ISMG Editors: Why Is LockBit Ransomware Group So Prolific?
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity and privacy issues, including why being a CISO is like being the first family doctor in a small village, why you can’t trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt…
T-Mobile Breached Again, This Time Exposing 37M Customers’ Data
T-Mobile has disclosed a new, enormous breach that occurred in November, which was the result of the compromise of a single application programming interface (API). The result? The exposure of the personal data of more than 37 million prepaid and postpaid customer accounts. For those keeping track, this latest disclosure marks the second sprawling T-Mobile…
BlueVoyant CEO on How to Remediate Supply Chain Defense Bugs
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, co-founder and CEO Jim Rosenthal says. Existing supply chain security tools tend to generate lots of risk information but then put the burden on the client to interact with their suppliers about remediating that risk, Rosenthal…
Attackers Crafted Custom Malware for Fortinet Zero-Day
Researchers analyzing data associated with a recently disclosed zero-day vulnerability in Fortinet’s FortiOS SSL-VPN technology have identified a sophisticated new backdoor specifically designed to run on Fortinet’s FortiGate firewalls. The malware appears to be the work of a China-based threat actor engaged in cyber-espionage operations targeting government organizations and those working with these organizations. It…
Experts released PoC exploit for critical Zoho ManageEngine RCE flaw
The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup. The issue also impacts products that had the feature enabled in the past. The root cause of the problem is that ManageEngine products use an outdated third-party dependency, Apache Santuario. “This vulnerability…
BrandPost: The State of Cybercrime In 2022: Exploring the Microsoft Digital Defense Report
Microsoft has worked to illuminate the evolving digital threat landscape with in-depth security reports for more than 15 years. Our mission first began with the Microsoft Security Intelligence Report, which ran from 2005 to 2018. It has since evolved into the Microsoft Digital Defense Report, which was first released in 2020. This latest edition explores…
QuSecure launches quantum-computing based security for endpoints
QuSecure, a quantum-computing technology company based in Silicon Valley, today announced the latest version of its security platform, called QuEverywhere — designed to allow organizations to extend quantum-safe security all the way to endpoints like laptops and smartphones, the company said in a statement. QuEverywhere, according to the company, is an app- or browser-based method…
Ransomware Remains Top Cyber Threat, Former NCSC Chief Says
Ransomware continues to be the United Kingdom’s most prominent cybersecurity threat, and the country can expect to see a surge in destructive attacks in 2023, warns the former head of the U.K.’s national cybersecurity agency. Oxford University professor Ciaran Martin says that while overall ransomware activities across the world slumped in 2022, attacks are likely…
BlackCat, Royal Among Most Worrisome Threats to Healthcare
Healthcare entities should be on high alert for signs of the BlackCat and Royal ransomware-as-a-service groups, warns the U.S. government, which characterizes the groups as “relatively new but highly capable” threats. The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center in a Thursday threat brief warns that BlackCat conducts triple extortion, meaning…
Remote.it takes steps toward zero trust with ‘single line of code’ provisioning
Network management company Remote.it today announced new features for its core SaaS-based service, including support for the Okta user identification platform and Docker containers, and what it’s describing as “programmatic deployment” of zero trust networks. Essentially, the company said, the idea is to provide automated provisioning and deployment of network access to managed assetts —…
