Security News

Chinese threat groups continue to deploy new malware strains on the compromised network of dozens of US and EU organizations after exploiting vulnerable Pulse Secure VPN appliances. In the previous report, FireEye mentioned 12 malware families found on and specifically designed to infect Pulse Secure VPN appliances.

Nobelium, the Russia-aligned gang identified as the perpetrators of the supply chain attack on SolarWinds' Orion software, has struck again, Microsoft vice president Tom Burt in a blogpost Thursday. Burt's post says the attacks saw Nobelium gain access to accounts on the email marketing service "Constant Contact" operated by The United States Agency for International Development.

The Federal Bureau of Investigation says state-sponsored attackers breached the webserver of a U.S. municipal government after hacking a Fortinet appliance. "As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a U.S. municipal government," the FBI's Cyber Division said in a TLP:WHITE flash alert published today.

U.S. pipeline operators will be required for the first time to conduct a cybersecurity assessment under a Biden administration directive in response to the ransomware hack that disrupted gas supplies in several states this month. The Transportation Security Administration directive being issued Thursday will also mandate that the owners and operators of the nation's pipelines report any cyber incidents to the federal government and have a cybersecurity coordinator available at all times to work with authorities in the event of an attack like the one that shut down Colonial Pipeline.

The US Department of Homeland Security has announced new pipeline cybersecurity requirements after the largest fuel pipeline in the United States was forced to shut down operations in early May following a ransomware attack. The new security directive requires critical pipeline owners and operators to report any confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency.

Cyberattacks have long been seen as a threat to financial markets, but worries are becoming even more acute following a US pipeline hack that set off a public panic and forced the company to pay a ransom. Financial exchanges that manage daily transactions of tens or hundreds of billions of dollars are an appealing target for hackers.

The federal government will issue cybersecurity regulations in the coming days for U.S. pipeline operators following a ransomware attack that led to fuel shortages across much of the Eastern Seaboard. The Transportation Security Administration, which oversees the nation's network of pipelines, is expected to issue a security directive this week that will address some of the issues raised by the Colonial Pipeline shutdown, a U.S. official said Tuesday.

If the Pentagon's Cyber Command launches an online attack and nobody knows about it, does it deter anyone? Many Americans are asking what the country's army of cyber warriors are doing after repeated attacks on US computer systems by Chinese, Russian and other hackers.

A former governor of the People's Bank of China has given a speech in which he suggested that China's Digital Yuan is not intended to increase China's influence over global financial systems. An unauthorised translation of the speech by Chinese journalist Zichen Wang reports that Zhou said China's digital currency "Is mainly targeted on the modernization of the domestic payment system, keeping pace with the digital economy and the Internet era, improving efficiency, and reducing costs, especially for the retail payment system".

For the US government and its suppliers, this executive order represents massive change. This post focuses on the Executive Order on Improving the Nation's Cybersecurity and its impact on cybersecurity and the zero trust approach.