Security News

The US Department of Education and Department of Homeland Security were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks. For context on the impact of ransomware on US education institutions throughout 2021, ransomware attacks have disrupted education at roughly 1,000 universities, colleges, and schools since the start of the year, according to Emsisoft threat analyst Brett Callow.

The US Federal Trade Commission has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology.The first step businesses are advised to take to fend off such attacks is to ensure their tech teams follow the best practices outlined by CISA in this Ransomware Guide and the Fact Sheet on Rising Ransomware Threat to Operational Technology Assets.

US President Joe Biden has signed The Secure Equipment Act yesterday, legislation that prevents US regulators from even considering the issuance of new telecom equipment licenses for companies deemed security threats - which means the likes of China's Huawei and ZTE. In October, the legislation was unanimously approved by the US Senate, while the House of Representatives passed it on a 420-4 vote. ZTE Corp and other Chinese tech companies, the bill itself specifies that this includes equipment that is listed in the Secure and Trusted Communications Networks Act of 2019.

Although the accommodation booking website reportedly asked the Dutch AIVD spy agency for help with the breach after its internal investigation identified "Andrew" as having connections to US spy agencies, it did not notify either its affected customers or data protection authorities in the Netherlands at the time, the newspaper allged. "When we asked for comment about the allegations, a Booking.com spokesperson told us:"With the support of external subject matter experts and following the framework established by the Dutch Data Protection Act, we confirmed that no sensitive or financial information was accessed.

New legislation introduced this week by US lawmakers aims to set ransomware attack response "Rules of road" for US financial institutions. If signed into law, the new bill will require US financial institutions impacted by a ransomware attack to notify the Director of the Treasury Department's Financial Crimes Enforcement Network with details on the attack and any associated ransom demands.

The Federal Bureau of Investigation warned private industry partners of attempts by an Iranian threat actor to buy stolen information regarding US and worldwide organizations. According to the FBI, the threat actor will likely use the leaked data bought from clear and dark web sources to breach the systems of related organizations.

As the US season of giving thanks and turkey carnage approaches, let us reflect upon Microsoft's November Patch Tuesday, which has bestowed 55 CVEs and the promise of continued employment for the IT admins who have to clean up the recurring mess of software. "Historically speaking, 55 patches in November is a relatively low number," mused Zero-Day Initiative's Dustin Childs in a review of the bundle.

Digital driver's licenses should work the same way, according to privacy and security experts. Several states are moving forward with digital driver's licenses.

On Monday, the US Department of Justice announced formal charges against two foreign nationals for their role in deploying REvil ransomware attacks against organizations throughout the country. A 22-year-old Ukrainian national named Yaroslav Vasinskyi has been charged with multiple ransomware incidents, including the July 2021 attack against IT enterprise firm Kaseya.

In a major ransomware bust US and European authorities on Monday announced separate but related indictments and arrests linked to extortionware attacks on IT service provider Kaseya and other firms. Europol said Romanian police last week arrested two individuals suspected of involvement in cyberattacks that utilized the Sodinokibi/REvil ransomware.