A Review of the Best News of the Week on Cyber Threats & Defense
Pay-or-Get-Breached Ransomware Schemes Take Off (Dark Reading, Jan 26 2021)
In 2020, ransomware attackers moved quickly to adopt so-called “double extortion” schemes, with more than 550 incidents in the fourth quarter alone.
#RSAC365: #COVID19 Fundamentally Altered Global Attack Surface (Infosecurity Magazine, Jan 27 2021)
How adversaries have levied tactics specifically designed to exploit the pandemic
The Taxman Cometh for ID Theft Victims (Krebs on Security, Jan 29 2021)
The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn’t abated, although news coverage of the issue has largely been pushed off the front pages by other events. But the ID theft problem is coming to the fore once again: Countless Americans will soon be receiving notices from state regulators saying they owe thousands of dollars in taxes on benefits they never received last year.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Extortion demands grow as cybercriminals target new online industries (Help Net Security, Jan 29 2021)
There was a 154 percent increase in the number of attacks between 2019 and 2020, with growth in ransom-related DDoS (RDDoS) attacks and a rise in use of existing attack vectors, including web applications, a Neustar report reveals. The report also provides key details around the amount, size, duration and intensity of DDoS attacks throughout 2020 to keep cybersecurity professionals informed.
Ransomware Payoffs Surge by 311% to Nearly $350 Million (Dark Reading, Jan 29 2021)
Payments to ransomware gangs using cryptocurrency more than quadrupled in 2020, with less than 200 cryptocurrency wallets receiving 80% of funds.
Researchers Spot SonicWall Exploit in the Wild (Infosecurity Magazine, Feb 01 2021)
NCC Group urges customers to check logs
North Korea hackers use social media to target security researchers (Ars Technica, Jan 26 2021)
Google finds use of bogus Twitter, LinkedIn profiles to identify vulnerabilities.
Intl. Law Enforcement Operation Disrupts Emotet Botnet (Dark Reading, Jan 27 2021)
Global law enforcement agencies have seized control of Emotet infrastructure, disrupting one of the world’s most pervasive and dangerous cyber threats.
Dutch Insider Attack on COVID-19 Data (Schneier on Security, Jan 27 2021)
Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministry’s COVID-19 systems on the criminal underground.
2020 Marked a Renaissance in DDoS Attacks (Dark Reading, Jan 29 2021)
Amid the global pandemic, cybercriminals ramped up use of one of the oldest attack techniques around.
Law Enforcement Aims to Take Down Netwalker Ransomware (Dark Reading, Jan 28 2021)
The Department of Justice has so far charged one Canadian national and seized nearly $500,000 in relation to Netwalker ransomware.
Cryptojacking malware targeting cloud apps gets new upgrades, worming capability (SC Media, Jan 28 2021)
A piece of cryptojacking malware with a penchant for targeting the cloud has gotten some updates that makes it easier to spread and harder for organizations to detect when their cloud applications have been commandeered.
Attacks on Individuals Fall as Cybercrime Shifts Tactics (SecurityWeek, Jan 29 2021)
Cybercriminals shifted away from stealing individual consumers’ information in 2020 to focus on bigger, more profitable attacks on businesses, according to a report from the Identity Theft Resource Center.
Deep Analysis of More than 60,000 Breach Reports Over Three Years (SecurityWeek, Jan 29 2021)
Threat intelligence platform provider HackNotice has analyzed more than 60,000 breach reports over the last three years, and finds some disturbing results ‒ including the rate of increase in breaches and a relative decline in the number of official breach notifications.
Emotet botnet disrupted in global operation (WeLiveSecurity, Jan 28 2021)
The law enforcement action is one of the most significant operations against cybercriminal enterprises ever
Strengthening Zero-Trust Architecture (Dark Reading, Feb 01 2021)
Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries.
Trickbot Trojan Back from the Dead in New Campaign (Infosecurity Magazine, Feb 01 2021)
Infamous Trojan is spreading again, says Menlo Security