The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.
Russian authorities typically turn a blind eye to cybercrime committed by citizens, provided they target foreigners. But as the recent "BuyBest" arrests of 25 individuals demonstrate, authorities do not tolerate criminals that target Russians, and especially not anyone who targets Russian banks.
Can quantum cryptography help in containing malware-as-a-service? Kiran Sivakumar, superintendent of police, Central Bureau of Investigation, GoI, says that while there isn't any real case study yet, he is hopeful that the technology will play a future role in combating the menace of this type of cybercrime.
With the declaration of COVID-19 as a pandemic, and the global shift to work from home, Tom Kellermann of VMware Carbon Black sees a corresponding increase in hacking and espionage attempts against U.S. agencies, businesses and citizens. He says add "digital distancing" to your precautions.
As cybercriminals and nation-states take advantage of the COVID-19 pandemic to further their own aims, authorities are calling on victims to report online attacks as quickly as possible to help them better disrupt such activity.
Microsoft along with its partners from 35 countries has taken coordinated legal and technical action to disrupt Necurs, one of the largest botnets in the world, the company announced in a Tuesday blog post.
Security firm Emsisoft is offering free, customized decryptors to victims of PwndLocker ransomware, which first surfaced in late 2019 and has been tied to attacks against Lasalle County in Illinois and the Serbian city of Novi Sad, with the gang demanding up to $660,000 or more in bitcoins from its victims.
RSA 2020 touched on a number of topics, including the security of elections and supply chains, plus AI, zero trust and frameworks, among many others. But from sessions on cryptography, to this year's lower attendance, to the antibacterial dispensers dotted around venues, concerns over COVID-19 also dominated.
Visser Precision, a U.S. manufacturer that supplies Boeing, Lockheed Martin, Tesla and SpaceX, appears to have been hit by the DoppelPaymer ransomware gang, which has begun leaking internal data and threatening to leak more unless the victim pays a ransom.
Ransomware-wielding attackers - aided by a service economy that gives them access to more advanced attack tools - are increasingly targeting organizations rather than individuals to shake them down for bigger ransom payoffs, says McAfee's John Fokker.
The 2016 U.S. presidential election served as a wake-up call for lawmakers and the public about the threat that cyberattackers can pose to the country's democracy, CISA Director Christopher Krebs said at the RSA 2020 conference. Election security and ransomware remain his agency's two biggest concerns.
Bad news on the ransomware front: Victims that choose to pay attackers' ransom demands - in return for the promise of a decryption tool - last quarter paid an average of $84,116, according to Coveware. But gangs wielding Ryuk and Sodinokibi - aka REvil - often demanded much more.
Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.