COVID-19: Are We Rounding the Corner?

Tom Field • March 8, 2021

COVID-19 infection rates are down from their record highs, and vaccination numbers grow each day. Are we rounding the corner in this pandemic battle? Keep an eye on the virus variants, says pandemic expert Regina Phelps. We may be on the cusp of yet another surge.

►

Governance & Risk Management

How to Make the Most of Automation in the SOC

Latest

Endpoint Security

McAfee to Sell Enterprise Unit for $4 Billion

Doug Olenick • March 8, 2021

The cybersecurity firm McAfee Corp. announced Monday it will sell its enterprise business unit to the private equity firm Symphony Technology Group for $4 billion cash and then focus solely on its consumer business. STG also owns RSA.

Cryptocurrency Fraud

John McAfee Charged With Cryptocurrency Fraud

Scott Ferguson • March 8, 2021

Cybersecurity entrepreneur John McAfee, who already faces tax evasion charges, has now been indicted for allegedly using his vast social media following to run cryptocurrency pump-and-dump schemes as well as promote virtual currencies to investors without revealing his stake in them, federal prosecutors say.

Governance & Risk Management

Better Identity Coalition: A Project Update

Nick Holland • March 8, 2021

Jeremy Grant, coordinator of the Better Identity Coalition, offers a progress report on the 3-year-old organization's efforts to help prevent breaches with better identity management.

Cybercrime

Phishing Attack Uses Fake Google reCAPTCHA

Akshaya Asokan • March 7, 2021

A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zcaler says. The company says it prevented more than 2,500 phishing emails tied to the campaign.

Cybercrime

Supermicro and PulseSecure Issue Advisories on Trickboot

Doug Olenick • March 6, 2021

Supermicro and Pulse Secure have each issued advisories warning users that some of their products are vulnerable to an updated version of Trickbot malware that features a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities.

Application Security

Exchange Server Attacks Spread After Disclosure of Flaws

Jeremy Kirk • March 6, 2021

Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.

Business Continuity Management / Disaster Recovery

Mark of Ransomware's Success: $370 Million in 2020 Profits

Mathew J. Schwartz • March 5, 2021

Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.

Hackers Exploit Exchange Flaws to Target Local Governments

Scott Ferguson • March 5, 2021

Hackers have targeted units of local government by attempting to exploit unpatched vulnerabilities in Microsoft Exchange email servers, according to a new report by the security firm FireEye. Meanwhile, CISA has updated its alert.

3rd Party Risk Management

Accellion Appliance Zero-Day Attack Breaches: Key Takeaways

Anna Delaney • March 5, 2021

This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.

3rd Party Risk Management

Researchers Disclose More Malware Used in SolarWinds Attack

Scott Ferguson • March 4, 2021

Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds last December. These second-stage malware variants appear to have been deployed after organizations downloaded the "Sunburst" backdoor hidden in a software update.

Governance & Risk Management

Lesson From SolarWinds Attack: It's Time to Beef Up IAM

Scott Ferguson • March 4, 2021

The SolarWinds supply chain attack should prompt federal agencies and others to rethink how they approach security issues - especially identity and access management, according to a breakdown of the attack presented this week by NIST and CISA.

Breach Notification

Qualys Gets 'Clopped' by Accellion-Exploiting Attackers

Mathew J. Schwartz • March 4, 2021

Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...