Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access CISA Alert Published May 17, 2022: Summary Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This…
Category: Commentaries and Analyses
Mandiant Quietly Investigating Suspected Russian Intrusions
Katrina Manson reports: Right now, cyber investigators at Mandiant say they’re actively responding to more than a dozen live intrusions by Russian foreign intelligence services aimed at diplomats, military computers, defense contractors and other targets. […] One reason the Russian attacks aren’t making headlines is that, according to Mandiant’s findings, the actual number of them is roughly…
How criminals got away with hacking Pennsylvania unemployment accounts
Angie Moreschi reports: Paula Soffa is just one of the thousands of Pennsylvanians whose unemployment insurance account was hacked over the past year— not once, but twice. “They changed my password, they changed my username, and they changed my security questions,” Paula told 11 Investigates Angie Moreschi. “I was like what the heck! I was…
How to Fight Foreign Hackers With Civil Litigation
Kellen Dwyer, Kim Peretti, and Emily Skahill of Alston & Bird write: The Department of Justice dealt a blow to global cybercrime on April 6 with the takedown of a massive botnet controlled by “Sandworm”—the Russian General Staff Main Intelligence Directorate (GRU) unit responsible for the 2017 NotPetya attack, among others. This operation reflects the…
Italy prevents pro-Russian hacker attacks during Eurovision contest
Reuters reports: Italian police thwarted hacker attacks by pro-Russian groups during the May 10 semi-final and Saturday final of the Eurovision Song Contest in Turin, authorities said on Sunday. Ukraine’s Kalush Orchestra won the contest with their entry “Stefania”, riding a wave of public support to claim an emotional victory that was welcomed by the…
Most organizations hit by ransomware would pay up if hit again
Dan Robinson reports: Almost nine in 10 organizations that have suffered a ransomware attack would choose to pay the ransom if hit again, according to a new report, compared with two-thirds of those that have not experienced an attack. The findings come from a report titled “How business executives perceive ransomware threat” by security company…