Latest

Cyberwarfare / Nation-State Attacks

Hackers Impersonate Meta Recruiter to Target Aerospace Firm

Prajeet Nair  •  October 1, 2023

Researchers discovered an undocumented backdoor being used by the North Korean Lazarus Group to target a Spanish aerospace company. The attacker masquerading as a Meta recruiter and tricked the victim into downloading and executing malicious files on a company device.

Governance & Risk Management

Bugs Found in Another Progress Software File Transfer App

Prajeet Nair  •  September 29, 2023

Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero day in the company's MOVEit file transfer software in a hacking campaign affecting tens of millions.

►

Governance & Risk Management

ISMG Editors: Industry Impact of Cisco's Splunk Acquisition

Anna Delaney  •  September 29, 2023

In our latest weekly update, ISMG editors discuss key takeaways from a forum on developing a strategy for OT security, guidance issued by the U.S. Food and Drug Administration on cybersecurity in medical devices, and how the acquisition of Splunk by Cisco might affect the cybersecurity industry.

Network Detection & Response

IronNet Ceases Operations, Terminates All Remaining Staffers

Michael Novinson  •  September 29, 2023

The firm founded by retired four-star Army Gen. Keith Alexander and once valued at $1.2 billion has officially turned off the lights. IronNet Friday ceased business operations and terminated remaining employees after probing alternatives and finding additional sources of cash unavailable.

Cryptocurrency Fraud

Study Reveals Conti Affiliates Money Laundering Practices

Akshaya Asokan  •  September 28, 2023

Contrary to the popular notion that ransomware hackers are sophisticated launderers of their stolen money, research shows they use straightforward mechanisms to transfer their bitcoin - allowing researchers to follow their money trail. Only a sliver transacted with a crypto mixer.

Cybercrime

Breach Roundup: Johnson Controls Suffers Ransomware Attack

Anviksha More  •  September 28, 2023

This week: Johnson Controls suffers a ransomware attack, the Philippine state health insurance program struggles to recover from a ransomware and Air Canada reports a cyberattack. Also: an APT group uses the American Red Cross as bait and new malware targets would-be users of Bitwarden.

Blockchain & Cryptocurrency

Cryptohack Roundup: $200M Mixin Network Hack

Rashmi Ramesh  •  September 28, 2023

This week, Mixin Network investigated a $200 million hack; Web3 lost $889 million to hacks, phishing scams and rug pulls during the third quarter; hackers stole $8 million from HTX; Binance sought to dismiss the SEC wash trading case; and Nansen and OpenSea suffered third-party security incidents.

Fraud Management & Cybercrime

ShadowSyndicate: A New Player in the RaaS Landscape

Mihir Bagwe  •  September 27, 2023

An apparently new hacking group has connections to a number of name-brand ransomware-as-a-service groups including Conti spinoffs and possibly Clop, making it a notably versatile addition to the criminal underground. Group-IB researchers dubbed the group ShadowSyndicate.

Cyberwarfare / Nation-State Attacks

Chinese Hackers Target Routers in IP Theft Campaign

Akshaya Asokan  •  September 27, 2023

A Chinese hacking group linked to state authorities has upgraded its capabilities to target companies with headquarters in the United States and East Asia, warns an alert from Japanese and American cyber agencies. The group, BlackTech, has a customized firmware backdoor tailored for Cisco routers.

Big Data Security Analytics

Why Palo Alto Is Eyeing Data Defense Firm Dig at $300M-$400M

Michael Novinson  •  September 27, 2023

A data security startup led by a Microsoft and Google veteran and backed by Samsung and CrowdStrike could soon be acquired by Palo Alto Networks. The company is in advanced talks to buy data security posture management startup Dig Security for between $300 million and $400 million.

Multi-factor & Risk-based Authentication

CISA Urges Americans to Apply MFA, 'Think Before They Click'

Michael Novinson  •  September 26, 2023

CISA Director Jen Easterly urged citizens to boost their defenses by choosing strong passwords, opting for multifactor authentication, reporting phishing and enabling automatic software updates. Easterly said users should choose passwords that are complex and unique to each sensitive account.

Fraud Management & Cybercrime

Xenomorph Android Malware Campaign Targets US Banks

Prajeet Nair  •  September 26, 2023

Android banking Trojan Xenomorph has resurfaced in a new campaign targeting cryptocurrency wallets and various financial institutions. The malware has been actively targeting users in Europe and is now focused on institutions in the United States, Canada, Spain, Italy, Portugal and Belgium.