Latest

Breach Notification

Ransomware Attack Reportedly Cripples European Call Center

Prajeet Nair  •  September 25, 2021

GSS, the Spanish and Latin America division of Europe's largest call center provider Covisian, has informed that it has been subjected to a ransomware attack, which froze its IT systems and crippled call centers across its Spanish-speaking customer base.

Critical Infrastructure Security

REvil Ransomware Group's Latest Victim: Its Own Affiliates

Mathew J. Schwartz  •  September 25, 2021

Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.

►

Fraud Management & Cybercrime

Identity Fraud: Moving Beyond Document Verification

Suparna Goswami  •  September 24, 2021

In order to improve identity verification, it is not enough to only verify documents; a multilayered approach is needed, says Brett Johnson, a former fraudster who is now a cybercrime consultant. He discusses current fraud trends and how fraud is evolving.

Anti-Phishing, DMARC

Lawsuits: Negligence Led to UC San Diego Health Incident

Marianne Kolbasuk McGee  •  September 24, 2021

Two proposed class action lawsuits filed this week in a California federal court allege negligence and a variety of other claims against UC San Diego Health in the wake of a phishing incident that affected nearly 496,000 individuals.

Application Security

Australia Warns of Critical Vulnerability in Zoho Service

Soumik Ghosh  •  September 24, 2021

The Australian Cyber Security Center has issued a critical vulnerability alert in a Zoho Corp. password management service that could enable a threat actor to take control of the targeted host. The company has issued a security patch.

Anti-Phishing, DMARC

Researcher Finds Malware Targeting Mac Users via Baidu Ad

Mihir Bagwe  •  September 24, 2021

Chinese security researcher Zhi has discovered a malware targeting Mac users. The malware, spread via a paid advertisement on search engine Baidu, is intended to harvest user credentials, he says. The advertisement has now been taken down.

Breach Notification

CISA Director: Attackers Targeted Port of Houston

Scott Ferguson  •  September 24, 2021

During testimony before a U.S. Senate committee hearing Thursday, CISA Director Jen Easterly told lawmakers that a recent joint alert issued by her agency, the FBI and the Coast Guard Cyber Command stemmed from an attempted attack against the Port of Houston in August.

►

3rd Party Risk Management

ISMG Editors’ Panel: The Rise of Quadruple Extortion Attacks

Anna Delaney  •  September 24, 2021

Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.

►

Access Management

IT and OT Convergence: Sizing Up the Security Risks

Geetha Nandikotkur  •  September 24, 2021

As the risks to IT and OT converge, organizations must use "zero trust" to verify user identities and build effective monitoring capabilities to track the behavior of privileged users, say Kartik Shahani of Tenable and Rohan Vaidya of CyberArk.

Critical Infrastructure Security

Tamil Nadu Ransomware Attack Raises Resiliency Questions

Soumik Ghosh  •  September 24, 2021

The ransomware attack on Tamil Nadu's Public Department puts the spotlight on the preparedness to identify and stave off attacks. Some security experts say outdated servers, lack of advanced security measures and inadequate cyber laws make state government institutions vulnerable.

Critical Infrastructure Security

New Malware Targets India's Defense Personnel

Soumik Ghosh  •  September 24, 2021

Researchers have identified a new malware sample that is targeting Indian defense personnel. Cyber threat intelligence firm Cyble says the target and attack method of the malware point to the work of APT group SideCopy.

Business Continuity Management / Disaster Recovery

Ransomware Updates: Conti Attacks Rise, New Players Surface

Anna Delaney  •  September 24, 2021

The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.