Free decryptor for files encrypted by REvil/Sodinokibi prior to July 13, 2021 (Source: Bitdefender)

Good News: REvil Ransomware Victims Get Free Decryptor

Mathew J. Schwartz • September 17, 2021

Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt their files for free, thanks to a decryptor released by security firm Bitdefender.

Blockchain & Cryptocurrency

20 Years Later: A Cyber 9/11 Is Unlikely

Latest

3rd Party Risk Management

US Warns Nation-State Groups May Exploit Flaw in Zoho Tool

Scott Ferguson • September 17, 2021

CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.

Business Continuity Management / Disaster Recovery

Is White House Crackdown on Ransomware Having Any Effect?

Mathew J. Schwartz • September 17, 2021

The latest edition of the ISMG Security Report features an analysis of the state of the Biden administration's efforts to disrupt ransomware attackers, as well as how a newly patched Apple iMessage flaw was being targeted by Pegasus spyware to effect zero-click exploits.

Business Continuity Management / Disaster Recovery

Is Grief's Threat to Wipe Decryption Key Believable?

Doug Olenick • September 16, 2021

Regarding the recent tactical innovation by the Grief ransomware gang that is threatening to wipe a victim's data and decryption key if the victim engages a ransom negotiator, analysts are calling this a desperate ploy to scare a target into paying the ransom demand.

CISO Trainings

Profiles in Leadership: Tim Nedyalkov, Commonwealth Bank

Jeremy Kirk • September 16, 2021

Cloud-based services are affecting governance, risk management and compliance practices in Australia, says Tim Nedyalkov, who is a technology information security officer with Commonwealth Bank. He discusses the differences between how managers and practitioners approach the problems.

Business Continuity Management / Disaster Recovery

House Committees Seek to Spend Millions on Cybersecurity

Scott Ferguson • September 15, 2021

A pair of House committees this week said they want to spend additional millions on cybersecurity by injecting funds into CISA and the FTC, as part of the debate over the Biden administration's $3.5 trillion budget proposal for 2022. Part of the money would help fulfill Biden's executive order.

Access Management

Microsoft Fully Ditches the Password

Doug Olenick • September 15, 2021

Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.

Critical Infrastructure Security

Russia Has Taken No Action to Combat Ransomware, FBI Says

Mathew J. Schwartz • September 15, 2021

Senior U.S. officials say that there have been no signs that Moscow has begun to crack down on ransomware-wielding criminals operating from inside Russia's borders. President Biden has called on Russia to act responsibly, and U.S. intelligence has been sharing information on top suspects.

Access Management

Travis CI Flaw Exposed Secrets From Public Repositories

Jeremy Kirk • September 15, 2021

Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.

3rd Party Risk Management

Top Initial Attack Vectors: Passwords, Bugs, Trickery

Mathew J. Schwartz • September 14, 2021

The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.

Application Security

Apple Patched iMessage. But Can It Be Made Safer Overall?

Jeremy Kirk • September 14, 2021

Apple patched a software vulnerability on Monday that researchers say was used to deliver spyware via its iMessage platform to the mobile phones of activists. But a few changes to iMessage could make it safer overall for individuals at high risk of surveillance, says an Apple security expert.

3rd Party Risk Management

20 Years After 9/11: How US Cybersecurity Landscape Evolved

Doug Olenick • September 10, 2021

In the 20 years since the Sept. 11, 2001, al Qaida terrorist attacks on targets in the U.S., the need to shore up critical infrastructure and build resilience into systems remains a priority. But over the past two decades, concerns about physical threats have been displaced by cyber concerns.

Blockchain & Cryptocurrency

ISMG Editors' Panel: Ransomware Affiliates Seek New Gangs

Anna Delaney • September 10, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.