Security News

Today, the UK government has announced a call for advice on defending against software supply-chain attacks and ways to strengthen IT Managed Service Providers across the country. The move comes after last week when President Biden had issued an executive order to increase cybersecurity defenses across the U.S. The government's invitation to provide feedback that will be open for almost two months comes at a time of prominent cyberattacks such as, the Colonial Pipeline incident, the Codecov supply-chain attack, and ransomware attacks on mission-critical organizations [1, 2] that continue to grow.

There's going to have to be a lot more new procedures developed, a lot better procedures developed to bridge the gap between operational technology and information technology to get those control systems where they need to be. There's going to be a really good focus on what it means to be at that national, and even the regional levels within the control systems there, to start having more robust sharing of that information that's going on within these networks.

A new Android malware that impersonates the Google Chrome app has spread to hundreds of thousands of people in the last few weeks, according to researchers. The fake app is being used as part of a sophisticated hybrid cyberattack campaign that also uses mobile phishing to steal credentials.

The University of California this week confirmed that personal information was stolen in a cyberattack involving the Accellion File Transfer Appliance service. UC initially confirmed impact from the incident in early April, after the operators of Clop ransomware, which orchestrated the attack on Accellion's service, published on their Tor-based leaks website information allegedly stolen from the university and other entities.

The DarkSide ransomware gang posted a new "Press release" today stating that they are apolitical and will vet all targets before they are attacked. Today, the DarkSide ransomware gang issued a press statement stating that their organization is 'apolitical' and is not associated with any government.

Texas-based IT management company SolarWinds on Friday shared more information on the impact of the significant breach disclosed late last year, and claimed that less than 100 of its customers were actually hacked. Initial reports said more than 250 organizations were actually breached, but the U.S. government later said that it had identified roughly 100 private sector companies and 9 federal agencies whose systems were targeted by the attackers.

The cyberextortion attempt that has forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, two people close to the investigation said Sunday. Commerce Secretary Gina Raimondo said Sunday that ransomware attacks are "What businesses now have to worry about," and that she will work "Very vigorously" with the Department of Homeland Security to address the problem, calling it a top priority for the administration.

Colonial Pipeline halts all fuel pipeline operations in response to ransomware attack. A cyberattack has forced an operational shutdown of the Colonial Pipeline, the largest refined products pipeline in the United States.

The company providing internet services for Belgium's parliament, government agencies, universities and scientific institutions said Tuesday that its network was under cyberattack, with connections to several customers disrupted. Belnet said in a statement the attack "Is still in progress and takes place in successive waves. Our teams are working hard to mitigate them." The company has around 200 customers.

To better defend their networks, systems, and devices from an ongoing barrage of attack techniques, healthcare organizations are increasingly turning to zero trust architecture, which does away with the traditional security perimeter, assuming that every user and every device on the network could potentially be malicious. Ransomware - widely prevalent in connected healthcare environments due to outdated and unpatched operating systems in myriad devices.