Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On Feb. 23, 2022, a new wiper malware was reported publicly as affecting Ukrainian-based systems. Following a series of denial-of-service attacks and website defacements, the new destructive malware corrupts the master boot record (MBR), partition and file system of all available physical drives on Windows machines. CrowdStrike Intelligence refers to this new destructive malware as DriveSlayer, and it’s the second wiper to affect Ukraine following the recent WhisperGate.

On February 9, the U.S. Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management for investment advisers, registered investment companies, and business development companies. It's no surprise that the SEC is taking a more active role in this, given their continued interest in cybersecurity issues and high-profile ransomware attacks.

If you work in networking or security, you have probably gotten used to the acronym stew that makes up the technology industry at times. By now you have surely heard the latest buzzword and what industry analysts have coined as security service edge (SSE). SSE is essentially the consolidation of Firewall-as-a-Service (FWaaS), secure web gateway (SWG), cloud access security broker, and Zero Trust Network Access (ZTNA) delivered as a cloud service.

In January 2022, Netskope analyzed a destructive malware named WhisperGate, wiping files and corrupting disks during the aftermath of a geopolitical conflict in Ukraine. On February 24, the conflict escalated with Russian attacks in Ukraine, followed by a series of DDoS attacks against Ukrainian websites. On February 24, 2022, a new malware called HermeticWiper was found in hundreds of computers in Ukraine. HermeticWiper corrupts disks on infected systems, similar to WhisperGate.

Our diverse global Snykers are united by our core values. In addition to building a strong business, we also collectively lead with passion and empathy for each other, our customers, the communities where we live and work, and our planet as a whole. To paraphrase Dr. King, we believe that a threat to freedom or justice anywhere threatens these innate rights everywhere. Today, as the Ukrainian people are being affected directly, we are all affected indirectly.

In this episode of the Trustwave CISO Bytes Podcast, host David Bishop, Chief Information Security Officer at Trustwave, sits down with Kory Daniels, Global Director, Cyber Defense Consulting at Trustwave, to discuss the Russia and Ukraine crisis, its impact on cybersecurity, and how organizations in operational technology, critical infrastructure and beyond can harden their cyber defenses against nation-state threats.

This blog was jointly written with Santiago Cortes.

Our previous blog post on authentication security covered six most common authentication vulnerabilities. In this post, we will discuss a few best practices that help avoid authentication vulnerabilities and defeat specific attack vectors. Below are the six best practices to secure the authentication process.

Data breaches are increasing in frequency and severity. Following a data breach, most companies have protocols in place to contain the breach, assess the damage, and tighten their security to ensure the incident is not repeated. While this is a standard process for organizations to go through, would you be surprised to learn that cybercriminals do the exact same thing when their underground forums are revealed or exploited?

Almost a year since the Colonial Pipeline ransomware attack on critical infrastructure occurred, the question still looms large: not whether such an incident could happen again, but when?