Subscribe to
CURRENT CYBER
The latest cybersecurity news, emerging threats, and events right at your fingertips.
Start Your Free TrialLoginPick Your Subscription
Choose the frequency that best meets your needs.
Need more? Let's get in touch!
Weekly Roundup
Daily Dose
Threat Highlight
DRAWING A LINK
Black Basta, a new and prolific ransomware group, has ties to one of the most notorious cybercrime rings from last decade, alleges research out today from cybersecurity firm SentinelOne. The researchers find that Black Basta deploys and maintains custom tools first connected to the Fin7 hacking group, which made its name — and its millions — stealing credit card information from high-profile companies between 2011 and 2020. That assessment shines some light on the origins of the Black Basta ransomware group, which emerged in April 2022 and quickly proved itself to be a skilled, but careful, attacker.
Past News Summaries
Water Sector
NIST is soliciting feedback on a menu of voluntary guidelines to help operators of water and wastewater systems fend off hackers. NIST will accept feedback on the effort until Dec. 19. Afterwards, it intends to release a set of cyber guidelines. The White House is simultaneously exploring ways to use existing EPA authority to require water and wastewater operators to better defend their networks, with new rules expected later this fall.
Cyber Forecast
An annual report released yesterday by Mandiant forecasts that in 2023, digital blackmail will grow, but it will become less reliant on network disruption via encryption. The report suggests that cyber extortionists have found a lucrative new market in data disclosure — where attackers threaten to release stolen information unless victims pay a substantial sum of money. Mandiant researchers believe Europe will surpass the U.S. as the most targeted region for ransomware attacks, and that “non-organized and non nation-state” hackers will become a more prominent threat.
Zero Trust
The DoD plans to release in the coming days a detailed strategy for its department-wide zero trust security strategy, DoD CIO John Sherman signed off on the strategy last Thursday. Sherman first announced this ambitious goal in August, saying that DoD planned to implement a zero trust architecture across the entire department by 2027, and promising to release a strategy in the near term on how to advance that goal.
Federal Cyber Guidance
CISA is building out a new engagement arm, called the Federal Enterprise Improvement Team, meant to help government agencies navigate cybersecurity requirements. The goal is to work with agencies to create cyber roadmaps with discrete action items using existing metrics CISA has on agencies, input from agencies themselves, and the landscape of governmentwide cyber mandates that agencies are navigating.
Ransomware
Black Basta, a new and prolific ransomware group, has ties to one of the most notorious cybercrime rings from the last decade, alleges research out today from cybersecurity firm SentinelOne. The researchers found that Black Basta deploys and maintains custom tools first connected to the Fin7 hacking group, which made its name stealing credit card information from high-profile companies between 2011 and 2020. That assessment shines some light on the origins of the Black Basta ransomware group, which emerged in April 2022.