Federal Reserve Chairman Jerome Powell, who said Wednesday the central bank is assessing the creation of a government-backed digital currency (Photo: Federalreserve via Flickr)

Fed Chair Says Central Bank Evaluating Digital Currency

Dan Gunderman • September 23, 2021

The U.S. Federal Reserve said Wednesday it is continuing to evaluate the creation of a central bank digital currency, or CBDC, and that it intends to publish research on the subject shortly, according to Chair Jerome Powell.

Blockchain & Cryptocurrency

FFIEC Updates Authentication Guidance

Latest

Cybercrime

REvil Ransomware Group's Latest Victim: Its Own Affiliates

Mathew J. Schwartz • September 25, 2021

Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.

3rd Party Risk Management

ISMG Editors’ Panel: The Rise of Quadruple Extortion Attacks

Anna Delaney • September 24, 2021

Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.

Business Continuity Management / Disaster Recovery

Ransomware Updates: Conti Attacks Rise, New Players Surface

Anna Delaney • September 24, 2021

The latest edition of the ISMG Security Report features an analysis of how the U.S. government has been tracking an increase in the pace of attacks tied to Conti ransomware. Also featured are what "protection" means today and building a new cybersecurity operating model.

Governance & Risk Management

Applying Critical, Systems and Design Thinking to Security

Steve King • September 24, 2021

Brian Barnier, a director of analytics who is developing a course on critical and design thinking in cybersecurity for CyberEd.io, is a firm believer in the importance of critical thinking today. He discusses how that, plus systems and design thinking, can improve the way cybersecurity functions.

Cybercrime

Karma Seeks Free Publicity to Fulfill Ransomware Destiny

Mathew J. Schwartz • September 24, 2021

A new and still little-known ransomware group called Karma has been pursuing a novel strategy to pressure victims into paying: Get journalists to publicize businesses hit by the ransomware operation, adding pressure on victims to pay the ransom demand.

Business Continuity Management / Disaster Recovery

Conti Ransomware Attacks Surging, US Government Warns

Mathew J. Schwartz • September 23, 2021

The pace of Conti ransomware attacks has been increasing, with more than 400 organizations globally having fallen victim, warns a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency, which details essential defenses.

Cybercrime

Microsoft Analyzes Phishing-as-a-Service Operation

Doug Olenick • September 22, 2021

Microsoft Security on Tuesday issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription all the tools needed to conduct a campaign. The gang remains operational.

3rd Party Risk Management

US Treasury Blacklists Russia-Based Crypto Exchange

Dan Gunderman • September 22, 2021

The U.S. Department of the Treasury has blacklisted Russia-based cryptocurrency exchange Suex for allegedly laundering tens of millions of dollars for ransomware operators, scammers and darknet markets. It is the first such designation for a virtual currency exchange.

Cybercrime

FBI Director Questioned Over Kaseya Decryption Key

Scott Ferguson • September 21, 2021

FBI Director Christopher Wray faced questions during a Senate hearing Tuesday concerning a published report that the bureau for almost three weeks withheld a decryption key that agents obtained from the ransomware gang that targeted software firm Kaseya.

Blockchain & Cryptocurrency

Coinbase Contracts With DHS for Blockchain Analytics

Dan Gunderman • September 21, 2021

U.S.-based cryptocurrency exchange Coinbase has contracted with the U.S. Department of Homeland Security to provide its blockchain monitoring software, according to government tracking sites. The U.S.-based exchange also withdrew plans to launch a crypto lending program amid tensions with the SEC.

Cybercrime

Ransomware Reportedly Hits Iowa Farm Services Cooperative

Scott Ferguson , Doug Olenick • September 20, 2021

NEW Cooperative, an Iowa-based farm services cooperative, has reportedly been targeted by the BlackMatter ransomware gang, demanding a $5.9 million payment from the organization, according to security researchers and published reports. The cooperative is working with law enforcement agencies.

Blockchain & Cryptocurrency

Hacker Makes Off With $12 Million in Latest DeFi Breach

Dan Gunderman • September 20, 2021

In the latest security incident involving a decentralized finance protocol, cross-chain project pNetwork announced Sunday it had been hacked for 277 pBTC, a form of wrapped bitcoin, with losses worth over $12 million at current value.