The ISMG Security Report features an analysis of the U.S. government's request for billions of dollars in tech aid to curb the global impact of the Kremlin's campaign in Ukraine. It also examines Biden's cryptocurrency executive order and why breached organizations often don't share full details.
The Lapsus$ ransomware group is tricking users into installing malware by disguising it as verified and signed certificates, which researchers say are believed to have been stolen from the Nvidia and Samsung source code leaks.
President Joe Biden is expected to outline a whole-of-government approach to reining in cryptocurrencies, which have been criticized for lax cybersecurity measures. Media reports say the administration will announce an executive order on crypto this week, to align the U.S. with global allies.
Ransomware groups continue to target critical infrastructure sectors internationally. An FBI alert says that ransomware group RagnarLocker has targeted 52 entities across 10 critical infrastructure sectors, while Romania's premier petrol supplier, Rompetrol, has reportedly been hit by Hive.
U.S. and NATO officials are increasingly looking to sharpen sanctions and rhetoric against Russia, and cybersecurity is a pivotal part of the discussion. The Biden administration is now requesting $10 billion in emergency funds to address Russia's campaign, with sizeable pots for cybersecurity.
An undisclosed website was the victim of a massive, dayslong distributed denial-of-service attack. The threat actor included a ransom note as part of the attack, instead of contacting the victim separately, and the DDoS attack has been mitigated, researchers at cybersecurity company Imperva say.
South Korean consumer electronics giant Samsung Electronics has confirmed that it has suffered a breach that includes source code being stolen. Ransomware gang Lapsus$ has leaked a massive collection of confidential data from Samsung just a day after leaking credentials of 71,000 Nvidia employees.
Four ISMG editors discuss the accelerating invasion of Ukraine by Russia and its potential impact on the cybersecurity industry; whether hacktivists are the new resistance fighters and the dangers that might trigger; and how a data leak may help researchers track and fight the Conti ransomware gang.
U.S. officials say that while it would be nearly impossible for Russia to "flip the switch" and convert to cryptocurrency to stabilize its sanctioned economy, they caution that Russian elites and entities may yet try to skirt the measures by transferring and obfuscating funds across the blockchain.
Russia's National Coordination Center for Computer Incidents has published a list of 17,576 IP addresses and 166 domains that it says are targeting the country's information resources via distributed denial-of-service attacks. It also published a 20-point list of remediation measures.
Could a fundamental but poorly secured protocol that helps power the internet finally get needed improvements? The Federal Communications Commission has opened a security review of Border Gateway Protocol, just days after Russia reportedly hijacked BGP to target a Ukrainian bank.
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
This ISMG Security Report analyzes why Russia has not yet launched full-scale cyberattacks in Ukraine and the West and what we might expect to come. It also describes how organizations can bolster cyber defenses in times of crisis and outlines mistakes organizations make following a cyber incident.
A newly released conversation between two members of the Conti ransomware gang reveals concern about the war in Ukraine and its potential to disrupt their lucrative extortion racket. The conversation took place just a day before a massive data leak exposed the gang's inner workings.
Security experts, legislators and researchers are worried about fraud and money laundering related to cryptocurrency platforms during the Russia-Ukraine crisis. Researchers are already observing a spike in phishing attacks and other threat vectors targeting digital wallets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.