Average ransom amounts demanded by ransomware operators (Source: Group-IB, November 2020)

Fueled by Profits, Ransomware Persists in New Year

Akshaya Asokan • January 21, 2021

Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay. Experts predict gangs will double down on whatever works, which lately includes data exfiltration.

►

3rd Party Risk Management

SolarWinds Describes Attackers' 'Malicious Code Injection'

Latest

Application Security

SonicWall Investigating Zero-Day Attacks Against Its Products

Scott Ferguson • January 24, 2021

Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. SonicWall is urging customers to apply temporary fixes to secure VPNs and gateways.

Cybercrime as-a-service

DDoS Attackers Revive Old Campaigns to Extort Ransom

Akshaya Asokan • January 23, 2021

Threat actors behind a distributed denial-of-service campaign targeted the same set of victims again after the organizations refused to pay the initial ransom demand, a new report by security firm Radware finds.

Breach Notification

Intel Investigating Hack of Confidential Financial Report

Doug Olenick • January 23, 2021

Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned.

Business Email Compromise (BEC)

Fraudsters Are Using Google Forms to Evade Email Filters

Prajeet Nair • January 23, 2021

Fraudsters are using Google forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to identify targets for a possible follow-up business email compromise attack.

COVID-19

President Biden Orders SolarWinds Intelligence Assessment

Mathew J. Schwartz • January 22, 2021

The new Biden administration has pledged to hold Russia accountable for its recent "reckless and adversarial" actions and has ordered a full-scale intelligence review of the SolarWinds hack. The moves signal the importance of cybersecurity to President Biden's national security agenda.

3rd Party Risk Management

How to Manage Software Supply Chain Risks

Jeremy Kirk • January 22, 2021

The threat posed by software supply chain attacks is growing, but organizations can take steps to minimize the risks. Trey Herr of the Atlantic Council outlines ways to gain more insight into supply chain problems.

Cryptocurrency Fraud

DreamBus Botnet Targets Linux Systems

Prajeet Nair • January 22, 2021

Zscaler's ThreatLabz research team is tracking a new botnet dubbed DreamBus that's installing the XMRig cryptominer on powerful, enterprise-class Linux and Unix systems with the goal of using their computing power to mine monero.

3rd Party Risk Management

Analysis: How Will Biden Address Cybersecurity Challenges?

Anna Delaney • January 22, 2021

The latest edition of the ISMG Security Report features an analysis of the cybersecurity challenges the Biden administration must address. Also featured: payments security advice from Verizon; the outlook for the lifting of restrictions tied to the COVID-19 pandemic.

Cybercrime

Microsoft Describes How SolarWinds Hackers Avoided Detection

Doug Olenick • January 21, 2021

Microsoft researchers are offering fresh details on the SolarWinds hackers' extensive efforts to remain hidden, which gave them more time to fully penetrate systems, move laterally through networks and exfiltrate data in follow-on attacks.

Finance & Banking

Singapore Publishes Updated Banking Cybersecurity Guidelines

Akshaya Asokan • January 21, 2021

The Monetary Authority of Singapore has published a revised set of guidelines for technology risk management to help the country's financial institutions mitigate cybersecurity threats.

Cryptocurrency Fraud

Cryptomining Campaign Linked to Iranian Software Firm

Prajeet Nair • January 21, 2021

An ongoing global cryptomining campaign has connections to an Iranian software firm, according to a report from Sophos. The MrbMiner malware has targeted thousands of vulnerable Microsoft SQL Servers.

Cybercrime

Chinese Hacking Group Targets Airlines, Semiconductor Firms

Prajeet Nair • January 21, 2021

A hacking group with apparent ties to China is targeting airlines and semiconductor firms to steal intellectual property and personal data in repeated exfiltration efforts, according to NCC Group.