Cyber Standoff: 51 Groups Tied to Russia-Ukraine War Attacks

Cal Harrison • August 18, 2022

A crowded field of 51 threat groups in the Russia-Ukraine cyberwar has attacked 29 nations - with attacks in Ukraine aimed at "sowing chaos and confusion" on and off the battlefield. This special report covers the tactics, techniques and motivations of threat actors and fallout for other nations.

Attack Surface Management

Cisco Hacked: Firm Traces Intrusion to Initial Access Broker

Latest

Endpoint Security

Malwarebytes Cuts 14% of Staff to Narrow Focus on SMB

Michael Novinson • August 18, 2022

Malwarebytes laid off 125 employees to refocus its business on small and midsized customers. The company has been unable to grow its meager market share in the corporate endpoint security market and didn't make Gartner's or Forrester's latest endpoint security vendor roundups.

Open XDR

New SonicWall CEO Bob VanKirk on XDR, SASE & Going Upmarket

Michael Novinson • August 18, 2022

New CEO Bob VanKirk wants to capitalize on SonicWall's distributed network technology and strength in the education and state and local government sectors to expand beyond the company's traditional strength with small and mid-sized businesses and into larger enterprises.

Anti-Money Laundering (AML)

Ryuk-Linked Russian Pleads Not Guilty in US Court

Mihir Bagwe • August 18, 2022

Denis Mihaqlovic Dubnikov, 29, allegedly participated in a conspiracy to launder money obtained through Ryuk ransomware. Operators behind the malware mounted one of the largest cyberattacks against the healthcare sector in a fall 2021 ransomware spree.

Fraud Management & Cybercrime

How Are Ransomware Groups' Shakedown Tactics Evolving?

Anna Delaney • August 18, 2022

The latest edition of the ISMG Security Report discusses how ransomware groups continue to refine their shakedown tactics and monetization models, highlights from this year's Black Hat conference and why helping those below the "InfoSec poverty line" matters to businesses.

Account Takeover Fraud

DigitalOcean Suspects Mailchimp Hack in Account Takeover

Mihir Bagwe • August 17, 2022

Attackers are attempting to reset the passwords of some DigitalOcean customers, the cloud infrastructure provider says. The email addresses of these customers were likely exposed in a data breach involving Mailchimp, which provided transactional email services for DigitalOcean.

Governance & Risk Management

Are You Spending Too Much or Too Little on Security?

Anna Delaney • August 17, 2022

How do you know whether your organization has invested enough money and time in security? As director of information security for Canon EMEA, Quentyn Taylor is often asked this question. "I'll be honest with you - just to set some expectations here, I don't have the correct answer," he admits.

Incident & Breach Response

Infoblox's Jesper Andersen on How to Identify Threats Sooner

Michael Novinson • August 17, 2022

Infoblox has invested in shifting left in the cybersecurity kill chain with on-premises, cloud and hybrid versions of its BloxOne Threat Defense tools, which help security practitioners find and identify threats earlier and mitigate risks, says President and CEO Jesper Andersen.

Fraud Management & Cybercrime

COVID-19's Impact on Cybersecurity Marketing

Steve King • August 17, 2022

Marketers rely on events to create brand awareness and generate demand, and physical events are coming back after the COVID-19 pandemic, says Gily Netzer of Perimeter 81. But "not everybody is traveling," she says, so hybrid events - and SaaS-driven corporate networks - are the future for companies.

Analytics

Thoma Bravo Eyes Darktrace Acquisition in Take-Private Spree

Michael Novinson • August 16, 2022

Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity. The cybersecurity AI firm says it's in early discussions with private equity giant Thoma Bravo on a possible cash offer for the business.

3rd Party Risk Management

1,900 Signal Customers' Data Exposed in Twilio Hack

Mihir Bagwe • August 16, 2022

Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.

Open XDR

Sumedh Thakar on Fusing Vulnerability and Patch Management

Michael Novinson • August 16, 2022

Companies continue to struggle with prioritizing which vulnerabilities present the greatest risk to the business and need to be remediated first since vulnerability scoring is too often based on a static set of what could happen if an issue is exploited, says Qualys President and CEO Sumedh Thakar.

Open XDR

Why XDR Beats SIEM at Spotting Threats in Noisy Environments

Michael Novinson • August 16, 2022

SIEM can play a key role in aggregating log data for compliance or auditing purposes, but when it comes to identifying threat activity in an IT environment, nothing beats XDR, which excels at using advanced techniques to pinpoint threats in high volumes of data, says Secureworks' Ryan Alban.