PIR Bank headquarters in Moscow (Photo: Google)

Bank Hackers Exploit Outdated Router to Steal $1 Million

Mathew J. Schwartz • July 20, 2018

Hackers stole at least $920,000 from Russia's PIR Bank after they successfully compromised an outdated, unsupported Cisco router at a bank branch office and used it to tunnel into the bank's local network, reports incident response firm Group-IB.

Cybercrime

Australian Airport Identity Card Issuer Breached

Latest

Endpoint Security

LabCorp Still Recovering From Ransomware Attack

Marianne Kolbasuk McGee • July 20, 2018

Medical testing laboratory firm LabCorp is still working to fully recover systems functionality nearly a week after a cyberattack that the company now claims involved "a new variant" of ransomware. What can other organizations do to avoid becoming the next victim?

Breach Notification

Hackers Grab 1.5 Million Patients' Details in Singapore

Mathew J. Schwartz • July 20, 2018

Singapore's largest healthcare group has suffered a hack attack that exposed 1.5 million residents' personal details. But authorities say the "deliberate, targeted and well-planned attack" appears to have been principally designed to steal medical information pertaining to the country's prime minister.

Cyberwarfare / Nation-state attacks

Trump's Views on Russian Election Meddling: A History

Nick Holland • July 20, 2018

This edition of the ISMG Security Report includes an analysis by Executive Editor Matthew J. Schwartz on President Donald Trump's changing views on election meddling, plus an update on voter data being accidently exposed by a robocalling company.

Cyberwarfare / Nation-state attacks

How Trump Talks About Russian Hacking

Mathew J. Schwartz • July 19, 2018

President Donald Trump has stated that he believes the Russian government attempted to interfere in U.S. elections. But at times, he appears to have also suggested that the interference may be attributable to other countries instead.

Cyberwarfare / Nation-state attacks

Trump's DNC 'Server' Conspiracy Rebutted

Mathew J. Schwartz • July 17, 2018

Asked in a press conference if he would denounce Russia for interfering in U.S. elections, President Trump responded with a conspiracy theory about a missing DNC server. Some security experts say Trump's response was nonsense and flies in the face of good digital forensics and incident response practice.

Breach Notification

Timehop Reveals Additional Data Compromised by Hacker

Jeremy Kirk • July 16, 2018

Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.

Cyberwarfare / Nation-state attacks

'Time for US Cyber Command to Take the Gloves Off'

Tom Field • July 13, 2018

In the wake of news that 12 additional Russians have been indicted for conspiring to interfere with the 2016 presidential election, a key question emerges: What will President Trump say when he meets Monday with Russian President Vladimir Putin? Carbon Black's Tom Kellermann offers analysis.

Breach Response

Analysis: California's Groundbreaking Privacy Law

Nick Holland • July 13, 2018

The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.

Data Breach

RiskIQ: Ticketmaster Hackers Compromised Widely Used Tools

Jeremy Kirk • July 12, 2018

Magecart, the criminal group behind the recent data breach at certain Ticketmaster websites, may have also hit the company's sites in Australia, New Zealand, Turkey and Hungary, according to RiskIQ, which says the group's digital payment card skimmers may also affect as many as 800 other e-commerce sites.

Blockchain Applications

Cryptocurrency Exchange Developer Bancor Loses $23.5 Million

Jeremy Kirk • July 11, 2018

Attackers have stolen $23.5 million in cryptocurrency from Bancor, which is developing a decentralized exchange. The cause of the hack may have been a failure by Bancor to protect authentication keys that allowed for changes in its token smart contracts.

Application Security

Implementing a 'Zero Trust' Approach to Security

Tom Field • July 11, 2018

Every application should be protected the same way no matter where it resides, rather than focusing on a "perimeter" approach, says Doug Copley of Duo Security, who describes a "zero trust" approach.

Breach Response

Timehop: Lack of Multifactor Login Controls Led to Breach

Jeremy Kirk • July 10, 2018

Timehop, an application that revives older social media posts, says the lack of multifactor authentication on a cloud services account led to a data breach affecting 21 million users. The breach exposed names, email addresses, phone numbers and access tokens Timehop used to read information from accounts.