Cybercrime

White House Cybersecurity Adviser Wants a ‘Cleanliness Rating’ for Software Security
- By Adam Janofsky
- . March 5, 2021
Policymakers are considering a number of changes to the nation’s cybersecurity posture as a result of the SolarWinds supply chain attack discovered late last year, including data breach notification laws and greater oversight of the nation’s critical infrastructure. In one of her first public appearances since joining the Biden White House, Deputy National Security Adviser Anne Neuberger floated another idea from an unlikely place: New York City dining establishments…

Massive FluBot Botnet Infects 60,000 Android Smartphones
- By Catalin Cimpanu
- . March 5, 2021
In the span of just two months, a new Android malware strain named FluBot has infected more than 60,000 devices, with 97% of the victims located in Spain. First spotted at the start of the year by security firm ThreatFabric (under the name of Cabassous), FluBot’s inner workings were described in a report published today by Swiss security firm PRODAFT…

Maza Cybercrime Forum Hacked, User Data Dumped Online
- By Catalin Cimpanu
- . March 4, 2021
A hacker has breached Maza Faka, one of the oldest underground cybercrime forums active today, shut down its Tor-based website, and leaked the details of around 3,000 users in a PDF file posted on the forum’s front page. The security breach, which took place yesterday, on March 3, 2021, resulted in the leak of sensitive details about the forum’s registered users….

Solutions to Detect Ransomware Attacks Can Often Be Very Trivial
- By Catalin Cimpanu
- . March 3, 2021
A tool released today has network defenders excited about the idea of detecting and preventing ransomware attacks with the help of fake processes and process canaries, showing that solutions to detect and block ransomware attacks don’t necessarily have to be over-complicated and expensive. Named Killed Process Canary, the tool works by creating a group of empty Windows services on a Windows computer that is likely to be targeted during a ransomware attack…

More Zero-Days Have Been Linked to Private Companies Than Any Nation State
- By Catalin Cimpanu
- . March 2, 2021
Using data from a spreadsheet compiled by Google Project Zero researchers, the Atlantic Council research team said that of the 129 zero-days abused in real-world attacks since 2014, there was enough information to attribute 72 to a specific threat actor. Of these 72 cases, researchers said that 14 zero-days could be linked to private companies as the creators of the zero-day exploit that was deployed in the attack. The 14 zero-days, taken collectively, put private companies as the largest supplier of zero-days abused in the wild, larger than any single state or the cybercrime ecosystem as a whole…

A Conversation With Alisa Esage, a Russian Hacker Who Had Her Company Sanctioned After the 2016 Election
- By Dmitry Smilyanets
- . March 1, 2021
In December 2016, then-President Barack Obama signed an executive order that announced sanctions on Russian individuals and organizations in response to election interference efforts. The list included several notorious hackers, as well as Russia’s Federal Security Service (FSB) and Main Intelligence Directorate (GRU). Also on the list was a lesser-known organization that left many puzzled: ZOR Security, founded by virus analytics expert Alisa Esage…

China-Linked Hackers Target India’s Power Grid Amid Border Clashes
- By Adam Janofsky
- . March 1, 2021
Over the course of the last year, hackers with suspected links to the Chinese government targeted a large portion of India’s power sector as the two countries engaged in border skirmishes that resulted in dozens of casualties, according to new research from Recorded Future. Ten distinct power sector organizations, including four of the country’s five Regional Load Dispatch Centres, have been identified as likely targets. The centers play a key role in operating India’s power grid by balancing electricity supply and demand…

Former NSA and Cyber Command Chief Keith Alexander on SolarWinds, Cyberwar, and China
- By Adam Janofsky
- . February 26, 2021
“The commercial sector is trying its best to fight against a government and all its resources. That’s not a fair fight… China will tell you it’s not stealing your stuff, and then goes and steals your stuff…
It can’t be just trusting them—it’s trust but verify. Look at what’s going on in the COVID-19 arena alone and the theft of intellectual property. It’s huge… This is the biggest transfer of wealth in history, and it’s going right out the front door…”

Hospitals, Schools Get a Crucial Break From Ransomware Attacks
- By Adam Janofsky
- . February 25, 2021
After a year of what felt like nonstop cyberattacks on the most vulnerable targets, healthcare and government organizations started 2021 with ransomware incidents at their lowest point in more than a year. There were just two ransomware attacks on healthcare organizations in January, a fourfold decrease from the monthly average in 2020. State and local governments reported four ransomware incidents in January—that compares to 14 attacks in December of last year and 15 attacks from one year prior…

With Biden in Office, Global Policymakers Are Making a Renewed Push for Cyber Norms
- By Adam Janofsky
- . February 23, 2021
On Tuesday, diplomats from Australia, France, and Estonia, as well as private sector cybersecurity officials, emphasized the need for a renewed focus on norms in cyberspace, and suggested that progress could be made in the coming years. “As cyber threats grow, it’s vitally important that UN discussions keep pace, or they really do risk losing credibility,” said Tobias Feakin, Australia’s ambassador for cyber affairs and critical technology, at a virtual event on cyber norms hosted by the U.S. Chamber of Commerce. And one of the biggest assets for this renewed push may be the fact that there’s a new administration in the White House….