The city of Kupiansk in the Kharkiv province of Ukraine after a Russian artillery attack on Jan. 25 (Image: Ministry of Culture and Information Policy of Ukraine)

Russian Sandworm APT Adds New Wiper to Its Arsenal

Mihir Bagwe • January 31, 2023

Security researchers say they found the Russian intelligence-linked Sandworm threat actor deploying a novel disk wiper against an energy sector company located in Ukraine. Data wipers have played a key role in Russia's hacking campaign against Ukraine.

Cloud Security

Microsoft 365 Cloud Service Outage Disrupts Users Worldwide

Latest

Customer Identity & Access Management (CIAM)

Founder Sachin Nayyar Back as CEO of Identity Vendor Saviynt

Michael Novinson • January 31, 2023

Saviynt has brought founder and longtime leader Sachin Nayyar back as its chief executive to govern access around privileged, machine and third-party identities. Saviynt wants Nayyar to implement a strategy that incorporates everything from critical apps and cloud workloads to IoT devices and bots.

Cybercrime

HHS, AHA Warn of Surge in Russian DDoS Attacks on Hospitals

Marianne Kolbasuk McGee • January 30, 2023

Government authorities and industry groups are warning the healthcare sector of ongoing distributed denial-of-service attacks on hospitals and other medical entities by Russian nuisance hacking group KillNet, whose name comes from a tool used to launch DDoS attacks.

General Data Protection Regulation (GDPR)

JD Sports Details Data Breach Affecting 10 Million Customers

Mathew J. Schwartz • January 30, 2023

JD Sports, a sports fashion retailer with global operations, says personal details pertaining to about 10 million online customers of JD Sports and its Size?, Millets, Blacks, Scotts and MilletSport brands from 2018 to 2020 have been stolen by attackers and warns customers to beware of scammers.

Cyberwarfare / Nation-State Attacks

Ukraine Links Media Center Attack to Russian Intelligence

Mihir Bagwe , Prajeet Nair • January 28, 2023

Ukraine traced a cyberattack that delayed a press briefing by the nation's information protection agency Tuesday to Russian Sandworm hackers. The group, which is accused of using wiper malware to disrupt the Ukrainian national Media Center, has close ties to the Russian GRU, investigators say.

Endpoint Security

European IoT Manufacturers Lag in Vulnerability Disclosure

Akshaya Asokan • January 27, 2023

A review of internet of things manufacturers by Copper Horse shows that European companies fared the worst in having vulnerability disclosure policies. The European Commission has proposed legislation known as the Cyber Resilience Act that would make vulnerability disclosure policies mandatory.

Cyberwarfare / Nation-State Attacks

Russian Nuisance Hacking Group KillNet Targets Germany

Mihir Bagwe • January 27, 2023

A pro-Kremlin hacking group with a history of launching distributed denial-of-service attacks took its annoyance tactics to Germany following Berlin's announcement that it will ship Leopard 2 battle tanks to Ukraine's front lines. A German government spokesperson said the attacks had minimal effect.

Fraud Management & Cybercrime

ISMG Editors: Why Are Ransomware Profits Dipping?

Anna Delaney • January 27, 2023

In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether ChatGPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.

Healthcare

Entity Will Pay $4.3 Million Settlement in 2nd Big Hack Case

Marianne Kolbasuk McGee • January 27, 2023

A Montana healthcare entity has agreed to pay $4.3 million to settle a proposed class action lawsuit filed in the wake of a 2021 hacking incident affecting 214,000 individuals. The deal is the entity's second multimillion-dollar lawsuit settlement in the last four years involving a major breach.

Geo Focus: The United Kingdom

UK Insurers Mostly Withstand Cyber Stress Test

David Perera • January 26, 2023

A periodic stress test assessment of U.K. insurers by the Bank of England found underwriters mostly withstood extreme cyber events. Still, underwriters may not be operating from the same set of assumptions when it comes to the likelihood of having to manage an actual extreme cyber event.

Critical Infrastructure Security

Uniform Infrastructure Raises Risk for Industrial Attacks

Michael Novinson • January 26, 2023

The increased physical connectivity of digital assets has expanded the attack surface and added complexity for engineers in industrial environments, says Dragos CEO Robert Lee. More industrial automation and new systems have made it tougher for plant operators to conduct root cause analysis.

Cyberwarfare / Nation-State Attacks

UK Warns of Surge in Russian, Iranian APT Phishing Threats

Akshaya Asokan • January 26, 2023

Russian and Iranian state-sponsored hackers are using advanced social engineering tactics to target journalists, defense organizations and academic and civil society organizations in the U.K. for cyberespionage campaigns, the British National Cyber Security Center warns.

Fraud Management & Cybercrime

2 Hacks Involving Mental Health Data Affected Nearly 400,000

Marianne Kolbasuk McGee • January 26, 2023

Two hacking breaches - one at a non-profit provider of foster care, mental health and substance treatment services, and the other at a provider of behavioral health services - have affected sensitive information of nearly 400,000 individuals.