DataBreachToday.com

Looking Back on the Ransomware Attacks, Resilience Lessons and Tech Trends
In the latest weekly update, ISMG editors discussed defining cybersecurity moments of 2024, from the CrowdStrike outage and its implications for vendor resilience to ransomware's continued evolution, and the shifting dynamics in the tech industry affecting startups and M&A activity.

Feds Seek Extradition of Dual Russian, Israeli Citizen Rostislav Panev From Israel
A newly unsealed U.S. federal indictment against Rostislav Panev says the LockBit ransomware operation paid the Israeli national a $10,000 monthly salary for coding and consulting services. Federal prosecutors are seeking Panev's extradition from Israel following his August arrest.

Infoblox CEO Scott Harrell Pushes Unified Strategy Amid Hybrid Cloud Convergence
Scott Harrell, CEO of Infoblox, explores the convergence of network operations, security operations and cloud operations to tackle hybrid infrastructure complexities. He introduces Universal DDI and emphasizes a shift toward proactive threat management to counter AI-driven malware.

Feds Warn That Connected Devices Are Prey for Cyberattackers
The security of medical devices has been getting most of the attention from regulators in recent years, but other devices that make up the medical internet of things and operational technology systems are also vulnerable to cyberattacks, federal authorities warned in a new advisory.

Also, CoinLurker Malware Steals Data via Fake Updates
Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, LastPass breach linked to $5.4M crypto theft, CoinLurker malware steals data via fake updates, cryptocurrency key to 27 million euro seizure and nearly 800 arrested in crypto-romance scam.

CISA Says 2035 Quantum Deadline Remains Achievable Despite Recent Breakthroughs
The federal government’s 2035 mandate to adopt quantum-resistant encryption remains feasible despite technological advancements in quantum computing, a top official for the U.S. cyber defense agency told ISMG, but experts warn challenges such as bureaucratic delays and financial costs persist.

Also: Interpol Says 'Pig Butchering' Shames Victims, A Data Leak Scandal in Mexico
This week, U.S. asks Israel to extradite an alleged LockBit coder, don't say "pig butchering," and an Apache Struts flaw. A hunt for alleged data thieves in Mexico, Europe probes TikTok and Netfilix fined 4.75 million. A ransomware attack against Texas medical centers and a credit union breach.

CISA Recommends Strict Mobile Security Measures Following Salt Typhoon Telecom Hack
The Cybersecurity and Infrastructure Security Agency's latest guidance calls on top U.S. political and government officials to adopt stricter mobile security measures in response to the Salt Typhoon hacking campaign, a Chinese espionage effort that has infiltrated major telecom systems.

Data Diodes Enhance Air-Gapped Network Security, Deliver Advanced Network Isolation
OPSWAT's acquisition of Fend integrates advanced hardware-based security with OPSWAT's platform, delivering robust protection against cyberattacks on critical infrastructure like power grids and water systems. Fend's small-form-factor data diodes meet the demand for affordable, scalable solutions.

Amendment to Computer Misuse Act Fails During Bloc Vote
A proposed amendment to British anti-hacking law that would have provided a legal shield to white hat hackers failed Wednesday in the House of Lords. Under the Computer Misuse Act, access to a computer system without adequate consent from the system owner is illegal.

Many SonicWall Firewalls Are Unsupported or Lack Patches for Known Vulnerabilities
Thousands of SonicWall network security devices remain exposed with critical security flaws, including 20,000 running outdated firmware that no longer receives vendor support. Despite patches available for some of these flaws, many organizations continue to run the outdated firmware.

At Least 1,000 Hosts Still Vulnerable as Ransomware Group Claims Mass Exploits
More than 1,000 Cleo managed file-transfer hosts remain internet-exposed and unpatched, despite warnings of a mass attack targeting critical vulnerabilities in the widely used software. The Clop ransomware operation, which has repeatedly targeted MFT software, claimed credit for the attacks.

CISOs at Organizations That Fell Victim Have a Different Story, 451 Research Finds
Are your defenses against ransomware good enough to survive contact with the enemy? Don't be so sure. A new study from market researcher 451 Research finds that "overconfidence in security tooling remains an issue in the face of ransomware" for organizations that haven't yet fallen victim.

APT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT
A suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh.

Deal Targets Open Source Library Risks in Software Supply Chain, Boosts DevSecOps
The integration of Tidelift into Sonar's ecosystem will enhance software supply chain security by leveraging human-verified insights from maintainers of popular open source libraries. Developers can expect comprehensive tools to address vulnerabilities in first-party, AI-generated, and third-party code.