Featured
05/07/2024
2024 Verizon DBIR: Major Surge in Unpatched Vulnerability Exploitation Due to MOVEit, Most Breaches Involve Non-Malicious Human Error
Tom Kellermann, SVP of Cyber Strategy at Contrast Security, sees the Russia issue as the central point to address: “Ransomware groups enjoy a pax mafioso with Russian intelligence services. The cybercriminals not only enjoy protection from prosecution, but they are armed with zero days by Russian intel to sow havoc in western cyberspace thus creating a free fire zone.”
05/07/2024
2024 Verizon DBIR: Major Surge in Unpatched Vulnerability Exploitation Due to MOVEit, Most Breaches Involve Non-Malicious Human Error
Tom Kellermann, SVP of Cyber Strategy at Contrast Security, sees the Russia issue as the central point to address: “Ransomware groups enjoy a pax mafioso with Russian intelligence services. The cybercriminals not only enjoy protection from prosecution, but they are armed with zero days by Russian intel to sow havoc in western cyberspace thus creating a free fire zone.”
05/07/2024
City of Wichita Public Services Disrupted After Ransomware Attack
Tom Kellermann, senior vice president of cyber strategy at security firm Contrast Security, suggested that Russia state-sponsored actors may be behind the attacks, as they have "punitively escalated their destructive attacks against U.S. cities as revenge" for a recently passed Congressional aid package for Ukraine. However, no culprit for the attack has yet been identified.
05/02/2024
Demo: A free tool for generating an SBOM
If software were a plate of food, its “bill of materials” would let eaters know which ingredients are fresh, and which ones have reached their sell-by date.
Naomi Buckwalter, director of product security at Contrast Security, recently demo’d the company’s free tool—software composition analysis (SCA)—for generating the ingredient list known as a software bill of materials, or SBOM.
05/02/2024
Global cybersecurity agencies issue alert on threat to OT systems from pro-Russia hacktivist activity
Commenting on the fact sheet, Tom Kellermann, senior vice president of cyber strategy at Contrast Security, wrote in an emailed statement “These are not hacktivists. Rather, they are cyber militias, and their attacks are geared to poisoning the U.S. water supply. Water utilities have never been sufficiently funded for cybersecurity, and now they are on the front lines.”
He added that the U.S. government must endow cybersecurity grants to these critical infrastructures, “as we face a clear and present danger.”
05/02/2024
Pro-Russia hackers target OT weaknesses in critical infrastructure
Tom Kellermann, senior vice president of cyber strategy at Contrast Security, said those responsible for the spate of critical infrastructure attacks should not be described as “hacktivists."
“Rather, they are cyber militias, and their attacks are geared to poisoning the U.S. water supply,” he said.
“Water utilities have never been sufficiently funded for cybersecurity, and now they are on the front lines. The U.S. government must endow cybersecurity grants to these critical infrastructures, as we face a clear and present danger.”
05/02/2024
Ukrainian National Sentenced for Role in REvil Ransomware Operation
Contrast Security Senior Vice President of Cyber Strategy, Tom Kellermann, stated: “The FBI, in conjunction with Cyber Command, the Secret Service and like-minded countries, have truly engaged in significant disruptive actions against these groups. REvil was top of the list.”
04/30/2024
Change Healthcare, compromised by stolen credentials, did not have MFA turned on
“This underscores pure negligence on the part of UnitedHealth,” Tom Kellerman, SVP of cyber strategy at Contrast Security, said via email. “Negligence in cybersecurity led to systemic breaches across the U.S. healthcare industry. The long-term effects of this massive breach will be felt for years to come.”
[The story also ran in Healthcare Dive.]
04/29/2024
Cyber Spies Hit Cisco Firewalls in Zero-Day Exploits
Tom Kellermann, Contrast Security senior vice president of cyber strategy, said that cybersecurity companies are “increasingly targeted by nation states for the purposes of island hopping.” He said it’s important to “remember that all cybersecurity companies develop software and in many cases they are not rigorous with their DevSecOps. This has been a banner year for zero days and thus runtime security must be implemented to mitigate the exposure.”
04/25/2024
5 ways Runtime Security cuts through exploding software complexity
Software complexity is exploding. Modern applications and application programming interfaces (APIs) comprise hundreds of repositories, frameworks, components, platforms, containers, services and connections. The rapidly increasing use of third-party, open-source libraries and AI-generated code is aggravating the challenge.
04/24/2024
Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg
State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.
04/24/2024
People on the Move
04/23/2024
State-Sponsored Russian Hackers Linked to Breach of Texas Water Treatment Plant
Leading cybersecurity firm Mandiant believes that a notorious group of Russian hackers is behind a recent rash of attacks on water utilities in several countries, including the United States. On January 18 the group was able to induce a tank overflow at a Texas water treatment plant, and has made similar incursions in France and Poland.