IT Security Newsletter - 9/21/23
International Criminal Court hit in cyber-attack amid Russia war crimes probe
The International Criminal Court said crooks breached its IT systems last week, and that attack isn't over yet, with the ICC saying the "cybersecurity incident" is still ongoing. In a statement shared via the site formerly known as Twitter, the Hague war crimes tribunal said it detected "anomalous activity" at the end of last week, and immediately took action "to respond to this cybersecurity incident and mitigate its impact." READ MORE...
Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks
The FBI and the cybersecurity agency CISA on Wednesday published an advisory warning critical infrastructure organizations of ongoing Snatch ransomware attacks. Active since 2018, Snatch is offered under the ransomware-as-a-service (RaaS) model, and has been targeting organizations in the United States since 2019. Since November 2021, the group has been operating a leaks site, where it threatens to publish stolen data unless a ransom is paid. READ MORE...
Regulatory pressure complicates cybersecurity for industrial equipment manufacturers
50% of companies lack a dedicated security function for control systems and devices within their organizational structure, according to Cybellum. Security incidents involving industrial organizations have seen a sharp rise in recent years, with notable cases highlighting the vulnerabilities in our interconnected world. IT-OT convergence, as well as the trend towards remote maintenance, amplify potential risks even further. READ MORE...
How companies can take control of their cybersecurity
In this Help Net Security interview, Baya Lonqueux, CEO at Reciproc-IT, discusses the evolving cybersecurity landscape and the essential skillsets needed for teams working in this field. The interview highlights the shift from technical expertise to a focus on organizational and governance skills for managing business cybersecurity risks. Lonqueux also addresses the proactive measures required to mitigate cybersecurity risks. READ MORE...
DHS council seeks to simplify cyber incident reporting rules
The Biden administration is looking to simplify the dizzying reporting requirements faced by critical infrastructure entities. he Department of Homeland Security delivered a 100-page report on Tuesday with recommendations on how to revamp the thicket of cyber incident reporting requirements faced by U.S. critical infrastructure operators. Tuesday's report found that critical infrastructure entities face a dizzying 45 active reporting requirements from 22 different federal agencies and and an additional five under consideration. READ MORE...
Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
An automotive cybersecurity study shows that critical-risk vulnerabilities have decreased in the past decade. Research-focused security services provider IOActive has conducted an analysis of car vulnerability trends over the past decade and determined that the automotive industry has been placing increasing importance on cybersecurity. The new IOActive automotive cybersecurity study (PDF) looks at vulnerabilities discovered over the last 10 years, with a focus on trends between 2016, 2018 and 2022. READ MORE...
- ...in 1866, English science fiction author H.G. Wells, ("The Time Machine", "War of the Worlds") is born in Kent, England.
- ...in 1937, J.R.R. Tolkien's fantasy novel "The Hobbit, or There and Back Again", is published.
- ...in 1942, the B-29 Superfortress, one of the largest aircraft operational during WWII, makes its maiden flight.
- ...in 1981, Sandra Day O'Connor is unanimously confirmed as the first female Supreme Court justice.