Security News

A Russian national was indicted in the US on Tuesday for allegedly running an online marketplace selling access to credit card, shopping, and web payment accounts belonging to tens of thousands of victims. Marketplace A functioned like any other online store, and even had bundle deals, such as an offer to buy access to two online retail accounts and get some credit card information thrown in, for the same victim, it was claimed.

The Russian government is exploring "Options for potential cyberattacks" on critical infrastructure in the U.S., the White House warned on Monday, in retaliation for sanctions and other punishments as the war in Ukraine grinds on. "The current conflict has put cybersecurity initiatives in hyperdrive, and today, industry leaders aren't just concerned about adversaries breaching critical infrastructure but losing access and control to them," Saket Modi, co-founder and CEO at Safe Security, said via email.

US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks. "Most of America's critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors," he noted, and advised those that have not yet done it to harden their cyber defenses by implementing security best practices delineated earlier this year.

In a joint security alert, the US Cybersecurity and Infrastructure Security Agency and FBI "Strongly encourage" critical infrastructure operators, along with SATCOM network providers and customers, to put in place a series of mitigation steps to shore up their networks. Security teams suffer from alert fatigue with the financial sector being hit the hardest, according to a new Orca Security report.

The AvosLocker ransomware has targeted multiple victims across the country, according to the joint advisory [PDF] issued late last week by the FBI, Treasury Department and Financial Crimes Enforcement Network. Palo Alto Networks' Unit 42 researchers in July 2021 wrote about an advertisement they saw on Dread, which they described as a "Reddit-like dark web discussion forum," for a new RaaS called AvosLocker, outlining features of the ransomware and letting affiliates who leverage the malware know that AvosLocker operators would handle the negotiation and extortion practices.

The Federal Bureau of Investigation warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors. "AvosLocker is a Ransomware as a Service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors," the FBI said [PDF].

CISA and the FBI said today they're aware of "Possible threats" to satellite communication networks in the US and worldwide. Today's security advisory also warned US critical infrastructure organizations of risks to SATCOM providers' customers following network breaches.

Companies critical to U.S. national interests will now have to report when they're hacked or they pay ransomware, according to new rules approved by Congress. The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President Joe Biden soon.

Palo Alto Networks has rolled out a new supply chain security system that the cybersecurity vendor claims can identify vulnerabilities and misconfigurations across the lifecycle of cloud native applications. It's called Prisma Cloud Supply Chain Security, and it scans for any issues in code - such as version control system and CI pipeline misconfigs - across open-source packages, infrastructure-as-code files and delivery pipelines, according to the security shop.

British infosec pro Vic Harkness traveled to Ukraine to offer humanitarian help - and while taking a break in the western city of Lviv she described to The Register what it's like in the war-torn country. Harkness, who originally traveled to Poland with a group of friends to try to help out before crossing the border, is not there to do any infosec work, she explained.