FIN11 e-crime group shifted to CL0P ransomware and big game hunting
The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise.
“Several...
Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles
President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical...
NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks
NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks. @mjb CreativeCommons (Credit: CC BY-NC-ND 2.0)
The National Security Agency is recommending that security teams use designated DNS resolvers to lockdown DNS...
Surge in remotely hosted phish images? Some say it’s business as usual
Vade Secure analyzed 26.2 million remote images in November 2020 while blocking 262 million emails containing malicious, remotely hosted images. (Sean Gallup/Getty Images)
A new report suggests that 2020 saw an increase in phishing emails that relied on remotely-hosted images...
Intel unveils ransomware-fighting CPUs
Intel unveiled new anti-ransomware capabilities for its 11th generation Core vPro processors, requiring little from security chiefs to reap the rewards.
The new processors, which Intel announced during the CES conference earlier this week, provide two additional boosts for existing security products: access to processor-level data to determine ransomware attacks in progress, and the use of...
Sheldon Cuffie: ‘Maintain an unrelenting curiosity’
A conversation with Sheldon Cuffie, enterprise CISO of American Family Insurance. One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media. Cybersecurity Collaborative is a membership community for cybersecurity leaders to work...
Cybersecurity Collaborative launches Asset Management Task Force
New York City Criminal Court Judge Paul McDonnell works remotely from his Brooklyn apartment due to the coronavirus outbreak on April 09, 2020 in New York City. Work from home policies have prompted a widespread shift of IT infrastructure...
Todd Fitzgerald: ‘Do not expect trust. It must be earned’
A conversation with Todd Fitzgerald, chairman of the executive committee of Cybersecurity Collaborative. One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media. Cybersecurity Collaborative is a membership community for cybersecurity leaders to work together in...
Cybersecurity Collaborative creates task force to mitigate third-party risk
The need for the Third-Party Risk Task Force has been amplified by recent attacks that infiltrated corporate and government networks by way of the SolarWinds Orion business software. (Stephen Foskett/CC BY-NC-SA 2.0)
Recent supply chain attacks prompted cybersecurity professionals, under...
With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?
Insured losses from the SolarWinds breach will likely come in around $90 million, according to estimates from a pair of security companies, who claim insurers may have dodged “a catastrophic financial incident.”
While newly minted partners BitSight and Kovrr expect...
Early-stage cybersecurity investment flowing, despite pandemic
Attendees listen as the Startup Battlefield Competition takes place at Disrupt Berlin 2019. In the venture world, cybersecurity dealmaking remained resilient in 2020, despite the pandemic and a turbulent economic environment.(Noam Galai/Getty Images for TechCrunch)
Most industries saw a significant...
CISA says multiple attacks on cloud services bypassed multifactor authentication
The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday said it discovered several recent successful cyberattacks against the cloud services of multiple organizations, offering guidance on how security teams can bolster associated security.
CISA said in its report that...
Apple nixes feature that let its apps skip VPNs and firewalls, after criticism from researchers
An Apple store in London. The company earned some criticism among researchers for software in the beta version of its operating system that allowed its own products to circumvent socket firewalls and virtual private networks. (Jon Rawlinson/CC BY 2.0)
The...
Google: Attacker ‘likely’ had access to Android zero-day vulnerabilities
Google’s Project Zero on Tuesday introduced a six-part series that offers an analysis of four zero-day vulnerabilities on Windows and Chrome, and known-day Android exploits it found during the team’s extensive research last year.
In a blog post the team...
JumpCloud land $100 million in funding, as secure remote access market continues surge
The secure identity and access management market continues to hum along, as JumpCloud closed its Series E funding round with $100 million, including an additional $25 million since November from investors BlackRock, H.I.G., Growth Partners, OurCrowd and others.
Coronavirus led...