Security News

A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges. According to court documents [PDF], Paunescu allegedly ran a "Bulletproof hosting" service using computers in Romania, America, and other locations to help cybercriminals distribute Gozi and other malware including the Zeus Trojan and SpyEye Trojan.

A former Maryland Cabinet-level official and a former IT executive have pleaded guilty to involvement in a bribery and extortion scheme related to technology contracts about a decade ago. According to the US Attorney's Office of the State of Maryland, Isabel FitzGerald, 52, of Annapolis, Maryland, and Kenneth Coffland, 67, of Riva, Maryland, pleaded guilty last week to charges of bribery and extortion, respectively.

The shift to cloud native development, along with the increased speed in development brought about by the adoption of DevOps processes, has made the challenges connected with securing software supply chains infinitely more complex. Adversaries, motivated by the success of high-profile software supply chain attacks on companies like SolarWinds and Kaseya, are stepping up attacks against software build and distribution environments.

Majority of CIOs say their software supply chains are vulnerable, execs demand action. A new survey of 1,000 CIOs conducted by Venafi shows that over 80% said their organizations are vulnerable to cyberattacks targeting software supply chains.

Network engineers and CIOs agree that cybersecurity issues represent the biggest risk for organizations that fail to put networks at the heart of digital transformation plans. According to a research commissioned by Opengear, 53% of network engineers and 52% of CIOs polled in the U.S., U.K., France, Germany, and Australia rank cybersecurity among the list of their biggest risks.

Ask 1,000 CIOs whether they believe their organizations are vulnerable to cyberattacks targeting their software supply chains and about 82 percent can be expected to say yes. "The results show that while CIOs understand the risk of these types of attacks, they have yet to grasp the fundamental organizational changes and new security controls they will need to incorporate into their security posture to reduce the risk of supply chain attacks that can be devastating to themselves and their customers," says Venafi's report, which was released on Tuesday.

Nearly all CIOs surveyed believe their roles have evolved and expanded in the past few years, and that they are being asked to make business decisions that go far beyond technology. 9-in-10 CIOs say that their roles and responsibilities have expanded beyond technology, including non-traditional areas such as data analytics and business reporting, sustainability/ESG, DE&I, HR/talent acquisition, and sales/marketing.

Runecast moves organizations ahead of these challenges with automated discovery and single-platform visibility of issues for IT Security and Operations teams. Runecast began as an answer to a problem that many IT teams were having, including its founders: after hours or even days of searching for root causes to problems, 90% of the issues discovered within their environments had been already documented - and could have been avoided with the assistance of automation.

A colleague asked me recently if I thought the FBI had finally experienced enough of the cyberattacks plaguing the United States and would now more aggressively pursue the attackers. Combating cybercrime is exponentially more difficult than combating traditional criminal activities, as technologies and techniques make it very easy for cybercriminals to hide their true identities, locations, and allegiances.

An IBM Institute for Business Value study revealed CIOs' influence on business strategy and operations is growing as technology pervades surveyed enterprises. "The COVID-19 pandemic has accelerated the need for AI and hybrid cloud applications to power business critical processes," said Kathryn Guarini, CIO, IBM. "In our post-pandemic era, the role of technology has never been more critical and it's up to CIOs to influence strategy, break down internal silos, and drive agility and innovation across every part of the business."