Desktop of a Windows host infected with Shade ransomware (Source: Palo Alto Networks)

Ransomware Analysis: 'Shade' Surges; Other Trends Emerge

Mathew J. Schwartz • November 20, 2019

Attacks tied to Shade ransomware continue to surge as part of an overall resurgence in ransomware, security researchers warn. Other malware trends include stealthy ways to sneak malicious code onto systems - including JavaScript and zipped attachments - as well as the continuing use of exploit kits.

Cybercrime

Following Massive Breach, Capital One Replacing CISO: Report

Latest

Business Continuity Management / Disaster Recovery

Microsoft Debunks Dopplepaymer Ransomware Rumors

Mathew J. Schwartz • November 21, 2019

Dopplepaymer ransomware, despite ongoing rumors, is not being spread via the Teams collaboration platform or BlueKeep remote desktop protocol flaws, Microsoft says. But it warns that the damaging crypto-locking code is being spread via stolen Active Directory administrator credentials.

Encryption & Key Management

Microsoft Moves Toward DNS Over HTTPS

Jeremy Kirk • November 20, 2019

Microsoft has outlined its plans for supporting the encryption of Domain Name System queries, which allows for more private internet browsing. The first step will be to upgrade connections to DNS over HTTPS, but allow admins to control DNS settings.

Breach Notification

Macy's E-Commerce Site Hacked

Mathew J. Schwartz • November 19, 2019

Macy's says hackers successfully infiltrated its e-commerce website and planted rogue JavaScript, enabling them to steal customer data, including payment card information. Macy's says the breach has been contained and all stolen card numbers shared with card issuers.

Endpoint Security

IoT Security: 20 Years Behind Enterprise Computing

Jeremy Kirk • November 19, 2019

While IoT devices are entering enterprises at a rapid pace, the security practices around them are as much as 20 years behind those for enterprise computing, says Sean Peasley of Deloitte, who outlines steps organizations can take to ensure safe IoT computing.

Cybercrime

7 Takeaways: Insider Breach at Twitter

Mathew J. Schwartz • November 18, 2019

Why try to hack Silicon Valley firms if you can buy off their employees instead? Such allegations are at the heart of a criminal complaint unsealed last week by the Justice Department, charging former Twitter employees with being Saudi agents. Experts say tech firms must hunt for employees gone rogue.

Fraud Management & Cybercrime

Roger Stone Found Guilty on All 7 Counts

Scott Ferguson • November 15, 2019

Roger J. Stone, Jr., a long-time associate of President Donald Trump, was found guilty Friday of lying to Congress, obstruction and witness tampering related to his efforts to feed the Trump campaign inside information about WikiLeaks in 2016. He'll be sentenced in February.

Anti-Phishing, DMARC

Phishing Campaigns Spoof Government Agencies: Report

Akshaya Asokan • November 15, 2019

A newly discovered hacking group is using an array of sophisticated spoofing and social engineering techniques to imitate government agencies, including the U.S. Postal Service, in an effort to plant malware in victims' devices and networks via phishing campaigns, according to new research from Proofpoint.

Cyberwarfare / Nation-State Attacks

Risky Dialing: Trump Call Raises Security Worries

Jeremy Kirk • November 15, 2019

A House impeachment hearing has revealed that President Donald Trump spoke by phone with a key ambassador - who was sitting in a Kiev restaurant - about "investigations." If that mobile phone call was unsecured, security experts say, foreign intelligence agencies could have intercepted it.

Fraud Management & Cybercrime

Analysis: Instagram's Major Problem With Minors' Data

Nick Holland • November 15, 2019

The latest edition of the ISMG Security Report offers an in-depth analysis of whether Instagram is doing enough to protect the contact information of minors. Plus: Compliance updates on GDPR and PCI DSS.

Business Continuity Management / Disaster Recovery

Ransomware: Mexican Oil Firm Reportedly Refuses to Pay Up

Akshaya Asokan • November 14, 2019

Pemex, Mexico's state-run oil company, is refusing to pay attackers a $5 million ransom after a ransomware attack against the firm's administrative offices, according to news reports. The company is still attempting to recover.

Cybercrime

The Dark Web's Automobile Hacking Forums

Jeremy Kirk • November 14, 2019

There are robust and detailed discussions in cybercriminal forums on how to attack modern vehicles, seeking clandestine methods to steal cars, says Etay Maor of IntSights. Luckily, hackers aren't aiming to remotely trigger an accident, but there are broader concerns as vehicles become increasingly computerized.

Governance

Researchers Describe Significant Flaw in Intel's PMx Driver

Jeffrey Burt • November 13, 2019

Researchers at Eclypsium have revealed new details concerning a significant flaw in Intel's PMx driver, which they say could give attackers "near-omnipotent" control over devices. Intel has released an updated version of the driver, a key step in mitigating risks.