An timeline illustrating a Raindrop infection (Source: Symantec Threat Intelligence )

'Raindrop' Is Latest Malware Tied to SolarWinds Hack

Doug Olenick • January 19, 2021

Symantec Threat Intelligence says it's uncovered another malware variant used in the SolarWinds supply chain hack - a loader nicknamed "Raindrop" that apparently was used to deliver Cobalt Strike, a legitimate penetration testing tool, to a handful of targets.

Cyberwarfare / Nation-State Attacks

Reserve Bank of New Zealand Investigates Data Breach

Latest

Governance & Risk Management

Microsoft Taking Additional Steps to Address Zerologon Flaw

Prajeet Nair • January 19, 2021

Microsoft is alerting customers that starting Feb. 9, it will enforce domain controller settings within Active Directory to block connections that could exploit the unpatched Zerologon vulnerability in Windows Server. Microsoft has been warning about the urgency of patching the flaw for months.

Breach Notification

Privacy Fines: Total GDPR Sanctions Reach $331 Million

Mathew J. Schwartz • January 19, 2021

Privacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU's General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper. Over the past year, regulators received 121,000 data breach notifications, up 19% from the year before.

Fraud Management & Cybercrime

FBI Warns of Increase in Vishing Attacks

Akshaya Asokan • January 19, 2021

The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote and at-home workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks.

Endpoint Security

Police Arrest Suspect in Pelosi Laptop Theft

Jeremy Kirk • January 19, 2021

Police have arrested Riley June Williams of Pennsylvania, who a tipster alleges stole a laptop or hard drive belonging to House Speaker Nancy Pelosi. But is the tipsters claim that she had planned to pass the device to a friend in Russia credible?

Cyberwarfare / Nation-State Attacks

Biden's $10 Billion Cybersecurity Proposal: Is It Enough?

Scott Ferguson • January 18, 2021

President-elect Joe Biden's $1.9 trillion plan for COVID-19 relief includes nearly $10 billion in cybersecurity and IT spending. Some security experts hope the amount as just a "down payment" toward a broader effort.

Business Email Compromise (BEC)

COVID-19 Vaccine Themes Persist in Fraud Schemes

Prajeet Nair • January 18, 2021

Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails. The schemes include business email compromise scams, messages with malicious attachments and phishing emails designed to harvest credentials.

Breach Notification

NZ Reserve Bank Governor Says He 'Owns' Breach

Jeremy Kirk • January 18, 2021

The governor of New Zealand's Reserve Bank says he "personally owns" responsibility for a data breach that exposed private and sensitive stakeholder information. The breach came after a serious vulnerability was disclosed in December in Accellion's File Transfer Appliance, which the bank uses.

Cybercrime as-a-service

Magecart Groups Hide Behind 'Bulletproof' Hosting Service

Prajeet Nair • January 16, 2021

Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a "bulletproof" hosting service called Media Land, according to researchers at RiskIQ. The hosting service is notorious for catering to cybercriminals and hackers.

Anti-Phishing, DMARC

Iranian APT Group Revived Phishing Activities Over Holidays

Akshaya Asokan • January 16, 2021

A recent phishing campaign tied to an Iranian hacking group known as "Charming Kitten" used SMS and email messages to spread malicious links in an attempt to steal email credentials in the U.S., Europe and the Persian Gulf region, security firm Certfa Lab reports.

Cyberwarfare / Nation-State Attacks

Biden Inauguration: Defending Against Cyberthreats

Doug Olenick • January 15, 2021

As thousands of National Guard troops pour into Washington to provide security for the Jan. 20 inauguration of Joe Biden as president, cybersecurity analysts are calling attention to the need to defend against cyber incidents as well.

Cybercrime

Ransomware Disrupts Scottish Environment Protection Agency

Mathew J. Schwartz • January 15, 2021

The Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages and warns that ransom-demanding attackers also stole some data. The Conti ransomware-as-a-service operation has claimed credit for the attack and begun to leak the stolen data.

Identity & Access Management

The Critical Role of Dynamic Authentication

Suparna Goswami • January 15, 2021

Organizations with largely remote workforces must strengthen their dynamic authentication processes to enhance security, says Sridhar Sidhu, senior vice president and head of the information security services group at Wells Fargo.