

A short-lived outage at the content delivery network supplier Akamai on Thursday which briefly knocked offline many corporate websites, is another indicator that companies need resiliency built into their systems. That means they should avoid relying on just one CDN provider, security experts say.

Application Security

Analysis: Implications of the Pegasus Spyware Investigation

Anna Delaney • July 23, 2021

This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.