AI, Cloud & Cybersecurity: Accenture’s Bill Marion Shares Cyber Landscape Insights
People are starting to invest in AI, but what’s really grabbing most of the attention within the AI space are the data mesh, data analytics environment, and ethics surrounding AI.
Our Department of Defense data is all over the place; we have so much of it and we’re still learning what’s important.
The leap to AI/machine learning is being done in some cases, but it’s not the norm yet.
@Cyber_Security_Channel
SentinelOne® Sets New Standard for Cybersecurity with Singularity™ Platform Unity Release
The Singularity Unity Release is a unique series of enhancements that SentinelOne will incrementally roll out over the next 12 months to revolutionize Security Operations Centers (SOCs).
The platform will provide a new user experience and function as their command post and comprehensive system of record.
@Cyber_Security_Channel
NTT Unveils Five Trends That Will Dominate the Cybersecurity Landscape in 2024
"Zero Trust is no longer a buzz word, but a core concept that organizations will implement to improve their cybersecurity measures," said Taro Hashimoto, CSIS Visiting Fellow & Senior Manager of Cybersecurity, NTT.
"The concept of Zero Trust is all about risk-based management and continuous process.
@Cyber_Security_Channel
Aqua Security Introduces Industry-First Kubernetes Vulnerability Scanning With Trivy KBOM
Kubernetes vulnerability scanning is the latest capability added to Trivy, the industry’s most popular vulnerability and risk scanner.
With nearly 20,000 GitHub stars, Trivy has a thriving community of users and contributors.
@Cyber_Security_Channel
Federal Trade Commission Expands Rule Regarding Reporting of Data Security Breaches
While parts of the Safeguards Rule already apply to non-banking financial institutions such as mortgage brokers, motor vehicle dealers, accountants, tax preparation services, and payday lenders, the recent amendment expands the data breach reporting requirements to these entities.
@Cyber_Security_Channel
Spyware Designed for Telegram Mods Also Targets WhatsApp Add-Ons
Upon discovering the spyware in the WhatsApp mods, Kaspersky researchers' analysis showed that Telegram was the primary source in various channels.
"Just the most popular of these had almost two million subscribers," Kalinin notes.
"We alerted Telegram to the fact that the channels were used for spreading malware."
@Cyber_Security_Channel
Safeguarding Healthcare Supply Chains with Cybersecurity
“It’s the easiest way for attackers to compromise systems en masse and to get more bang for their buck,” said Dearing.
“In healthcare, one of the biggest gaps in supply chain security is the absence of regular, rigorous, cybersecurity audits.
@Cyber_Security_Channel
Tech Matters: New Data Breach Reporting Rules Start in December
Further, the new rules require publicly traded companies to describe their processes to secure their data and operations from cyber threats, as well as their expertise in assessing and managing these risks.
This part will be done in a company’s annual report filing to the SEC.
@Cyber_Security_Channel
FBI Director Warns of Increased Iranian Attacks
However, Wray did say the FBI is able to "outpace our adversaries" and that the agency had disrupted 40% more cyber operations than last year and arrested 60% more cybercriminals than in 2021.
@Cyber_Security_Channel
'Elektra-Leak' Attackers Harvest AWS Cloud Keys in GitHub Campaign
Palo Alto researchers discovered the Elektra-Leak campaign via a honey trap the company implemented for gathering threat intelligence on new and emerging cloud security threats.
Their investigation of the campaign showed the threat actor is likely using automated tools to continuously clone public GitHub repositories and to scan them for exposed AWS keys.
Many organizations clone their GitHub repositories so that they have a local copy of the repository within their development environment.
@Cyber_Security_Channel
Getting Smart With Cybersecurity: AI Can Help the Good Guys, Too
To be effective, most security technologies today require a lot of manual fine-tuning, often through sophisticated parameter tweaks.
Depending on the tool, these can affect what incidents are reported, what vulnerabilities a tool finds, or how issue priorities are determined.
All these manual tweaks are time-consuming and can leave you exposed to threats until the right configurations are in place.
@Cyber_Security_Channel
Advanced ‘StripedFly’ Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools
“Such an approach is by no means common among APT and crimeware developers, and this notable example underscores the sophistication of this malware against the background of many others.
Its functional complexity and elegance remind us of the elegant code implementing delay tolerant Equation communications networking and other libraries, reinforcing its classification as a highly advanced threat,” Kaspersky notes.
@Cyber_Security_Channel
Longer Support Periods Raise the Bar for Mobile Security
The update support period is therefore crucial, as well as the frequency of updates and the ability for security-specific updates to be rolled out independent of wider software updates — which is now offered by many of the leading smartphones.
@Cyber_Security_Channel
Do Small Companies Need Fractional AppSec Teams Akin to Virtual CISOs?
"Experienced application security people are in short supply, and they're getting hoovered up by the big companies, by the Microsofts, Amazons, Apples, and Googles of the world, and if you are a smaller company, you're just not competing on that playing field," explains Kymberlee Price, who has led product security and AppSec teams, worked as a security researcher, and run red team and incident response operations for the likes of Microsoft, Amazon, and Bugcrowd.
@Cyber_Security_Channel
US Energy Firm Shares How Akira Ransomware Hacked Its Systems
The Akira operators revisited the network on June 16, 2023, to enumerate data would be stolen.
Between June 20 and 29, the threat actors stole 767k files containing 690 GB of data, including BHI's Windows Active Directory database.
Finally, on June 29, 2023, having stolen all data they could from BHI's network, the threat actors deployed the Akira ransomware on all devices to encrypt files.
This was when BHI's IT team realized the company had been compromised.
@Cyber_Security_Channel
Global Authentication Services Market Forecast Report 2023-2030: A Review of Data Protection Laws by Country
The Authentication Services market in the U.S. is estimated at US$244.9 Million in the year 2022.
China, the world's second largest economy, is forecast to reach a projected market size of US$603.4 Million by the year 2030 trailing a CAGR of 18.9% over the analysis period 2022 to 2030.
Among the other noteworthy geographic markets are Japan and Canada, each forecast to grow at 17.8% and 16.7% respectively over the 2022-2030 period. Within Europe, Germany is forecast to grow at approximately 13.3% CAGR.
@Cyber_Security_Channel
⚡️World's Biggest Bank ICBC Hit By Cyber Attack
The Industrial and Commercial Bank of China’s US arm was hit by a ransomware attack that disrupted trades in the US Treasury market.
The attack, which was first reported by the Financial Times, is suspected to have been carried out by underground organisation LockBit, one of the active ransomware groups globally, Bloomberg reported, citing sources.
China’s foreign ministry said on Friday that the lender was striving to minimise risk impact and losses after the attack.
“ICBC has been closely monitoring the matter and has done its best in emergency response and supervisory communication,” the ministry spokesperson Wang Wenbin said.
@Cyber_Security_Channel
Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams
If a perpetrator doesn't already have targets in mind, Gibson posits, some social media or Dark Web data harvesting might help identify prime candidates.
Just as one would for an advertising campaign, "if you already have vast bodies of data that have previously been hacked," Gibson says.
"You can then populate software like those which do advertising analytics to define the best target for a particular kind of attack."
@Cyber_Security_Channel
Ace Hardware Still Reeling From Weeklong Cyberattack
"Specifically, one involves a criminal sending a spoof email asking the retailer to send electronic payments meant for Ace Hardware Corporation to an alternate bank while we work to restore our systems.
The email looks legitimate and appears to be coming from someone in the Ace Finance Department," the letter explained.
@Cyber_Security_Channel
Oracle Enables MFA by Default on Oracle Cloud
Cloud administrators should also use Oracle Cloud Guard to monitor configuration policies and to detect and alert teams on changes to buckets and access policies, Oracle said.
"The benefits of MFA are so impactful that we've decided to implement it by default across all OCI tenants," Oracle said.
@Cyber_Security_Channel
CISA Awards Nonprofits $3 Million to Bolster Cyber Workforce
“CISA is looking forward to working with both recipients to help recruit and train tomorrow’s cybersecurity leaders,” CISA Director Jen Easterly said in a press release.
“These organizations are such valuable partners and assets in building a diverse cybersecurity workforce that strengthens our nation’s cyber defense capabilities and enhances safety and security in our communities.”
@Cyber_Security_Channel
DOJ and Pentagon Email Breach Impacted Around 632,000 Federal Employees
According to CNN, Clop (aka C10p) – a ransomware gang – was allegedly responsible for the attacks, and it is known to demand multimillion-dollar ransoms.
The group appears to have used the MOVEit hack, which was first disclosed last month by Progress Software after it warned that hackers had found a way to break into its MOVEit Transfer tool.
@Cyber_Security_Channel
Seiko Confirms Data Breach Resulted From a Ransomware Attack
Additionally, the cyber group threatened to publish the stolen information online unless Seiko paid a ransom. BlackCat/ALPHV ransomware eventually leaked the stolen data after Seiko refused to pay the ransom.
@Cyber_Security_Channel
Arid Viper Camouflages Malware in Knockoff Dating App
The malware can also disable security notifications, collect users' sensitive information, and deploy additional malicious applications on compromised devices.
The researchers determined that the malware campaign has been active since at least April 2022.
@Cyber_Security_Channel
Microsoft Exposes Octo Tempest, One of the Most Dangerous Financial Threat Actors to Date
The group might also use smishing, sending SMS containing a PHISHING LINK to employees leading to a fake login page with an AitM toolkit, or initiate a SIM swap attack on employees’ phone numbers, to be able to reset their password once they are in control of the phone number.
@Cyber_Security_Channel
White House Executive Order on AI Provides Guidelines for AI Privacy and Safety
Principles and best practices will be developed to reduce harm from AI in terms of job displacement, labor equity, collective bargaining and other potential labor impacts.
@Cyber_Security_Channel
New Cyberattack From Winter Vivern Exploits a Zero-Day Vulnerability in Roundcube Webmail
The JavaScript injection worked on fully patched Roundcube instances at the time of Faou’s discovery.
The researcher could establish that this zero-day vulnerability was located in the server-side script rcube_washtml.php, which failed to ”… properly sanitize the malicious SVG document before being added to the HTML page interpreted by a Roundcube user,” as stated by Faou.
@Cyber_Security_Channel
Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data
Horizon3.ai also points out that Mirth Connect appears to be deployed mostly on Windows machines, where it typically runs with System privileges, suggesting that the impact of a successful attack would be critical.
@Cyber_Security_Channel
Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure
The Volt Typhoon campaign was first flagged by Microsoft with deliberate targeting of critical infrastructure in Guam, a discovery that raised eyebrows because the tiny island is considered an important part of a future China/Taiwan military conflict.
@Cyber_Security_Channel
Argentina: AAIP Approves Use of IADPN Model Contractual Clauses for International Transfers of Personal Data
The incorporation of these instruments, in addition to promoting security in data transfers, contributes to regulatory harmonization and consolidates Argentina’s position in the protection of privacy.
@Cyber_Security_Channel