Bill's Picks
This section has to do with current trends in cyber security. Our President, Bill Palisano
hand selects articles he thinks are pertinent to read and understand every few weeks. Keeping
up with this section will enable you to stay informed and current so that you never find
yourself without the tools to secure your information.
Romance Scammers’ Favorite Lies Exposed
Romance scammers tell all sorts of lies to steal your heart and money, and reports to the FTC show those lies are working. These scammers pay close attention to the information you share, and don’t miss a beat becoming your perfect match. You like a thing, so that’s their thing, too. You’re looking to settle down. They’re ready too. But there is one exception – you want to meet in real life, and they can’t. Reports show their excuse is often baked right into their fake identity…https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2023/02/romance-scammers-favorite-lies-exposed
FTC: Romance Scams Cost U.S. Victims a Total of $1.3 Billion
Seemingly repeating the previous year, the FTC’s latest report highlights that nearly 70,000 people reported being the victim of a romance scam last year. There’s a saying about some people being unlucky in love. In the case of the victims of romance scams, those folks are really unlucky! The crux of an effective scam – whether we’re talking via phishing, social engineering on the web, using social media, etc. – is to create some emotional buy-in from the victim and create a sense of urgency.https://blog.knowbe4.com/romance-scams-cost-us-victims-1.3-billion
Budgets Are Tightening in 2023: It’s Time to Streamline Security
As important as cybersecurity is to today’s organizations, it’s not immune to the gathering macro-economic storm clouds. New research reveals that in many businesses, budgets may be flatlining, or even declining. Unfortunately, the cybercrime community does not have the same budgetary constraints. It continues to collaborate, innovate, and probe for weaknesses wherever it can find them. For IT bosses, the way to cope with these twin pressures…https://blog.barracuda.com/2023/02/21/budgets-tightening-2023-streamline-security/
The WIRED Guide to Data Breaches
Not technical but you REALLY want to understand about hacking & breaches? Read this. Everything you need to know about the past, present, and future of data security—from Equifax to Yahoo—and the problem with Social Security numbers.https://www.wired.com/story/wired-guide-to-data-breaches/#:~:text=Everything%20you%20need%20to%20know,problem%20with%20Social%20Security%20numbers.&text=It%20Seems%20like%20every%20week,that%20exposes%20your%20personal%20data.
GoDaddy Fingers Hacking Campaign for 3-Year Run of Breaches
Internet domain registrar GoDaddy says it is the victim of a yearslong hacking campaign that installed malware on internal systems and obtained source code.https://www.bankinfosecurity.com/godaddy-fingers-hacking-campaign-for-3-year-run-breaches-a-21241
The Real Cost of a Major Email-Borne Attack
Don't pay these seven sanctioned Russians. During a Thursday unveiling of sanctions against seven Russian nationals for their roles in developing and managing TrickBot malware, Westminster also declared ransomware to be a tier 1 national security threat.https://blog.barracuda.com/2023/02/08/real-cost-email-attack/
Government Sanctions: No Ransomware Please, We're British
Don't pay these seven sanctioned Russians. During a Thursday unveiling of sanctions against seven Russian nationals for their roles in developing and managing TrickBot malware, Westminster also declared ransomware to be a tier 1 national security threat.https://www.bankinfosecurity.com/blogs/government-sanctions-no-ransomware-please-were-british-p-3393
TikTok car theft challenge: Hyundai, Kia fix flaw
Car manufacturer Hyundai, and its subsidiary Kia, began rolling out a free software update on February 14, 2023, to address a flaw in their anti-theft software, which was highlighted in a social media challenge. The release of the update came nine months after an uptick in car theft of the affected models in the US. Outside the US, victims in Australia also came forward.https://www.malwarebytes.com/blog/news/2023/02/tiktok-car-theft-challenge-hyundai-kia-fix-flaw
ESG Spotlights Storage Reliability, Costs & Security
According to research by the Enterprise Strategy Group (ESG), 36% of surveyed organizations received a cyber-attack on at least a monthly basis. Protection from such costly attacks needs to be reliable, economic and long term. ESG recently published a white paper that spotlights these crucial topics and how LTO-9 tape technology can help achieve the data security imperatives. Read on for an overview of highlights from the ESG white paper.https://www.lto.org/2023/02/esg-spotlights/
Cybersecurity Threat Advisory: NortonLifeLock compromised
On December 12, 2022, Norton detected an “unusually large volume” of failed login attempts to customer accounts, indicating a credential stuffing attack. By December 22, the company had completed their investigation and revealed that the attacks successfully compromised customer accounts.https://blog.barracuda.com/2023/01/24/cybersecurity-threat-advisory--nortonlifelock-compromised/?mkt_tok=MzI2LUJLQy00MzIAAAGJgykNUX-hoFCnrz_uoxLTLnQ-avmXzQApZI2mfQ4wMXvIhDtk2iRL-7bkVU0IjX26lB2z9Plg00LKibrAdPknqYef0AhgbJs_Z96lWiF1dODTvg
Experian Glitch Exposing Credit Files Lasted 47 Days
On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month.https://krebsonsecurity.com/2023/01/experian-glitch-exposing-credit-files-lasted-47-days/#:~:text=Experian%20fixed%20the%20glitch%2C%20but,and%20Dec.%2026%2C%202022
Ransomware Profits Dip as Fewer Victims Pay Extortion
Bad news for ransomware groups: Experts find that earning an extortionate crypto-locking payday is getting harder as the world fortifies against the onslaught of criminal malware. As Funding from Ransoms Goes Down, Gangs Embrace Re-Extortion, Researchers Warn. The bad guys can blame more would-be victims getting robust defenses in place, including well-rehearsed incident response plans, which make executing a successful attack harder. Also, law enforcement agencies mobilize earlier to assist victims, and by doing so they're learning better how attackers work and where they might strike next. Such intelligence is key to deterring future attacks.https://www.databreachtoday.com/blogs/ransomware-profits-dip-as-fewer-victims-pay-extortion-p-3358
How threat detection services for SMBs are continuing to evolve and improve
Small and medium-sized businesses are facing immense security challenges and these are the same as those of mid-size or larger enterprises. Clearly, SMBs need to be alert for cyberattacks, but they also need to stay focused on their business and not sacrifice productivity. Organizations are confronted with a severe security threats landscape, and it is critical that they have the ability to prevent, detect and respond to these threats in a timely manner. Hence, using a threat prevention and detection solution that doesn’t disrupt day-to-day operations while providing early warning and stopping potential threats before they escalate is essential.https://www.lastwatchdog.com/guest-essay-how-threat-detection-services-for-smbs-are-continuing-to-evolve-and-improve/
A cybersecurity year in review: Five things we learned from 2022
There are many ways to slice and dice 2022. But here are my top five standout trends – and most importantly, the takeaways that organizations can use to enhance corporate security for 2023.https://blog.barracuda.com/2022/12/28/cybersecurity-year-in-review-2022/
How cyber deception technology strengthens enterprise security
Cyber deception is a broad term for a wide variety of techniques that trick attackers into engaging with dummy digital resources, which don't serve authorized enterprise users. The sole purpose of these decoys -- which can include servers, services, networks, files, user accounts and email accounts -- is to reveal attacks in progress.https://www.techtarget.com/searchsecurity/tip/How-cyber-deception-technology-strengthens-enterprise-security
Unusual Blank-Image Phishing Attacks Impersonate DocuSign
An unusual phishing technique has surfaced this week. Avanan, a Check Point Software company, released a blog Thursday morning detailing a new attack in which hackers hide malicious content inside a blank image within an HTML attachment in phishing emails claiming to be from DocuSign.https://blog.knowbe4.com/blank-image-attacks-impersonate-docusign
Hacked Ring Cams Used to Record Swatting Victims
Two U.S. men have been charged with hacking into the Ring home security cameras of a dozen random people and then “swatting” them — falsely reporting a violent incident at the target’s address to trick local police into responding with force. Prosecutors say the duo used the compromised Ring devices to stream live video footage on social media of police raiding their targets’ homes, and to taunt authorities when they arrived.https://krebsonsecurity.com/2022/12/hacked-ring-cams-used-to-record-swatting-victims/
Inside the Next-Level Fraud Ring Scamming Billions Off Holiday Retailers
"Largest attack of its kind": A potent Southeast Asian e-commerce fraud ring has declared war on US retailers, targeting billions in goods in just the past month and forcing mules into its scheme.https://www.darkreading.com/attacks-breaches/inside-next-level-fraud-ring-scamming-billions-holiday-retailers
Hands On With Flipper Zero, the Hacker Tool Blowing Up on TikTok
Don’t be fooled by its fun name and Tamagotchi-like interface—this do-everything gadget is trouble waiting to happen and a whole lot more.https://www.wired.com/story/what-is-flipper-zero-tiktok/
CISA shares 2023-2025 cybersecurity strategy
About this time every year, cybersecurity leaders will collect their thoughts in a way that creates something akin to a strategy for the coming year. It’s always a little difficult to be precise when it comes to cybersecurity strategy because the nature of the threats faced will, as always, continue to evolve. However, the Cybersecurity and Infrastructure Security Agency (CISA) has been kind enough to publish a strategic plan for 2023 to 2025 that many cybersecurity leaders might want to simply crib.https://blog.barracuda.com/2022/12/15/cisa-shares-2023-2025-cybersecurity-strategy/
Why Security Teams Shouldn't Snooze on MFA Fatigue
Employee education, biometric and adaptive authentication, and zero trust can go a long way in strengthening security.https://www.darkreading.com/endpoint/why-security-teams-shouldn-t-snooze-on-mfa-fatigue
2022 Cyber Security Review of the Year
It’s been a year full of predictable and unpredictable incidents alike, and in this blog, we’ve compiled the most memorable stories of 2022.https://www.itgovernance.co.uk/blog/2022-cyber-security-review-of-the-year
Barracuda named a Visionary in the 2022 Gartner® Magic Quadrant™ for Network Firewalls
This is the second year Barracuda has been recognized as a Visionary in this report based on Ability to Execute and Completeness of Vision. According to Gartner, “By 2026, over 30% of the new deployments of distributed branch-office firewalls will be of firewall-as-a-service offerings, up from less than 10% in 2022.”https://blog.barracuda.com/2022/12/22/barracuda-visionary-gartner-magic-quarant-network-firewalls/
The State of Cyber Insurance 2022 [Research]
3 Topline Findings on the State of Cyber Insurance: Only 55% of respondents currently have cyber insurance. Of those with insurance, over one-third (37%) aren’t covered for ransomware payments. Of those with ransomware payment coverage, only 19% of all businesses surveyed have limits greater than the median 2021 ransomware demand of $600,000. That number drops to 14% for SMBs with fewer than 1,500 employees.https://blogs.blackberry.com/en/2022/11/the-state-of-cyber-insurance-2022-research
Australia Faces Consequences of Standing Up to Ransomware
The stark consequences of not paying a ransom to a gang of cyber extortionists became painfully clear in Australia this week. On Tuesday, a ransomware group began releasing some of the data it stole from the systems of Medibank, one of Australia’s largest health insurers. The day before, Medibank publicly announced it would not pay a ransom. That has led some to question whether it might have been worth paying the ransom and whether the Medibank incident should not have been used to make a point to the cybercriminal world. Paying, however, would contradict Australian government advice.https://www.bankinfosecurity.com/blogs/australia-faces-consequences-standing-up-to-ransomware-p-3312
‘Dark Ships’ Emerge From the Shadows of the Nord Stream Mystery
THE FIRST GAS leaks on the Nord Stream 2 pipeline in the Baltic Sea were detected in the early hours of September 26, pouring up to 400,000 tons of methane into the atmosphere. Officials immediately suspected sabotage of the international pipeline. New analysis seen by WIRED shows that two large ships, with their trackers off, appeared around the leak sites in the days immediately before they were detected.https://www.wired.com/story/nord-stream-pipeline-explosion-dark-ships/
Phishing-Resistant MFA Does Not Mean Un-Phishable
Human societies have a bad habit of taking a specific, limited-in-scope fact and turning it into an overly broad generalization that gets incorrectly believed and perpetuated as if it were as comprehensively accurate as the original, more-limited fact it was based on. Anything can be hacked. Do not confuse “phishing-resistant” with being impossible to phish or socially engineer.https://www.linkedin.com/pulse/phishing-resistant-mfa-does-mean-un-phishable-roger-grimes/
Researchers warn of malicious packages on PyPI using steganography
CheckPoint researchers discovered a malicious package, named ‘apicolor,’ on the Python Package Index (PyPI) that uses steganographic to hide malware within image files. The package was uploaded to PyPI on October 31, 2022, it had a vague header stating this is a ‘core lib for REST API’. The analysis of the package installation script revealed a code section at the beginning. It starts by manually installing extra requirements, then it downloads an image (“8F4D2uF.png”) hosted on Imgur and uses the newly installed package, called judyb, to process the picture and trigger the processing generated output using the exec command.https://securityaffairs.co/wordpress/138342/security/malicious-package-pypi-steganography.html
5 unstructured data backup challenges and how to handle them
Backup admins who have worked with structured data won't find unstructured data completely unrecognizable. As with any kind of data backup, unstructured data must be accessible, secure and stored where it is suitably protected from unauthorized activities that could damage it. Technologies that typically back up structured data also work on unstructured data. These can include NAS, cloud, disk, flash and even tape. However, there are some challenges to watch out for with unstructured data.https://www.techtarget.com/searchdatabackup/tip/5-unstructured-data-backup-challenges-and-how-to-handle-them
New open-source tool scans public AWS S3 buckets for secrets
A new open-source 'S3crets Scanner' scanner allows researchers and red-teamers to search for 'secrets' mistakenly stored in publicly exposed or company's Amazon AWS S3 storage buckets. Amazon S3 (Simple Storage Service) is a cloud storage service commonly used by companies to store software, services, and data in containers known as buckets. Unfortunately, companies sometimes fail to properly secure their S3 buckets and thus publicly expose stored data to the Internet.https://www.bleepingcomputer.com/news/security/new-open-source-tool-scans-public-aws-s3-buckets-for-secrets/
Preparing for the worst: How some CIOs are using tabletop games to simulate ransomware attacks
The recent ransomware attack on Chicago-based CommonSpirit Health that shut down EHRs and canceled appointments brought new attention to the damage ransomware can have on health systems and raised questions about how to stop attacks. Most ransomware preparation revolves around stopping ransomware attacks before they happen. While training staff to avoid clicking on unknown links, implementing multifactor authentication and creating strong passwords is worthwhile, tabletop games allow CIOs to prepare for the worst in a controlled environment. Aaron Weismann, chief information security officer at Radnor Township, Pa.-based Main Line Health, has been running tabletop ransomware exercises since 2020.https://www.beckershospitalreview.com/cybersecurity/preparing-for-the-worst-how-some-cios-are-using-tabletop-games-to-simulate-ransomware-attacks.html
Stress Is Driving Cybersecurity Professionals to Rethink Roles
Burnout has led one-third of cybersecurity staffers to consider changing jobs over the next two years, potentially further deepening the talent shortage, research shows. The stress and strain of cyberattacks on the staff tasked with protecting businesses is driving droves of desperately needed security practitioners to rethink their roles. New research from Mimecast reveals a huge mental health toll being exacted from cybersecurity professionals with every ransomware, data theft, or other cybersecurity incident. More than half (54%) of those surveyed told researchers ransomware attacks have put a strain on their mental health, while a full 56% say their job gets harder with each passing year.https://www.darkreading.com/careers-and-people/stress-driving-cybersecurity-professionals-rethink-roles
Transacting in Person with Strangers from the Internet
Communities like Craigslist, OfferUp, Facebook Marketplace and others are great for finding low- or no-cost stuff that one can pick up directly from a nearby seller, and for getting rid of useful things that don’t deserve to end up in a landfill. But when dealing with strangers from the Internet, there is always a risk that the person you’ve agreed to meet has other intentions.https://krebsonsecurity.com/2022/09/transacting-in-person-with-strangers-from-the-internet/
Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn
Communities like Craigslist, OfferUp, Facebook Marketplace and others are great for finding low- or no-cost stuff that one can pick up directly from a nearby seller, and for getting rid of useful things that don’t deserve to end up in a landfill. But when dealing with strangers from the Internet, there is always a risk that the person you’ve agreed to meet has other intentions.https://krebsonsecurity.com/2022/10/battle-with-bots-prompts-mass-purge-of-amazon-apple-employee-accounts-on-linkedin/
In an Effort to Hire IT Experts, a Group of Hackers Creates a Fake Corporation
A financially motivated Russian hacking group, FIN7, has set up a fake company to unwittingly trick IT specialists into helping it further expand into ransomware, security researchers have discovered. According to researchers in Recorded Future’s Gemini Advisory Unit, FIN7 — known for hacking into point-of-sale registers and stealing more than $1 billion from him from millions of credit cards — is now disguised as Bastion Secure are active public sector cybersecurity services.https://krebsonsecurity.com/2022/10/battle-with-bots-prompts-mass-purge-of-amazon-apple-employee-accounts-on-linkedin/
Cybersecurity researchers warn of a new PowerShell backdoor that disguises itself as part of the Windows update process to avoid detection.
Cybersecurity researchers warn of a new PowerShell backdoor that disguises itself as part of the Cybersecurity researchers from SafeBreach a warning of a new PowerShell backdoor masqueraded as a Windows update process to avoid detection. The backdoor spreads via weaponized Word documents (“Apply Form.docm.”) posing as a LinkedIn-based job application. The malicious document was uploaded from Jordan on August 25, 2022.https://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html
6 Ways to Prevent Privilege Escalation Attacks
Privileges dictate the access a user or device gets on a network. Hackers who access these privileges can create tremendous damage. But there are ways to keep your networks safe.https://www.techtarget.com/searchsecurity/tip/6-ways-to-prevent-privilege-escalation-attacks
What Happens Behind the Scenes during a Hospital Ransomware Attack
The healthcare industry is under attack. One of the nation's largest health systems, Chicago-based CommonSpirit Health, has been dealing with a ransomware incident that has led to EHR outages and canceled appointments at its hospitals around the nation. Some facilities are just now starting to get their systems back online. While the hospital chain has released few specifics about the attack that began in early October, cybersecurity experts told Becker's what goes on behind the scenes at one of these events.https://www.beckershospitalreview.com/cybersecurity/what-happens-behind-the-scenes-during-a-hospital-ransomware-attack.html
Ransomware Insurance Security Strategies
Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how to improve your ransomware prevention strategy to reduce cyber risk and meet insurance requirements.https://www.trendmicro.com/en_us/ciso/22/j/ransomware-insurance-security-strategies.html
LTO Program Looks to Surpass 1.4 PB per Tape
The LTO Program, which includes representatives from IBM, HPE and Quantum Corp., has developed a plan for the LTO Ultrium format for 14 generations, doubling in capacity with each new generation. LTO-14 will deliver a compressed capacity of 1.44 PB and an uncompressed or native capacity of 576 TB per tape cartridge.https://www.techtarget.com/searchdatabackup/news/252525509/LTO-Program-looks-to-surpass-14-PB-per-tape
Colonial Pipeline Ransomware Group Using New Tactics To Become More Dangerous
Dubbed Coreid, the group has adopted a new version of its data exfiltration tool and is offering more advanced capabilities to profitable affiliates, says Symantec. The ransomware known as Darkside gained a level of infamy in May of 2021 when it was used in a devastating attack against Colonial Pipeline, a company responsible for delivering oil and gas across the East Coast. Now the cybercriminals behind Darkside are using new ransomware with new tools and tactics that make them even more of a threat.https://technewsboy.com/colonial-pipeline-ransomware-group-using-new-tactics-to-become-more-dangerous/
2022 CWE Top 25 Most Dangerous Software Weaknesses
Welcome to the 2022 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list (CWE™ Top 25). This list demonstrates the currently most common and impactful software weaknesses. Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal data, or prevent applications from working…https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html
Nation-state malware could become a commodity on dark web soon, Interpol warns
“That is a major concern in the physical world — weapons that are used on the battlefield and tomorrow will be used by organized crime groups,” said Jurgen Stock, the Interpol secretary general during a CNBC-moderated panel at the World Economic Forum in Davos, Switzerland, Monday…https://securityaffairs.co/wordpress/131618/cyber-crime/nation-state-malware-dark-web.html
U.S. DoD tricked into paying $23.5 million to phishing actor
The U.S. Department of Justice (DoJ) has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense (DoD). The fraudster managed to divert to his personal bank account DoD funds destined for a jet fuel supplier…https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/
What do Amazon, Microsoft, Meta, and IBM Have in Common? Tape Storage!
The annual Fujifilm Recording Media USA (FRMA) Conference in San Diego in late June, 2022 brought together many of the biggest names in IT and cloud storage. What did they all have in common? Heavy usage of tape storage and tape archiving. “Adding disk to deal with the data explosion makes sense in the short term, but tape is needed at a strategic level due to the volume of data that needs to be moved, stored, and archived securely and cost-effectively,” said Rich Gadomski, Tape Evangelist at FRMA, who emceed the event…https://www.cioinsight.com/news-trends/tape-storage-amazon-microsoft-meta-ibm/
Why getting endpoint security right is crucial
Most organizations are behind on hardening their endpoints with zero trust, enabling cyberattackers to use malicious scripts and PowerShell attacks to bypass endpoint security controls. The problem is becoming so severe that on May 17, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert titled, “Weak Security Controls and Practices Routinely Exploited for Initial Access” (AA22-137A)…https://venturebeat.com/security/why-getting-endpoint-security-right-is-crucial/
Ransomware, email compromise are top security threats, but deepfakes increase
While ransomware and business email compromise are leading causes of cybersecurity threats, geopolitics and deepfakes play an increasing role, according to reports from VMware and Palo Alto…https://www.csoonline.com/article/3669476/ransomware-email-compromise-are-top-security-threats-but-deepfakes-increase.html
Is Your Data Hot or Cold?
Did you know that your data has a temperature? It’s true. However, that temperature has nothing to do with Fahrenheit or Celsius, or even how healthy your data is. The “temperature” of your data refers to two things: How soon after the data is created it is used, transformed, or processed, and How it’s stored. Why is this important? Read on:https://technative.io/is-your-data-hot-or-cold/
RTF shares defense blueprint for ransomware
Ransomware Task Force as part of an effort to improve cybersecurity with small to medium enterprises has published a Blueprint for Ransomware Defense framework that is based on controls defined by the Center for Internet Security. (CIS). The principal goal of the effort is to make it easier for organizations that have limited resources to at least have a base level standard for attaining and maintaining information security.https://blog.barracuda.com/2022/08/15/rtf-shares-defense-blueprint-for-ransomware/
IDaaS, Zero Trust, and security-in-depth
In our previous blogs, we looked at how remote access has evolved and how identity-as-a-service (IDaaS) solutions have stepped in to fill the security void that was inherent when an increasing population of remote users was accessing corporate workloads. Now, let’s look at how you can develop a security-in-depth framework that will satisfy your security needs without locking you into directory-based solutions.https://blog.barracuda.com/2022/08/16/idaas-zero-trust-and-security-in-depth/
Google blocked the largest Layer 7 DDoS reported to date
Google announced to have blocked the largest ever HTTPs DDoS attack, which reached 46 million requests per second (RPS).https://securityaffairs.co/wordpress/134542/hacking/google-blocked-largest-ever-https-ddos.html
Windows 11 is getting a new security setting to block ransomware attacks
Microsoft releases a new default policy to thwart credential attacks, which is also heading to Windows 10.https://www.zdnet.com/article/windows-11-is-getting-a-new-security-setting-to-block-ransomware-attacks/
Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor authentication (MFA) set up to protect the accounts.https://www.helpnetsecurity.com/2022/07/13/office-365-phishing-mfa/
No More Ransom Has Helped Over 1.5m Victims
The No More Ransom project celebrated its sixth birthday this week with a reminder of how far the initiative has come and the scale of its achievements over that time. It claimed to have helped over 1.5 million victims to successfully decrypt their devices without resorting to pay their extorters. No More Ransom now offers 136 free tools for 165 ransomware variants, including Gandcrab, REvil/Sodinokibi, Maze/Egregor/Sekhmet and many more.https://www.darkreading.com/attacks-breaches/no-more-ransom-helped-more-than-1-5-million-people-decrypt-their-devices
Poor Training and Communications Hindering Cybersecurity Efforts
Three in four companies in the UK and US have experienced a security incident in the last year, said the report… Poor cybersecurity awareness programs and internal communications are primarily to blame… Part of the problem is that employees don’t understand their role in protecting the company… While 85% of employees participate in security awareness programs, almost two-thirds (64%) don’t pay full attention during the training. In addition, over a third (36%) consider the security training boring, the report found.https://www.infosecurity-magazine.com/news/training-comms-cybersecurity/
Managing a LOT of Data? Learn How the Large Hadron Collider manages the 180 PB of Raw Data it’ll create this year alone!
Stratospheric amounts of data are being created by the Large Hadron Collider, which sits about 100 meters below the French and Swiss border… “The [CERN] IT department expects up to 180 PB of data to be added in 2022. CERN can cope with that quantity of information courtesy of a sophisticated tape-disk-SSD architecture.” In practice, this means that the results and raw data from all of CERN’s experiments are carefully archived to tape, from where they can be easily copied to disk and SSD as required by applications.https://www.lto.org/2022/07/to-infinity-and-beyond-with-lto-9-technology/
Update Google Chrome now! New version includes 11 important security patches
The latest Google Chrome update includes 11 security fixes, some of which could be exploited by an attacker to take control of an affected system.https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/07/update-google-chrome-now-new-version-includes-important-security-patches/
JUSTICE DEPARTMENT SEIZES $500K FROM NORTH KOREAN RANSOMWARE GROUP
The Department of Justice (DoJ) on Tuesday said it disrupted the activities of a North Korean state-sponsored group, … and seized $500,000 from the actors in May… These seized funds included ransom payments made by two healthcare providers… A medical center in Kansas paid a ransom of $100,000 in Bitcoin to attackers. After the unnamed Kansas-based medical center reported the incident to the FBI, U.S. authorities were able to identify the ransomware family and trace the cryptocurrency back to China-based money launderers… In April 2022, the FBI became aware that a medical provider in Colorado was hit… after a $120,000 Bitcoin ransom payment was made into one of the seized cryptocurrency accounts. The ransom payments recovered by law enforcement will be returned to the victims.https://duo.com/decipher/justice-department-disrupts-north-korean-ransomware-group
SECOND-HAND TAPES – WHAT SHOULD YOU KNOW?
In today’s IT climate there is strong pressure to do more with less as storage managers look for ways to secure data economically. When it comes to tape stored data, does it make sense to cut corners with used media?https://www.lto.org/2022/07/second-hand-tapes-what-should-you-know/
Attackers scan 1.6 million WordPress sites for vulnerable plugin
Security researchers have detected a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin that allows uploading files without authentication… The vulnerability would allow an unauthenticated attacker to inject malicious Javascript to sites using any version of the plugin and perform actions like uploading and deleting files, which could lead to complete takeover of the site.https://www.bleepingcomputer.com/news/security/attackers-scan-16-million-wordpress-sites-for-vulnerable-plugin/
New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials
A recent wave of social media phishing schemes doubles down on aggressive scare tactics with phony account-abuse accusations to coerce victims into handing over their login details.https://www.darkreading.com/remote-workforce/new-wave-phishing-attacks-shame-scare-victims-into-surrendering-twitter-discord-credentials
FBI and MI5 Bosses Warn of “Massive” China Threat
“Good afternoon everyone… It’s a pleasure to welcome you all. I’m Ken McCallum, Director General of MI5; this is my friend and colleague Chris Wray, Director of the FBI… Our two organisations… have long been closely partnered… our teams work tirelessly together every day to keep our two nations, and our allies, safe. But today is the first time the Heads of the FBI and MI5 have shared a public platform… We’re doing so to send the clearest signal we can on a massive shared challenge: China.”https://www.mi5.gov.uk/news/speech-by-mi5-and-fbi
FBI Report: Business Email Compromise = biggest money-maker for criminals
Cybercrime cases reported to the FBI last year racked up nearly $7bn in losses in 2021, with business email compromise (BEC) still by far the biggest money-maker for criminals.https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
Corporate Network Access Selling for Under $1000 on Dark Web
Specialist hackers are selling access to enterprise networks for under $1000, thanks in part to a cybercrime underground flooded with compromised credentials. Kaspersky’s analysis of the initial access broker (IAB) market revealed that the average cost for access to a large company’s systems sits between $2000 and $4000. However, this can vary significantly depending on the target organization’s revenue, sector, region and type of access offered.https://securelist.com/initial-access-data-price-on-the-dark-web/106740/
Phishing Hits All-Time High in Q1 2022
The first quarter of 2022 saw phishing attacks hit a record high, topping one million for the first time, according to data from the Anti Phishing Working Group (APWG).https://apwg.org/trendsreports/
WordPress Updates More Than a Million Sites to Fix Critical Ninja Forms Vulnerability
Content management system (CMS) provider WordPress has forcibly updated over a million sites to patch a critical vulnerability affecting the Ninja Forms plugin.https://www.wordfence.com/blog/2022/06/psa-critical-vulnerability-patched-in-ninja-forms-wordpress-plugin/
FBI Report: Business Email Compromise = biggest money-maker for criminals.
Cybercrime cases reported to the FBI last year racked up nearly $7bn in losses in 2021, with business email compromise (BEC) still by far the biggest money-maker for criminals.https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
Cyber-Attack Surface "Spiralling Out of Control"
Global organizations are still beset with cyber visibility and control challenges, with two-fifths (43%) admitting their digital attack surface is out of control as a result, according to new Trend Micro researchhttps://www.trendmicro.com/explore/trend_global_risk_research_2/the-challenge-of-man
Got hit by a cyberattack? Hackers will probably come after you again - within a year
According to research by cybersecurity company Cymulate, 39% of companies were hit by cybercrime over the past 12 months – and of those, two-thirds were hit more than once. Of those hit more than once, one in 10 fell victim to further cyberattacks 10 or more times.https://www.zdnet.com/article/got-hit-by-a-cyber-attack-hackers-will-probably-come-after-you-again-within-a-year/
It Doesn't Pay to Pay: Study Finds Eighty Percent of Ransomware Victims Attacked Again
A new study finds that 80% of companies that paid a ransom were hit a second time, with 40% paying again. Seventy percent of these paid a higher amount the second time round.https://www.securityweek.com/it-doesnt-pay-pay-study-finds-eighty-percent-ransomware-victims-attacked-again
Ransomware could target OneDrive and SharePoint files by abusing versioning configurations
Researchers warn that documents hosted in the cloud might not be out of reach for ransomware actors and that while they're harder to permanently encrypt due to the automated backup features of cloud service, there are still ways to make life hard for organizations.https://www.csoonline.com/article/3664332/ransomware-could-target-onedrive-and-sharepoint-files-by-abusing-versioning-configurations.html
Tape Storage Shipments Increase 40% in 2021
Far from being abandoned, shipments for tape-based storage media soared 40% in 2021, achieving an impressive 148 Exabytes (155 million TB) of total storage space sent to clients, according to tape providers like IBM, HPE and Quantum…https://www.tomshardware.com/news/a-taped-revival-tape-storage-shipments-increase-40-in-2021
Biden signs cyber incident reporting bill into law
The medical sector has had the second highest number of data breaches of any industry for more than five years. This became increasingly noticeable in 2019 alone, when the industry experienced 525 data breaches, up from 369 the year before. The COVID-19 pandemic only worsened this issue. The last two years saw more than 870 data breaches affecting 500 or more patients’ health information. Cybersecurity budgets in this sector need to be bigger.https://therecord.media/biden-signs-cyber-incident-reporting-bill-into-law/
Healthcare Providers Need to Increase Budgets for Cybersecurity
The medical sector has had the second highest number of data breaches of any industry for more than five years. This became increasingly noticeable in 2019 alone, when the industry experienced 525 data breaches, up from 369 the year before. The COVID-19 pandemic only worsened this issue. The last two years saw more than 870 data breaches affecting 500 or more patients’ health information. Cybersecurity budgets in this sector need to be bigger.https://www.tripwire.com/state-of-security/healthcare/healthcare-providers-need-to-increase-budgets-for-cybersecurity/
Report Shows Appalling State of Employee Awareness of Common Cyber Security Risks
The cybersecurity awareness training firm KnowBe4 released its 2021 State of Privacy and Security Awareness Report detailing the appalling state of employee awareness and practices… According to the KnowBe4 employee awareness report, about a quarter (24%) of workers believe that clicking on suspicious links or attachments carries little or no risk… employees who trained once per month were 34% less likely to click on suspicious links or attachments compared to those who received training no more than twice a year. Similarly, they are 26% more likely to believe that password reuse is risky.https://www.cpomagazine.com/cyber-security/report-shows-appalling-state-of-employee-awareness-of-common-cyber-security-risks/
The most dangerous phish in the sea
Exposing users to the latest social engineering attacks is a key feature of any security awareness training program. Barracuda Security Awareness Training has been tracking the click-rate data related to… simulation templates for years. A clear trend has emerged among users from a variety of industries: Emails that impersonate internal departments or applications are the most likely to bait user interaction.https://blog.barracuda.com/2022/05/12/the-most-dangerous-phish-in-the-sea/
UNSTRUCTURED DATA IS TAKING OVER THE DATA CENTER...HELP!!!
Object based storage is an architecture that is designed to manage huge amounts of data, in particular, unstructured data like emails, photos, videos, web info, sensor transmitted data and so much more. By 2025, IDC predicts the Storage Sphere will swell to about 7.5 zettabytes of data annually that must be stored and managed, 80 to 90% of it will be unstructured data and about 60% will be cold or dark data.https://www.lto.org/2022/05/unstructured-data-is-taking-over-the-data-center/
Messages Sent Through Zoom Can Expose People to Cyber-Attack
Zoom, the videoconferencing platform that has become a staple for connection and communication since the onset of COVID-19, has revealed four recent security vulnerabilities. The vulnerabilities could be exploited to compromise users over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and executing malicious code.https://www.infosecurity-magazine.com/news/messages-zoom-expose-cyberattack/
How to Design an Effective Cybersecurity Awareness Training Program for SMB Employees
Understandably, small and medium-sized businesses (SMBs) have difficulty prioritizing cybersecurity. They are often concerned with more vital things, like making payroll or keeping the company afloat. But here’s the thing: your organization has a high chance of being targeted by online criminals. SMBs are more likely to be targeted by cyber-criminals than large enterprises because they often have weaker security measures. Additionally, their data is just as attractive to hackers as larger companies, if not more so.https://www.infosecurity-magazine.com/next-gen-infosec/cybersecurity-awareness-smb/
68% of Legal Sector Data Breaches Caused by Insider Threats
More than two-thirds (68%) of data breaches at UK law firms are caused by insiders, according to official figures from the Information Commissioner’s Office (ICO). ICO Data focused on Q3 2021 was analyzed by NetDocuments. It found that just 32% of breaches in this sector were caused by outside threats, such as external malicious actors. The dominance of insider breaches during this period is believed to be linked to the ‘great resignation,’ whereby workers are changing jobs at an unprecedented rate amid the COVID-19 pandemic. In industries like law, there is the danger of staff taking company data with them as they leave their roles.https://www.infosecurity-magazine.com/news/data-breaches-insider-threats-legal/
Zero Trust adoption simplified
The way people work is already changed, and the pandemic has served as a catalyst for a more distributed workforce than ever. Some companies announced that they will stay remote or hybrid permanently. In addition to this, companies are moving their on-premises applications to the cloud, and even more of them are becoming SaaS applications. Establishing trusted access for networks, apps, devices, and users has become a significant security problem due to rapid technological changes and the evolution of work.https://blog.barracuda.com/2022/05/17/zero-trust-adoption-simplified/
Below the Surface: Destructive malware and other threats to watch
On the next episode of Below the Surface, our LinkedIn Live show, host Anastasia Hurley will be talking with Barracuda CTO Fleming Shi and Mahendra Pruitt, an endpoint security engineer from Barracuda MSP, about destructive malware and other threats the Barracuda team has been monitoring that you need to be aware of.https://blog.barracuda.com/2022/05/05/below-the-surface-destructive-malware-and-other-threats-to-watch/
LTO TAPE CAPACITY SHIPMENTS REACH NEW RECORD IN 2021
SILICON VALLEY, CALIF. – (April 19, 2022) – The LTO Program Technology Provider Companies (TPCs), Hewlett Packard Enterprise Company, IBM Corporation and Quantum Corporation, today released their annual tape media shipment report. With a growth rate of 40%, this strong performance in shipments continues following the previous record-breaking capacity shipped in 2019. In 2021, LTO tape capacity shipments achieved the largest increase since 2006!!!https://www.lto.org/2022/04/lto-tape-capacity-shipments-reach-new-record-in-2021/
LinkedIn Becomes the Most Impersonated Brand for Phishing Attacks
LinkedIn has become by far the most impersonated brand for phishing attacks, according to new research by Check Point Research (CPR). The cybersecurity vendor’s 2022 Q1 Brand Phishing Report revealed that phishing attacks impersonating the professional social networking site made up over half (52%) of all attempts globally in the first quarter of 2022. This represents a 44% increase compared to the previous quarter, Q4 2021, when LinkedIn was the fifth most impersonated brand.https://www.infosecurity-magazine.com/news/linkedin-impersonated-brand/
The three email threat types that are hardest for users to detect
There’s a question that all organizations need to be asking themselves when it comes to securing their email security posture: Do my users know how to distinguish between a legitimate email and an email threat?https://blog.barracuda.com/2022/04/26/the-three-email-threat-types-that-are-hardest-for-users-to-detect/
US Offers $10m for Russian NotPetya Sandworm Team
The US authorities are offering a multimillion-dollar reward for anyone with information that could identify or locate six members of a notorious Russian state hacking group responsible for NotPetya. The Department of State’s Rewards for Justice (RFJ) program has pledged up to $10m for information on six officers of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).https://www.infosecurity-magazine.com/news/us-10m-russian-notpetya-sandworm/
For effective incident response, use a remediation checklist
Email occupies a precarious place in our lives today, being both completely necessary and totally hazardous. Security practitioners know that there’s no email security technology that’s 100% effective at preventing email attacks — a targeted attack will inevitably make its way into a recipient’s inbox. Of course, an effective email security architecture will go a long way in keeping successful attacks to a minimum. Still, for those that are missed, it’s crucial to have a strategy to stop the spread, minimize the damage, and reinforce prevention and detection methods.https://blog.barracuda.com/2022/04/14/for-effective-incident-response-use-a-remediation-checklist/
It’s Not Fair, But Cyber Crime Is Cheap!
How cheap? You can buy ransomware for as little as $66, or hire a threat actor for $250. And if you look hard enough, you can even get a phishing kit for free on underground forums. Although these illicit methods may not be expensive, the damage they inflict can be substantial.https://securityintelligence.com/articles/cyber-crime-cheap/
Conflict in Ukraine might ultimately strengthen cybersecurity
This fascinating article touches on how closely Russia’s Federal Security Service (FSB) works WITH ransomware gangs:https://blog.barracuda.com/2022/03/21/conflict-in-ukraine-might-ultimately-strengthen-cybersecurity/
Lessons on tax scams from the IRS Dirty Dozen over the years
Each year the IRS publishes its ‘dirty dozen' — a list of the top 12 tax scams to watch for during the tax season and throughout the year. The IRS Dirty Dozen is current with the release of the 2021 list last summer:https://blog.barracuda.com/2022/03/10/lessons-on-tax-scams-from-the-irs-dirty-dozen-over-the-years/
It’s time to attack your ransomware recovery strategy
Backup solutions (are) being targeted by malware to prevent recovery. Which means organizations have to assume that local snapshots or backups have been compromised by an attack. Going beyond the backup focused 3-2-1 rule and including replication technology will be critical in helping organizations recover quickly and minimize the threat of ransomware attacks.https://www.techradar.com/features/its-time-to-attack-your-ransomware-recovery-strategy
Hacked US Companies Must Report to Government Under New Law
AP wrote that the new rules require companies considered part of the nation’s critical infrastructure, including finance, transportation and energy, to report any “substantial cyber incident” within three days, and any ransomware payment they make within one day, to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. https://www.pymnts.com/news/security-and-risk/2022/hacked-us-companies-must-report-to-government-under-new-law/
Russia Uses Deepfake of Zelensky to Spread Disinformation
This is the FIRST TIME Artificial Intelligence/Deep Fake Technology has been used to spread misinformation during an active war! “…The incident marks the first time deepfakes have been used to spread uncertainty and disinformation among the populace in a kinetic war. However, experts have warned for several years that the technology is becoming more accurate and affordable.” https://www.infosecurity-magazine.com/news/russia-uses-deepfake-zelensky/hacked-us-companies-must-report-to-government-under-new-law/
Proactive Defense Strategies Provide the Best Chance to Defeat Ransomware
Here’s a GREAT Executive Report based on study by IDC Research. Concise, to the point and hard core facts .https://www.lto.org/wp-content/uploads/2022/01/Proactive-Defense-Strategies-Provide-the-Best-Chance-to-Defeat-Ransomware.pdf
Five cybersecurity trends we’ll see in 2022
Suddenly, “once-in-a-decade” breaches of the past are now happening monthly, with a laundry list of companies falling victim. This proliferation of cyber-attacks has catapulted the zero-trust security framework into the limelight. Zero trust is no longer a security aspiration: today, it’s a security mandate, in which all users are vetted each time they request access to a company’s online assets.https://ventureburn.com/2022/01/five-cybersecurity-trends-well-see-in-2022/
So Much Data – So What Do We Do With It?
Most of the data we create is rarely accessed but much of it must be stored for analytical purposes to stay competitive in the global commerce. How do we deal with petabytes or even exabytes of data economically, securely and accessibly? The answer just might be an active archive with help from LTO Technology. What exactly is an active archive?https://www.lto.org/2022/01/so-much-data-so-how-do-we-deal-with-it/
Ransomware victims are paying up. But then the gangs are coming back for more
Cybersecurity experts warn against paying ransoms - this is why. According to analysis by cybersecurity researchers at Proofpoint, 58% of organisations infected with ransomware paid a ransom to cyber criminals for the decryption key – and in many cases, they paid up more than once.https://www.zdnet.com/article/ransomware-victims-are-paying-up-but-the-crooks-are-coming-back-for-more/
W-2 scams: How to defend against this annual threat
Email January 15, 2022. From: Sandy’s boss, the CFO To: Sandy, the Payroll Administrator Hey Sandy, please send me all the W-2s for Marketing personnel. I just need to check for a possible issue. Thanks! -Your boss” Don’t do it, Sandy.https://blog.barracuda.com/2022/02/17/w-2-scams-how-to-defend-against-this-annual-threat/
CISA LAUNCHES NEW CATALOG OF FREE PUBLIC AND PRIVATE SECTOR CYBERSECURITY SERVICES
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) published the “Free Cybersecurity Services and Tools” webpage intended to be a one-stop resource where organizations of all sizes can find free public and private sector resources to reduce their cybersecurity risk. The catalog published today is a starting point. Going forward, CISA will incorporate other free services into the catalog.https://www.cisa.gov/news/2022/02/18/cisa-launches-new-catalog-free-public-and-private-sector-cybersecurity-services
How email threats are evolving
How email attacks evolved from volumetric attacks to social engineering and other sophisticated attacks.https://blog.barracuda.com/2022/02/14/how-email-threats-are-evolving/
This is the year to build a cybersecurity culture
The cumulative effect of the massive wave of attacks will lead to significant improvements to cybersecurity culture in 2022, predicts Dr. Keri Pearlson, executive director of the Cybersecurity at MIT Sloan, an interdisciplinary consortium for improving critical infrastructure cybersecurity at the MIT Sloan School of Management.https://blog.barracuda.com/2022/01/31/this-is-the-year-to-build-a-cybersecurity-culture/
Social Engineering of Cheektowaga Eye Doctor leads the theft of $12 Million
Although this story focuses mainly on legality of Crypto Currencies – the root cause was the doctor was tricked into giving his credentials to cyber thieves. This is why Security Awareness Training is an ABSOLUTE MUST!https://buffalonews.com/news/local/a-12m-theft-from-cheektowaga-eye-doctor-raises-question-is-cryptocurrency-legal-tender/article_9048f82c-885e-11ec-a9d8-772bb98d0968.html
White House confirms person behind Colonial Pipeline ransomware attack nabbed during Russian REvil raid.
Russian officials arrested 14 alleged members of the REvil ransomware group on Friday.https://www.zdnet.com/article/white-house-says-person-behind-colonial-pipeline-ransomware-attack-nabbed-during-russian-raid/
SURVEY SAYS: YOU CAN DEFEND AGAINST RANSOMWARE
In this NewsBytes edition, we’re sharing the results from a unique data security survey conducted by the LTO Program. The goal was to find out what concerns IT managers have when it comes to ransomware – and what actions they are taking to defend against cyberattack.https://www.lto.org/newsbytes-winter-2021/
CISA releases Insider Risk Mitigation Self-Assessment Tool
The US CISA has released a new tool that allows to assess the level of exposure of organizations to insider threats and devise their own defense plans against such risks.https://securityaffairs.co/wordpress/122762/security/cisa-insider-risk-mitigation-self-assessment-tool.html
How legitimate websites are used to spread ransomware
Supply chain attacks surged in 2021, as cybercriminals continued to find new ways to exploit the digital networks of the world. The rapid shift to hybrid work and school, the increase in smart devices, and the urgent expansion of health sector and vaccine networks created new opportunities for hacking gangs. Ransomware-as-a-service and advances in malware and ransomware capabilities have also made it easier for new criminals to launch sophisticated attacks.https://blog.barracuda.com/2022/01/05/how-legitimate-websites-are-used-to-spread-ransomware/
SE Labs recognizes Barracuda as “Best Email Security Service"
In their Advanced Email Security test, SE Labs carried out extensive testing of top email security providers and their ability to detect various threat types, including phishing, social engineering, business email compromise, and scamming. The testing used both examples of attacks found in the wild and targeted attacks their team created in the lab.https://blog.barracuda.com/2021/12/06/se-labs-recognizes-barracuda-as-best-email-security-service/
Below the Surface: Log4j attack trends
The next episode of Below the Surface, our LinkedIn Live show, will be streaming on Monday, and it’s can’t-miss viewing for anyone interested in learning more about the log4j vulnerability. Hosts Darshna Kamini and Stephanie Cavigliano will be speaking with Anshuman Singh, Senior Director of Product Management, Application Security at Barracuda, and Tushar Richabadas, Senior Product Marketing Manager, Application Security at Barracuda, about what this vulnerability is, some statistics about malicious traffic Barracuda has seen carrying Log4j attacks, and how organizations can prepare themselves for such incidents.https://blog.barracuda.com/2022/01/07/below-the-surface-log4j-attack-trends/
LTO NEXT GEN TAPE IS MASSIVE!
And it needs to be....! It’s estimated that by the year 2025 over 460 exabytes of data will be created daily worldwide bringing us in to the Zettabyte Era! Storage managers are clamoring to keep pace with this data growth phenomenon while managing near stagnant budgets, fending off cyberattacks, and reducing the carbon footprint. But good news from the LTO Program is on the way!https://www.lto.org/2021/11/lto-next-gen-tape-is-massive/
FTC warns companies to secure consumer data from Log4J attacks
The US Federal Trade Commission (FTC) has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks. "The FTC intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of Log4j, or similar known vulnerabilities in the future," the US government agency said. For the full report:https://www.bleepingcomputer.com/news/security/ftc-warns-companies-to-secure-consumer-data-from-log4j-attacks/
White House Press Release: Protecting Against Malicious Cyber Activity before the Holidays…
On 12/10 cyber-security researches discovered an incredibly serious, widely used application vulnerability, now known as the “Apache log4j Flaw”. I’ve spent many hours on calls/webinars/video mtgs with representatives of the FBI, CISA, NSA and other cyber defense organizations presenting the seriousness of this flaw and mitigation steps to take IMMEDIATELY. Every year, the White House puts out a statement regarding protecting your assets during the holidays. This year, with the log4j, I think we all need to be even more diligent and watchful:https://www.whitehouse.gov/briefing-room/statements-releases/2021/12/16/protecting-against-malicious-cyber-activity-before-the-holidays/
Re: Log4J Vulnerability: “Log4shell by the numbers- Why did CVE-2021-44228 set the Internet on Fire?
The news is big enough to have been featured in the media, and the crunch has been felt by industry insiders - but there are a few unanswered questions. Why exactly is this so widespread?https://blog.sonatype.com/why-did-log4shell-set-the-internet-on-fire
Log4j flaw: Now state-backed hackers are using bug as part of attacks, warns Microsoft:
State-sponsored hackers from China, Iran, North Korea and Turkey have started testing, exploiting and using the Log4j bug to deploy malware, including ransomware, according to Microsoft. As predicted by officials at the US Cybersecurity and Infrastructure Security Agency (CISA), more sophisticated attackers have now started exploiting the so-called Log4Shell bug (CVE-2021-44228), which affects devices and applications running vulnerable versions of the Log4j Java library. It's a potent flaw that allows remote attackers to take over a device after compromise.https://www.zdnet.com/article/log4j-flaw-now-state-backed-hackers-are-using-bug-as-part-of-attacks-warns-microsoft/
Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware:
Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability.https://thehackernews.com/2021/12/hackers-exploit-log4j-vulnerability-to.html
FTC shares ransomware defense tips for small US businesses:
One key protective step is to set up offline, off-site, encrypted backups of information essential to your business," the FTC said. "This isn't something to save for a slow day at the office. Your IT team should immerse themselves in the latest advice from CISA and other authoritative experts.https://www.bleepingcomputer.com/news/security/ftc-shares-ransomware-defense-tips-for-small-us-businesses/
U.S. Brings More Pressure to Bear on Cybercriminal Gangs:
The U.S. government has launched a series of initiatives aimed at disrupting the operations of cybercriminals that launch ransomware attacks. U.S. Cyber Command head and director of the National Security Agency Gen. Paul Nakasone disclosed this week that the military has “conducted a surge” over the past three months to help deter ransomware attacks on U.S. interests.https://blog.barracuda.com/2021/11/08/u-s-brings-more-pressure-to-bear-on-cybercriminal-gangs/
7 suspected hackers arrested in global ransomware crackdown:
The arrests were part of a law enforcement investigation called GoldDust that involved the United States and 16 other countries. REvil, also known as Sodinokibi, has been linked in recent months to ransomware targeting the world’s largest meat processor, JBS SA, as well as a Fourth of July weekend attack that snarled businesses around the world through a breach of a Florida-based software company called Kaseya.https://www.winknews.com/2021/11/08/7-suspected-hackers-arrested-in-global-ransomware-crackdown/
Here are the Industries That Ransomware Impacts the Most:
Some of the worst ransomware attacks that have occurred recently have had to do with municipal services such as water suppliers and the like. Some of the most high profile companies that have been hit with ransomware are internet companies, but with all of that having been said and now out of the way it is important to note that they are not the most frequently targeted companies by any stretch of imagination. Quite on the contrary, they are simply the most visible victims and a lot of other companies are impacted in an even worse manner.https://www.digitalinformationworld.com/2021/11/here-are-industries-that-ransomware.html
Quantum tape libraries gain remote eject capability:
Quantum introduced Ransom Block to its Scalar tape libraries, allowing customers to remotely eject tape magazines and prevent cyber criminals from accessing the data within. Data in tapes is generally safe from cyber criminals, but Quantum Corp. aims to make it even harder to access.https://searchdatabackup.techtarget.com/news/252508974/Quantum-tape-libraries-gain-remote-eject-capability?utm_campaign=20211116_Quantum+adds+remote+tape+feature+for+ransomware+protection&utm_medium=EM&utm_source=NLN&track=NL-1822&ad=940329&asrc=EM_NLN_191084521
Threat Spotlight: Bait attacks:
As attackers work to make their phishing attacks more targeted and effective, they’ve started researching potential victims, working to collect information that will help them improve the odds that their attacks will succeed. Bait attacks are one technique attackers are using to test out email addresses and see who’s willing to respond.https://blog.barracuda.com/2021/11/10/threat-spotlight-bait-attacks/
Bad bots on the rise: How to fight back:
Bots account for about half of all internet traffic — and about half of that is due to malicious bots. These bots execute a wide variety of attacks, including web scraping, account takeover, distributed denial of service (DDoS), distributed denial of inventory (DDoI), and more.https://blog.barracuda.com/2021/11/11/bad-bots-on-the-rise-how-to-fight-back/
FTC shares ransomware defense tips for small US businesses:
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology.https://www.bleepingcomputer.com/news/security/ftc-shares-ransomware-defense-tips-for-small-us-businesses/
INSURING AGAINST CYBERATTACK
They say prevention is better than cure but sometimes, you can't stop being the target of a cyberattack. Is cyber insurance the answer?https://www.lto.org/2021/09/insuring-against-a-cyberattack/
US Authorities Issue BlackMatter Ransomware Alert
Data exfiltration is attempted over the web, and SMB is used to encrypt shares remotely. There’s also a warning that BlackMatter may wipe backup stores rather than encrypt them as most variants do.https://www.infosecurity-magazine.com/news/us-authorities-issue-blackmatter/
DDoS attacks on the rise — using powerful new techniques
Ransomware has been dominating cybersecurity headlines for a while now, so it’s completely understandable if you haven’t been keeping up with the latest news about distributed denial-of-service (DDoS) attacks. But there have been some startling recent developments.https://blog.barracuda.com/2021/10/13/ddos-attacks-new-techniques/
How Coinbase Phishers Steal One-Time Passwords
A recent phishing campaign targeting Coinbase users shows thieves are getting smarter about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as part of an effort to identify email addresses that are already associated with active accounts.https://krebsonsecurity.com/2021/10/how-coinbase-phishers-steal-one-time-passwords/
Threat Spotlight: Remote code execution vulnerabilities
Here’s a closer look at these vulnerabilities, recent attack patterns, and solutions you can use to help protect against these types of attacks.https://blog.barracuda.com/2021/10/13/threat-spotlight-remote-code-execution-vulnerabilities/
VIDEO SURVEILLANCE AND THE STORAGE CHALLENGE
In this BlogBytes, we will examine how surveillance cameras help stop crimes but create storage challenges!https://www.lto.org/2021/09/video-surveillance-storage-challenges/
Report: The state of network security in 2021
To capture perspectives on cloud adoption, working from home, security concerns, and a variety of issues and challenges related to cybersecurity risks, Barracuda commissioned independent market research firm Vanson Bourne to survey IT decision makers. Barracuda examines key findings in this newly published report. The survey includes responses from 750 IT decision makers responsible for their organization’s networking, public cloud, and security. They came from organizations in companies with 500 or more employees in the U.S., EMEA, and APAC.https://blog.barracuda.com/2021/09/14/report-the-state-of-network-security-in-2021/
Cloudflare slams Amazon Web Services over massive markups. Transferring data out of AWS' network will cost you.
Since 2015, we at Lincoln Archives & LACyber have been preaching about this. Putting data ‘into the cloud is inexpensive. Getting data back out of the cloud ‘can be very, very expensive!’ In this article – Cloudflare calls AWS out. This is why we strongly support – write your inactive data to TAPE, and we’ll vault it for pennies per TB per month!!! Contact us, after reading this article:https://www.techradar.com/news/cloudflare-slams-amazon-web-services-over-massive-markups
The Storage Challenges of the Digital Future!
IDC estimates that by 2025 there will be 7 trillion gigabytes of cold archive data, presenting unprecedented challenges for companies of all sizes. So what role does LTO tape storage play in this so-called ‘Zettabyte Era’? What do the experts say? We got three of the best technology minds together in a straight-talk webinar to answer these questions and other thought provoking queries.https://www.lto.org/2021/09/tape-innovation-uncovered/
Using Tape Storage to Solve Data Management Problems – a Q&A Discussion
When faced with an IT decision you will likely ask a series of questions to gather decision making criteria. We posed several key questions related to tape storage to industry expert Phil Goodwin, IDC Research Director, Infrastructure Systems, Platforms and Technologies. In this BlogBytes issue we will give you a preview of some of the Q&A and a link to the full discussion with Goodwin in which some of his answers may surprise you. Let’s take a look!https://www.lto.org/2021/05/using-tape-storage-to-solve-data-management-problems/
Recent Attacks Lead to Renewed Calls for Banning Ransom Payments
When faced with an IT decision you will likely ask a series of questions to gather decision making criteria. We posed several key questions related to tape storage to industry expert Phil Goodwin, IDC Research Director, Infrastructure Systems, Platforms and Technologies. In this BlogBytes issue we will give you a preview of some of the Q&A and a link to the full discussion with Goodwin in which some of his answers may surprise you. Let’s take a look!https://www.darkreading.com/endpoint/recent-attacks-lead-to-renewed-calls-for-banning-ransom-payments/d/d-id/1341548
Ransomware-proof Your Backups!
Backups are the best way to save an organization's data after a ransomware attack. Hackers know this and often purposely seek out and encrypt backups to force organizations into paying a hefty ransom. Protecting backups is therefore critical in reducing ransomware damages and costly business disruption.https://datasafe.britinsurance.com/view_layout.php?layout_id=7769
Unsure how to defend against rampant ransomware? Our checklist makes it simple.
Barracuda’s research has uncovered a three-step process that is currently the dominant way for ransomware to be deployed. And, the included 3 step checklist is relatively simple to implement. Enjoy:https://tinyurl.com/LA-CyberBP8-18-21
Ransomware has changed the way we think about data backup
This is a great article; they talk about 3-2-1 backup strategy and Air Gapping, which is critical. (Btw – we’ve been preaching this for YEARS!). But we at LACyber take it to the next level: 3-2-1-1. The last “1” is a fully Air Gapped copy which we’ll move to tape (yes – tape!) and vault it. Truly Off-Line. You want a real fail-safe? Connect with us. Enjoy this read:https://tinyurl.com/LA-CyberBP7-16-21
What Can Businesses Do to Fill the Cybersecurity Talent Shortage?
The shortage is real. We’re advising clients to get their teams in place and start or strengthen their relationships with trusted cyber-security providers – especially for SMB’s (Small & Medium Sized Businesses):https://tinyurl.com/LA-CyberBP6-17-21
FBI demonstrates significant hacking capability
It is GREAT to see law enforcement actually start WINNING battles against cyber thieves! Enjoy this one:https://tinyurl.com/LA-CyberBP6-15-21
U.S. finally flexes ransomware muscle
Score one for the good guys! Enjoy:https://tinyurl.com/LA-CyberBP5-19-21
Barracuda cited as a leader in enterprise email security by Forrester
Hot off the presses. So happy to provide this protection for our clients! Love that the report cites: “Barracuda Network’s incident response feature ‘is a superior product for the continuous remediation option provided as well as the straightforward process for starting remediations.’” Reach out for information, help and/or pricing. Enjoy: https://tinyurl.com/LA-CyberBP5-7-21A roadmap to Zero Trust implementation
The rapid shift to remote work over the past year has pushed many organizations to rethink their approach to security. For many, this means embracing the Zero Trust security model, but necessary changes in strategy and architecture can be daunting at first…https://tinyurl.com/LA-CyberBP4-22-21
Ransomware negotiations: An inside look at the process
Ransomware negotiators are brought in to communicate with cybercriminals and hopefully arrange less expensive payments. How often do they succeed?https://tinyurl.com/LA-CyberBP4-16-21
Unstructured data growth poses hidden cloud security and compliance risk
Data Classification & Governance needed NOW, as up to 90% of data organizations own is unstructured and estimated to be growing at 55-65% each year!https://tinyurl.com/LA-CyberBP4-14-21
WFA bodes ill for cybersecurity
This article explains well the challenge that SMB’s are facing (and will face even more) with keeping their systems secure, post COVID. Big companies will spend the money and swallow up security expertise and service resources. SMB’s need to get their security providers in place NOW!https://tinyurl.com/LA-CyberBP4-5-21
The Tape Renaissance Changes the Game
Today’s Tape is Nothing Like the Past:https://tinyurl.com/LA-CyberBP3-16-21
CYBERWAR is imminent & will affect ordinary Americans, claims CEO of company that ‘discovered’ SolarWinds hack.
Fasten your seatbelt. This could get ugly.https://tinyurl.com/LA-CyberBP3-2-21
How data storage technology can overcome human vulnerabilities that open the door to ransomware
A VERY familiar technology (WORM) with another, useful, defense quality:https://tinyurl.com/LA-CyberBP2-18-21
2020 Data Breaches Point to Cybersecurity Trends for 2021
Risk Based Security released their 2020 year-end data breach report this past week, and despite an overall decline in breach events (security incidents), the number of breached records grew dramatically:https://tinyurl.com/LA-CyberBP2-11-21
Managing unstructured data to boost performance, lower costs:
Is unmanaged, unstructured data clogging up your primary storage? Get control of this costly, performance-sapping situation and start managing unstructured data cost-effectively.https://tinyurl.com/LA-CyberBP1-12-21
SolarWinds hackers also used common hacker techniques, CISA revealed:
CISA revealed that threat actors behind the SolarWinds hack also used password guessing and password spraying in its attacks.https://tinyurl.com/LA-CyberBP1-9-21
Ransomware attacks target backup systems, compromising the company ‘insurance policy’
Ransomers will NOT be taking holiday! In an era where backup systems are now targeted and compromised first, experts and even the FBI recommend that this may be the only defense that will save you. We agree.https://tinyurl.com/LA-CyberBP12-16-20
How can I best implement an active archive environment?
Examine the major elements of an active archiving environment, including the kinds of data that you can use in one and resources to help with platform execution.https://tinyurl.com/LA-CyberBP11-27-20
ESG TAPE LANDSCAPE STUDY - WHAT IT PROFESSIONALS REALLY THINK!
ESG recently conducted a user survey that examined the tape storage landscape for 2020. It was designed to understand the existing and emerging technology and business challenges and drivers influencing tape usage and purchasing strategies.https://tinyurl.com/LA-CyberBP11-20-20
How to choose a long-term data archiving services vendor.
Great article, however their costs are a bit off... Our costs are way better than those quoted (and your information stays here, local, right where you want it)...https://tinyurl.com/LA-CyberBP11-12-20
What NOT to Do in Your First 90 Days as a CISO.
Recently, Daniel Hooper, CISO at Varo Bank asked his LinkedIn network what their recipe for the first 90 days as a CISO would be. The post got 50+ responses but one that really stood out (and resonated with the whole group) was what NOT to do. This comment by Max S., CSO, saw a lot of folks nodding their heads and some even chuckling out loud. Daniel then threw out a call to action for someone to summarize this list into a blog post, so here goes, folks – the list of what not to do as a new CISO. (will make you smile)https://tinyurl.com/LA-CyberBP11-2-20
Avoiding the snags and snares in data breach reporting: What CISOs need to know.
Ambiguities in a growing list of US reporting requirements keep CISOs up at night: Will they be compelled to report every breach even if they can prove the data was untouched? Experts advise on how to avoid trouble.https://tinyurl.com/LA-CyberBP10-20-20
NYDFS enforces its cybersecurity regulation for the first time
On July 22, NYDFS filed a statement of charges against a title insurer for allegedly failing to safeguard mortgage documents, including bank account numbers, mortgage and tax records, and other sensitive personal information. This is the first enforcement action alleging violations of NYDFS’ cybersecurity regulation (23 NYCRR Part 500), which took effect in March 2017 and established cybersecurity requirements for banks, insurance companies, and other financial services institutions.https://tinyurl.com/LA-CyberBP9-16-20
Is your Coffee Pot Watching You?
Devices become vulnerable to attack within minutes of connecting to the Internet. The device could be a computer or a smartphone, but it doesn’t have to be. It could be a security camera, light bulb, teddy bear, or car. The world is becoming more connected, and cybercrime is getting easier and more accessible.https://tinyurl.com/LA-CyberBP10-14-20
Ransomware & Air Gapping leads to Record Breaking Tape Capacity Shipments
Tape Shipment Report Reveals Record Breaking Tape Capacity Shipments – "Ransomware is more rampant than ever and a significant challenge for protecting data, especially as employees continue to work remotely amid the current pandemic," said Christophe Bertrand, Senior Analyst, The Enterprise Strategy Group, Inc. “Air gapping with tape technology should be a serious consideration for any company looking at best practices to ensure their company’s data and their customers’ privacy."https://tinyurl.com/LA-CyberBP10-9-20
Ransomware attacks on schools continue to increase:
Schools have been under extreme pressure this year due to the COVID-19 pandemic. Students need additional help with the new safety measures or remote learning, and parents are flooding schools with questions, suggestions, or complaints. U.S. schools were an attractive target for ransomware in 2019, and they’ve become more popular this year as the pandemic caused a massive disruption in how education is delivered to students. Barracuda research shows that attacks on schools and universities made up 15% of attacks in 2020, compared to 6% in 2019. Here are stats and some defenses:https://tinyurl.com/LA-CyberBP10-7-20
Election Crimes and Security
Concerned about our upcoming elections and foreign intervention? Check out this 9 Minute Video. IT IS WORTH YOUR TIME! The Directors of the FBI, the NSA, CISA (the Cybersecurity & Infrastructure Security Agency) and NCSC (National Counterintelligence & Security Center) speak about what your Country is doing to safeguard our elections. POWERFUL! In addition to election security – understand this: these people and agencies are working 24/7 to protect us from any and all cyber threats. I’m glad they’re on our side:Here’s the 9 min video (on youtube): https://youtu.be/H-3Ek14eO7o
Here’s the complete FBI Web Page “Election Crimes and Security”: https://tinyurl.com/LA-CyberBP10-6-20
Air gaps – the most effective defense against cyberattacks
In data protection, air pockets or gaps are actually highly recommended, as they play an important role in terms of protecting your business-critical data against cyber attacks. These threats are becoming more frequent, and are capable of simultaneously corrupting live, backup and archive data. Consequently, it is an enormous challenge for all businesses to protect themselves from this type of data loss.https://tinyurl.com/LA-CyberBP9-18-20
"He, who does not learn from history, is condemned to repeat it."
Equifax really learned from its’ mistakes when attackers breached it and stole the personal information of 182 Million Americans. And we can ALL learn from what they share here. There is an incredible amount of wisdom, insight and actionable measures in this 5-minute read. It’s not all sunshine and rainbows, but will definitely teach you a valuable lesson or two. Let’s learn from their mistakes and be much wiser moving forward. Enjoy:https://tinyurl.com/LA-CyberBP9-10-20
When Aston Martin (James Bond’s car) did a self-assessment of its’ IT Security, its’ focus was laser sharp:
“The brand is enormously important. It's the thing that keeps us where we are. So, protecting that is a bigger focus for us than maybe some other things. If we had, for example, a breach and lost customer data, with the types of people that buy our cars you don't want to be the person on BBC News for instance explaining what's happened and how that's going to hurt the brand. The reputation damage would be enormous on that.”https://tinyurl.com/LA-CyberBP8-20-20
SANS Institute, which drills cyber professionals in defense, suffers data breach:
The SANS Institute, which trains cybersecurity professionals around the world, was hacked, resulting in the compromise of 28,000 records of personally identifiable information, the organization said Tuesday.https://tinyurl.com/LA-CyberBP8-14-20
5 traits all the best CISOs have:
I know many CISO’s. If you’re an Owner, CEO, President, or C-Suite, you’ll want to read this. It is RIGHT ON TARGET! As a career entrepreneur and business person, #3 resonates with me. It is what separates a GOOD CISO from a GREAT CISO. Think about yours… Is he/she good, or great?:https://tinyurl.com/LA-CyberBP7-30-2020
FBI Issues DDoS amplification attack alert:
The Federal Bureau of Investigation (FBI) in the U.S. has issued an alert warning organizations that distributed denial of service (DDoS) amplification attacks are on the rise. With all of the attention to Ransomware, DDoS attacks have taken a back stage, but, they’re still there. Get Ready to be attacked:https://tinyurl.com/LACyberBillsPick7-13-20
Cracking the cyber liability code leads to better insurance coverage:
Many clients/friends I’ve spoken with ‘think’ (hope) they’re insured properly for cyber-liability. And in some cases, I get the hint that they’d rather not dig into it (ignorance is bliss?). Well, ‘hope’ is NOT a strategy, nor a contingency plan. This 5 minute read has a GREAT explanation and 5 item listing of MUST HAVE’s for cyber-liability coverage:https://tinyurl.com/LA-CyberBP6-25-20
The Lesson here is really Behind the Scenes:
A somewhat ‘typical’ ransomware against a city in Alabama. But the educational value is within the “Comments” section. Read the article and then: READ THE COMMENTS at the end. Especially the conversation thread started by this question: “Can someone kindly explain to me how a security firm in Wisconsin can “see” what’s happening with regards to an attack inside a network in Alabama?”https://tinyurl.com/LA-CyberBP6-10-20
Cyber security 101: Protect your privacy from hackers, spies, and the government
Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy.https://tinyurl.com/LA-CyberBP6-11-20
U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs
With the huge surge in unemployment claims, and state unemployment systems being over-run, you had to know this would be coming:hhttps://tinyurl.com/LA-CyberBP5-22-20
1 Day, 3 New Ransomware Attacks reported, not all successful. Why?
-
Magellan Health – proving (during this COVID Crisis) “There is no Honor among the Thieves.” Threat Vector: Phishing (as usual). Undetermined: Was exfiltrated data anonymized and do they need to notify breached individuals?
https://tinyurl.com/LA-CyberBP5-14-20A -
Pitney Bowes – After their previous Ransomware Attack – 7 months ago, a New Successful Attack & Breach BUT Unsuccessful Ransomware Execution! New endpoint detection & response and advanced threat protection tools deployed – Won the Day!
https://tinyurl.com/LA-CyberBP5-14-20B - Texas Court – Partially shut down by Ransomware. Although they “will not pay” the ransom, they do acknowledge the need for more/better security training of their employees. As government branches continue to be targeted by these types of attacks, they continue to struggle to keep pace with the security required to deliver information to citizens, yet protect it from nefarious use by bad actors: https://tinyurl.com/LA-CyberBP5-14-20C
Threat Spotlight: Coronavirus-Related Phishing.
As much of the world grapples with the new coronavirus, COVID-19, and how to handle it, attackers are taking advantage of the widespread discussion of COVID-19 in emails and across the web..https://tinyurl.com/LA-CyberBP5-1-2020
5 ways COVID-19 is reshaping the cybercrime economy.
As the COVID-19 pandemic pushes the above-ground economy to the brink of a major recession, the cybercrime economy appears to still be hard-charging ahead. And yet, the virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalize on global fears, as well as dramatic shifts in supply and demand.https://tinyurl.com/LA-CyberBP5-4-2020
https://tinyurl.com/LA-CyberBP5-1-2020
SBA emergency loan applicants’ data likely exposed.
breach at the Small Business Administration may have exposed personal information on almost 8,000 small businesses that applied to the agency’s Economic Injury Disaster Loan program (EIDL), recently expanded to include organizations affected by the COVID-19 pandemic..https://tinyurl.com/LA-CyberBP4-22-20
Zoombombing provides teachable moment for cybersecurity teams.
Most of the instances of conference calls being hacked, popularly known as Zoombombing, are from a cybersecurity perspective a self-inflicted wound. The fact that malicious actors could, for example, use publicly posted meeting links, guess meeting IDs, and discover personal meeting IDs posted online to join a meeting uninvited is not some newly discovered set of vulnerabilities. It’s only been with the need for large swaths of the population to remain at home that these issues are coming to the fore. Zoom, as the most popular video collaboration platform of the moment, is naturally at the center of the storm.https://tinyurl.com/LA-CyberBP4-14-20
Preventing Eavesdropping and Protecting Privacy on Virtual Meetings.
Conference calls and web meetings—virtual meetings—are a constant of modern work. And while many of us have become security-conscious in our online interactions, virtual meeting security is often an afterthought, at most. Who hasn’t been finishing one call when attendees of the next call start joining – because the access code is the same? In the moment it may be annoying, or even humorous, but imagine if you were discussing sensitive corporate (or personal) information. Unfortunately, if virtual meetings are not set up correctly, former coworkers, disgruntled employees, or hackers might be able to eavesdrop or disrupt them. Using some basic precautions can help ensure that your meetings are an opportunity to collaborate and work effectively – and not the genesis of a data breach or other embarrassing and costly security or privacy incident.https://tinyurl.com/LA-CyberBP4-8-20
Working from Home? SANS Security Awareness Deployment Guide (for businesses) & Top 5 Tips for Working from Home Securely (for employees)
With the coronavirus disrupting business as usual, organizations and school districts worldwide are implementing work-from-home policies. Not only does this pose new challenges for organizations that lack the processes and technologies required to secure a remote workforce, it puts an even greater burden on families who must quickly adapt to a new way of working and learning from home — and do so safely and securely.https://tinyurl.com/LA-CyberBP4-7-20
Five billion records exposed in open ‘data breach database’
More than five billion records were exposed after a Keepnet Labs Elasticsearch “data breach database” housing a trove of security incidents from the last seven years was left unprotected.https://tinyurl.com/LA-CyberBP3-20-20
Malicious coronavirus map hides AZORult info-stealing malware:
Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples, adversaries have created a weaponized coronavirus map app that infects victims with a variant of the information-stealing AZORult malware.https://tinyurl.com/LA-CyberBP3-12-19
The SHIELD Act: NY’s New Data Protection Requirements Take Effect:
In his Health Law column, Francis J. Serbaroli discusses New York’s new SHIELD Act, which imposes new data security and data breach reporting requirements on any entity in possession of private information of New York residents regardless of whether the entity is located in New York. The Act also levies higher penalties for non-compliance with its data security and reporting requirements, but does not provide for a private cause of action.https://tinyurl.com/LA-CyberBP1-21-20
25 Tech Predictions for 2020:
Much will be different, relative to ten years ago. The year 2020 opens a new decade and much will be different, relative to ten years ago. Here are more than two dozen predictions about what to expect, according to industry experts and executives.https://tinyurl.com/LA-CyberBP01-03-20
Ring camera hacks show the need for better IoT security:
Ring camera doorbells gained fame for catching porch pirates steal packages but after several high-profile cases where hackers gained control of them they are being held up by the cybersecurity industry as a prime example why companies and homeowners need to take IoT security seriously.https://tinyurl.com/LA-CyberBP12-19-19
Snatch ransomware reboots PCs into Safe Mode to bypass protection:
https://tinyurl.com/LA-CyberBP12-12-19
Cyberthreats to financial institutions 2020: Overview and predictions:
https://tinyurl.com/LA-CyberBP12-6-19
BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups - in the field:
https://tinyurl.com/LA-CyberBP12-5-19
Ransomware attack on nursing homes’ services provider threatens lives:
https://tinyurl.com/LACyberBillsPick11-26-19How to negotiate with hackers:
https://www.ft.com/content/1f3917ae-ca59-11e9-af46-b09e8bfe60c0
How tape backup systems improve data protection:
https://searchdatabackup.techtarget.com/feature/How-tape-backup-systems-improve-data-protection
SHARED INTEL:
What it takes to preserve business continuity, recover quickly from a cyber disaster
https://tinyurl.com/y6oc6kd4
VPN to world:
Reports of my death are greatly exaggerated
https://www.scmagazine.com/home/opinion/executive-insight/vpn-to-world-reports-of-my-death-are-greatly-exaggerated/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_20191014&hmSubId=nWo3cyWXJlQ1&email_hash=3705b20fde64a48931537ae6718d9c72&mpweb=1325-10718-2245121
