The Best of Virtual RSA Conference 2021

Information Security Media Group • June 15, 2021

With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.

►

Leadership & Executive Communication

Profiles in Leadership: Diego Souza

Latest

Cybercrime

Analysis: The Cyber Impact of Biden/Putin Summit Meeting

Scott Ferguson • June 17, 2021

After U.S. President Joe Biden and Russian President Vladimir Putin discussed cybersecurity issues at their Wednesday summit meeting in Geneva, security experts and analysts began sizing up what the next steps might be following what some are calling a "transformational moment."

Blockchain & Cryptocurrency

In Ransomware Battle, Bitcoin May Actually Be an Ally

Jeremy Kirk • June 17, 2021

Bitcoin has enabled fast payments to cybercriminals pushing ransomware. How to deal with bitcoin is the subject of a spirited debate, with some arguing to restrict it. But bitcoin doesn't always favor cybercriminals, and it may actually be more of an ally than a foe by revealing webs of criminality.

Cyberwarfare / Nation-State Attacks

Biden Promises Retaliation Unless Putin Stops Cyberattacks

Doug Olenick • June 16, 2021

U.S. President Joe Biden issued a clear warning to Russian President Vladimir Putin at their Geneva summit Wednesday, saying that should Russia continue to launch cyberattacks against U.S. critical infrastructure sectors, or hack software supply chains, then Moscow should expect to see retaliation.

Cybercrime

Ukraine Arrests 6 Clop Ransomware Operation Suspects

Mathew J. Schwartz • June 16, 2021

Just before Wednesday's U.S.-Russia summit, at which cybercrime was high on the agenda, authorities in Ukraine announced they had busted six suspected members of the Clop ransomware operation. Security experts say these apparently were midlevel players, with Clop's main operators likely based in Russia.

Business Email Compromise (BEC)

Behind the Scenes of a BEC Attack

Rashmi Ramesh • June 16, 2021

The Microsoft 365 Defender research team says it has “disrupted a large-scale BEC infrastructure hosted in multiple web services.” It describes in a blog post how the fraud scheme worked.

Cybercrime

How 'SEO Poisoning' Is Used to Deploy Malware

Prajeet Nair • June 16, 2021

SolarMarker malware operators are using "SEO poisoning" techniques to deploy the remote access Trojan to steal sensitive information, Microsoft reports.

Cyberwarfare / Nation-State Attacks

NATO Endorses Cybersecurity Defense Policy

Scott Ferguson • June 15, 2021

The U.S. and its NATO allies endorsed a new cybersecurity defense policy during President Biden's visit this week with member states in Brussels. The policy agreement comes as Biden prepares to meet Russian President Vladimir Putin on Wednesday to discuss cybersecurity and other issues.

Breach Notification

Volkswagen, Audi Notify 3.3 Million of Data Breach

Jeremy Kirk • June 15, 2021

Volkswagen and its Audi subsidiary are notifying 3.3 million people in the U.S and Canada of a breach of personal information by a marketing services supplier. Volkswagen says 90,000 of those affected may have also had their driver's license number, loan data and other personal information exposed.

Governance & Risk Management

Cybersecurity Insurance: Has It's Time Come?

Steve King • June 15, 2021

As the cyberthreat landscape grows exponentially more complicated, the insurance industry is trying to keep pace. Yet, many organizations still lack cybersecurity insurance. Lynn Peachey, director of business development at Arete Incident Response, breaks down the basics of these insurance policies.

Cybercrime

'Fear' Likely Drove Avaddon's Exit From Ransomware Fray

Mathew J. Schwartz • June 15, 2021

Based on Russian-language cybercrime chatter, "fear" likely drove the lucrative Avaddon ransomware-as-a-service operation to announce its retirement as the U.S. exerts increasing diplomatic pressure on Moscow to disrupt such activity, experts say. But are criminals simply laying low until the heat dies down?

Critical Infrastructure Security

Avaddon Ransomware Operation Calls It Quits, Releases Keys

Mathew J. Schwartz • June 14, 2021

The prolific Avaddon ransomware-as-a-service operation has announced its closure and released 2,934 decryption keys for free. Has the increased focus by Western governments on combating ransomware been driving this and other operations to exit the fray?

3rd Party Risk Management

ISMG Editors' Panel: The FBI's Global Cryptophone Sting

Anna Delaney • June 11, 2021

Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.