Friday Five 11/4
Ransomware, DDoS attacks, and attacks on election infrastructure have been on the minds of security leaders and made headlines this past week. Catch up on the latest stories in this week’s Friday Five.
AMID ELECTION CONSPIRACY THEORIES, CISA SAYS THERE'S NO CREDIBLE THREAT TO VOTING EQUIPMENT BY CHRISTIAN VASQUEZ
While CISA Director Jen Easterly claims that errors and glitches are bound to happen in every election, contrary to some of the misinformation being spread online before next week’s midterm elections, she says CISA has “no information credible or specific about efforts to disrupt or compromise” election infrastructure. Read more about what Easterly is more concerned about leading up to the elections in the full story from Christian Vasquez at CyberScoop.
SUPPLY CHAIN ATTACK PUSHES OUT MALWARE TO MORE THAN 250 MEDIA WEBSITES BY ELIZABETH MONTALBANO
WHITE HOUSE SEEKS INTERNATIONAL COOPERATION TO THWART GROWING RANSOMWARE THREAT BY TONYA RILEY
The White House is convening an International Counter Ransomware Summit, which will host leaders from 36 countries and the European Union. The countries participating, which doesn’t include countries notorious for harboring cybercriminals like Russia, are in the process of finalizing a joint statement that will address how to handle said countries, along with how to bolster cyber resilience in general. The summit is going into its second year of existence following the sharp rise in ransomware following the COVID-19 pandemic. Read more about who will be presenting at the summit and what challenges lie ahead for the participating countries in the full story from CyberScoop.
US AGENCIES ISSUE GUIDANCE ON RESPONDING TO DDOS ATTACKS BY IONUT ARGHIRE
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint advisory this past week that aims to give guidance on how organizations can respond to DDoS attacks. Such attacks are said to lead to degradation of service, loss of productivity, extensive remediation costs, and reputational damage, and could even make organizations susceptible to other forms of attacks. “In a progressively interconnected world with additional post-pandemic remote connectivity requirements, maintaining the availability of business-essential external-facing resources can be challenging for even the most mature IT and incident response teams. It is impossible to completely avoid becoming a target of a DDoS attack,” the three agencies said in their statement.
RESEARCHERS UNCOVER STEALTHY TECHNIQUES USED BY CRANEFLY ESPIONAGE HACKERS BY RAVIE LAKSHMANAN
A recently discovered hacking group has been targeting employees dealing with corporate transactions using a previously undocumented malware known as Danfuan. According to researchers, the hackers are using a dropper “to install a new backdoor and other tools using the novel technique of reading commands from seemingly innocuous Internet Information Services (IIS) logs." Danfuan, along with the Geppei dropper, was first identified in May 2022 and attributed to the espionage actor known as UNC3524 or Cranefly.