Cybercrime Carnage: Cryptocurrency-Targeting Attacks Abound

Mathew J. Schwartz • November 25, 2022

While the cybercrime story for 2022 has yet to be fully written, cryptocurrency theft will no doubt have a starring role. Buoyed by the collective pilfering of billions of dollars' worth of cryptocurrency this year, what's to stop attackers from doubling down in 2023?

Business Continuity Management / Disaster Recovery

PCI Releases New Payment Standards for Mobile Devices

Latest

API Security

Cybercrime Forum Dumps Stolen Details on 5.4M Twitter Users

Mathew J. Schwartz • November 28, 2022

Information amassed on 5.4 million Twitter users by an attacker who abused one of the social network's APIs has been dumped online for free. While Twitter confirmed that breach, a researcher suggests other attackers also abused the feature to amass information for millions of other users.

Cybercrime

A Look Ahead: Lisa Sotto's Privacy, Security Outlook in 2023

Michael Novinson • November 28, 2022

A multitude of state privacy laws taking effect in 2023 has forced organizations to revamp their compliance programs to incorporate the disparate requirements, says Lisa Sotto. Companies across every industry face a threat environment that's more active and malicious than ever before.

Cybercrime

SharkBot Trojan Spread Via Android File Manager Apps

Prajeet Nair • November 26, 2022

The operators behind the banking Trojan SharkBot are targeting Google Play users to spread its malware masquerading as Android file manager apps that already have tens of thousands of installations, according to researchers from Bitdefender.

Business Continuity Management / Disaster Recovery

Cyber Resilience Minimizes Risks for Digital Services

Brian Pereira • November 25, 2022

Cyber resilience extends beyond cyberattacks and encompasses the convergence of security and disaster recovery and takes into account other factors such as supply chain disruption, attacks on critical infrastructure, epidemics, market fluctuations, power outages, and natural disasters.

Cybercrime

ISMG Editors: The Rise of Info Stealing Malware

Anna Delaney • November 25, 2022

In the latest weekly update, Information Security Media Group Editors discuss current cybersecurity and privacy issues, including advice on strengthening off-hours defenses during the holiday season, emerging cybercrime trends in 2022, and Palo Alto's first big M&A since early 2021.

Breach Notification

Lorenz Ransomware Alert: Risk to Healthcare, Public Sector

Mathew J. Schwartz • November 24, 2022

Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware. Among the group's known victims are Wolfe Eye Clinic in Iowa and Salud Family Health of Colorado.

Blockchain & Cryptocurrency

Ransomware Group Zeppelin's Costly Encryption Mistake

Anna Delaney • November 24, 2022

The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.

Governance & Risk Management

Tata Power Attack Linked to Bug in Nearly 20-Year-Old Server

Mihir Bagwe • November 23, 2022

Microsoft says vulnerabilities in outdated web servers are likely responsible for a cyberattack last month against Indian energy giant Tata Power. Attackers targeted Boa servers, which were discontinued in 2005, to potentially compromise Tata and other critical infrastructure organizations around the world.

Anti-Phishing, DMARC

Russian Hackers Now Offering Stealer as a Service

Akshaya Asokan • November 23, 2022

Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.

Cyberwarfare / Nation-State Attacks

Russian KillNet Shuts Down EU Parliament Website With DDoS

Akshaya Asokan • November 23, 2022

Pro-Kremlin KillNet hackers took down the website of the European Parliament on Wednesday in a DDoS attack that came just hours after the legislative body declared Russia a terrorist state. The website was still down late in the day as part of a string of hacktivist attacks against allied nations.

Cybercrime

Beating Clever Phishing Through Strong Authentication

Jeremy Kirk • November 23, 2022

Successful account takeovers are one of the most common ways that organizations end up with attackers in their systems. But strong authentication can thwart even the most clever phishing campaigns, says Brett Winterford, regional chief security officer for APJ at Okta.

Governance & Risk Management

US Army Banks on Cyber Defense Based on Zero Trust - Part 2

Rahul Neel Mani • November 23, 2022

The U.S. Army has embarked on its zero trust journey for both its information and network operations. Army CIO Dr. Raj Iyer shares how the military and the private sector are partnering to secure cloud infrastructure and solidify threat intelligence capabilities to fight adversaries.