In a move demonstrative of international cooperation and partnership, the Five Eyes (United States, Australia, Canada, New Zealand, and United Kingdom) issued an alert giving a “comprehensive overview of Russian state-sponsored and cybercriminal threats to critical infrastructure.” The alert also includes remediation guidance, which CISOs will find of particular import.
Researchers have spotted that the TOR address used by the notorious REvil ransomware gang is now redirecting to a new website, with information about seemingly new attacks.
Read more in my article on the Tripwire State of Security blog.
Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists.
Security researchers at Kaspersky have released a free decryption tool that promises to recover files for organisations hit by the Yanlouwang ransomware, meaning they don’t have to pay the ransom.
Endpoint protection vendor Cybereason has launched a new incident response (IR) solution to streamline and automate IR investigations. Digital Forensics Incident Response incorporates nuanced forensics artifacts into threat hunting, reducing remediation time by enabling security analysts to contain cyberattacks in minutes, the firm stated in a press release. The release comes in the wake of new research that discovered a drop in global attack dwell times as organizations and their partners improve their incident detection and response capabilities.
Cybereason DFIR driven by forensics for deeper defense value
According to Cybereason, the new solution offers forensic-driven incident response that extends deeper value to defenders. By augmenting its existing MalOp Detection Engine with intelligence from DFIR, security analysts can leverage comprehensive detections from root cause across every impacted asset via a central point, the vendor added. As a result, security teams can quickly gain visibility into a wider range of intelligence sources to enable rapid decisions and remediate threats more efficiently.
A man loses $650,000 from his cryptocurrency wallet after his Apple iCloud account is hacked, video conferencing apps may not be muting your mic quite the way you imagined, and Google has unblurred military bases in Russia… or has it?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.
The top cybersecurity challenge faced by medical device makers is managing a growing set of tools and technologies, according to the results of a global survey released Wednesday by software risk assessment company Cybellum.
The survey, conducted by Global Surveyz, an independent survey company, polled 150 senior decision makers from North America, Europe and Asia. It shows that while device security is in its infancy, it is managed by many fragmented tools. “Siloed and fragmented processes and tools are much less efficient and effective and limit the ability to assess the business impact of device security on the organization as a whole,” the report says.
