Cedric Pernet, Fyodor Yarochkin, and Vladimir Kropotov write: … The trend for access-related cybercrime, such as credential stuffing, is steadily rising with no sign of slowing down. According to an Akamai report, there has been a total of 88 billion credential stuffing attacks from January 2018 to December 2019. Credential stuffing, a type of a…
Category: Commentaries and Analyses
Ripe for the Picking: Hackers Target Agribusinesses
Peter N. McClelland, CIPP/US and Allen N. Trask, III of Ward and Smith write: Agribusiness may not be an industry that the public at large often associates with data breaches and hacking, but whatever the perception may be, the agricultural sector of the American economy is increasingly a ripe target for malicious foreign actors, digital…
Cyberspies target military organizations with new Nebulae backdoor
Sergiu Gatlan reports: A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. For at least a decade, the hacking group known as Naikon has actively spied on organizations in countries around the South China Sea, including the Philippines, Malaysia, Indonesia, Singapore, and Thailand,…
Codecov starts notifying customers affected by supply-chain attack
Ax Sharma reports: As of a few hours ago, Codecov has started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov application interface, state that the company believes the affected repositories were downloaded by threat actors. The original security advisory posted by Codecov lacked any…
Hackers are attacking the COVID-19 vaccine supply chain
Dan Patterson reports: Hackers have targeted companies that distribute the COVID-19 vaccine to a degree previously unreported, according to research from IBM Security. Starting last year, attackers attempted to access sensitive information about the vaccine’s “cold chain” distribution system. IBM Security said the phishing attack targeted 44 companies in 14 countries across Europe, North America, South America…
RTF Report: Combatting Ransomware A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force
From the Institute for Security & Technology: A Comprehensive Framework for Action Ransomware is no longer just a financial crime; it is an urgent national security risk that threatens schools, hospitals, businesses, and governments across the globe. This is not a problem that any one entity can solve. Over 60 experts from industry, government, law…