Four ISMG editors discuss important issues, including how Russia's cyber and kinetic wars in Ukraine have changed the cybersecurity landscape, what recent layoffs at cybersecurity firms mean for the industry and how cybercriminals are taking a page out of the white hat hacker playbook
Ukrainian authorities arrested nine individuals for the theft of about $3.4 million from 5,000 Ukrainians via more than 400 phishing links. Cybercrime gang members allegedly obtained access to bank accounts under the guise of facilitating social safety net payments from the European Union.
Ukraine says it has thwarted multiple Russian misinformation campaigns, including blocking attempts to penetrate the electronic systems of its TV channels on the eve of its Constitution Day holiday. It also flagged social media accounts spreading fake videos.
Watch out for APT and state-sponsored hackers using the Log4Shell vulnerability to gain unauthorized entry into unpatched VMware Horizon Systems and Unified Access Gateway servers, says a joint advisory from CISA and the U.S. Coast Guard Cyber Command.
A report from the company behind the world's most ubiquitous operating system depicts active cyber scrimmage between Russia and Ukraine and Russia and a slew of other countries. Fighting it is the work of private-public collaboration, Microsoft President Brad Smith writes.
The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.
The U.S. Cybersecurity and Infrastructure Security Agency has begun issuing alerts about 56 flaws across operational technology equipment built by 10 different vendors. Researchers at Forescout Technologies say the flaws trace to poor design decisions by vendors.
Iranian hackers may be responsible for rocket sirens sounding for almost an hour in two Israeli cities on Sunday night. This comes amid heightened tensions between Tehran and Jerusalem and discovery of a phishing campaign in Israel that cybersecurity firm Check Point has attributed to Iran.
Evolving to a zero trust architecture can be overwhelming for organizations, leaving many unsure of where they should even start. Cloudflare Chief Security Officer Joe Sullivan urges CISOs to break the journey into bite-sized chunks that can be easily digested.
In his spare time, ransomware expert Allan Liska recently became a certified sommelier. Branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the deductive tasting process and threat intelligence.
As the Russia-Ukraine war continues, many commentators continue to highlight the lack of Russian cyberattacks. But The Chertoff Group's Chad Sweet says Russian cyberattacks remain fast and furious, although Moscow continues to publicly downplay both the attacks and their relative failure.
Until its disruption earlier this year, the Russian-language Hydra marketplace was the world's largest darknet market. Studying how Hydra became such a success will be key to tracking and disrupting future darknet markets, says Ian Gray, senior intelligence director at Flashpoint.
The U.S. Department of Defense is seeking attorneys who are cybersecurity subject matter experts and can embed inside each agency and work closely with each other, says Lt. Col. Kurt Sanger, an attorney and deputy staff judge advocate of U.S. Cyber Command.
The war between Russia and Ukraine isn't an abstract concern for SecurityScorecard CEO Aleksandr Yampolskiy. It's a deeply personal one since Yampolskiy, who is now a U.S. citizen, grew up in Russia and rode the train to Ukraine every summer to visit his grandmother.
Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology. He also discusses recruiting and retaining new talent.