With the U.S. government actively looking to counter threats to the nation's critical infrastructure entities, federal officials have lamented the lack of international cooperation in curbing ransomware threats linked to Russian actors. In a separate growing trend, another ransomware gang began to threaten victims with instant data destruction if they bring in negotiators. Meanwhile, a longitudinal study once again highlighted the threats facing on-premise databases hosted by organizations globally. With this, continue reading to learn top highlights from the cybersecurity space in the last 24 hours.
01
The FBI has said that the Russian government has taken no steps to crack down on ransomware groups as requested by U.S. President Joe Biden. It comes after REvil, the Russian-speaking gang responsible for the Kaseya supply chain attack, resurfaced online.
02
DevOps platform vendor Travis CI suffered a data breach, impacting its public repository. Further, it requested users to change passwords and authentication tokens.
03
Threat actors behind the Grief Corp ransomware challenged Recovery Company, one of its victims, that if they contacted a professional negotiator they’ll simply wipe out the data, forever.
04
A ransomware group impersonated an official from open-source painting platform Krita and attempted to make lucrative ad revenue offers to its users via email id registered on a fake domain.
05
SentinelLabs reported a campaign delivering the ZLoader banking trojan via fake Google advertisements for various software, including Discord, Zoom, TeamViewer, and Java plugins.
06
Three former U.S. intelligence officers were charged for helping the UAE government to breach the networks of systems globally, including the U.S. during their role as cyber-mercenaries in the region.
07
In a five-year-long study, Imperva discovered that around 46% of all on-premise databases across the globe are vulnerable to attack, with 56% of those vulnerabilities falling under the high severity category.
08
Microsoft announced that users will no longer have to memorize or save passwords as it plans to go passwordless for Microsoft accounts in the coming weeks.
09
Infrastructure access security startup strongDM raised $54 million in its Series B round led by Tiger Global, with other investors such as GV, Sequoia Capital, True Ventures, and others also participating.
10
Cyber risk management firm Tenable acquired cloud-native security provider Accurics for $160 million in cash.
