In the latest weekly update, four editors at ISMG discuss important cybersecurity issues, including the lessons we can learn from Okta's breach fallout and subsequent response, how the first NFT rug pull of 2022 has amounted to over $1 million, and the much-anticipated return to in-person events.
The disruption of tens of thousands of Viasat consumer broadband modems across central Europe on Feb. 24 when Russia invaded Ukraine may have involved "AcidRain" wiper malware, security researchers at SentinelOne report. Viasat says those findings are "consistent" with the known facts of the attack.
Researchers have observed a growing number of threat actors using the Russia-Ukraine war as a lure in phishing and malware campaigns to target the military of multiple Eastern European countries, as well as a NATO Center of Excellence, according to Google's Threat Analysis Group.
Hackers have allegedly managed to breach the infrastructure belonging to Russia's Federal Air Transport Agency, or Rosaviatsiya, and wiped out its entire database and files consisting of 65TB of data, including documents, files, aircraft registration data and emails from the servers.
This edition analyzes how hackers exploited a misconfigured VPN device, gained access to Viasat's satellite network and caused a massive outage in Europe as Russia's invasion of Ukraine began. It also examines the invasion's impact on financial services and how to modernize security operations.
As Finnish technology giant Nokia announces it is ceasing sales in Russia over the war with Ukraine, the company is facing tough questions over how it helped enable a mass surveillance program that supports President Vladimir Putin's autocratic regime.
Communications company Viasat says it's been replacing about 30,000 broadband modems to restore service for customers in central Europe affected by a Feb. 24 attack that disrupted part of its satellite communications network and left modems unable to connect.
The Russia-Ukraine war has altered the risks facing organizations that use Russian technology or services, including the increased threat of being directly targeted, as well as disruptions caused by any new sanctions, warns Britain's National Cyber Security Center.
In the latest "Troublemaker CISO" post, security director Ian Keller discusses killware - "a hack of critical services and or infrastructure that can lead to the loss of life" - and asks: "Why should the power grid - or hospitals, water treatment plants or your pacemaker - be internet-accessible?
On Monday, Ukrainian ISP Ukrtelecom was hit by a cyberattack that reduced its services, the SSSCIP of Ukraine says. It is reportedly the largest outage since Russia invaded Ukraine. Meanwhile, Russia’s internet services could be affected by a shortage of equipment due to ongoing sanctions.
Cyber experts recommend security teams stay on high alert in protecting enterprise networks as Russia launches cyberattacks against Ukraine, atop its ground invasion. This thread serves as a comprehensive security-related news thread for the Russia-Ukraine conflict.
The U.S. FCC's Public Safety and Homeland Security Bureau voted unanimously to ban Kaspersky Lab, China Telecom (Americas) Corp., and China Mobile International USA Inc., saying they pose a national security threat. And bug bounty platform HackerOne also suspended Kaspersky.
The White House's proposed $5.8 trillion budget for 2023 asks to increase spending 11% from this year with an emphasis on cybersecurity practices to improve defenses in both the private and public sectors. Funds were also requested to help close the talent gap, implement zero trust and more.
Google's threat analysis team has detected a new remote code execution flaw leveraged by North Korean nation-state attackers targeting cryptocurrency, fintech and other industries. Although not named in the report, there appears to be a link to the notorious Lazarus cybercrime group.
As President Joe Biden visits Europe this week, the U.S. and the European Commission announced they have agreed in principle to a new Trans-Atlantic Data Privacy Framework. Officials say it will foster cross-border data flows and address concerns raised by the EU Court of Justice in 2020.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.