When a data breach occurs, here’s how to handle the vulnerability disclosure to the public via marketing methods
In episode 109 for February 24th 2020: Kevin Johnson joins us to discuss how Ring made two-factor authentication mandatory following recent hacking incidents, California police have been caught illegally sharing license plate reader data, and details on IBM and other companies pulling out of the RSA conference due to coronavirus fears.
What happens if a Covid-19 coronavirus pandemic hits? It’s time to at least start asking that question. What will the repercussions be, if the virus spreads worldwide? How will it change how we live, work, socialize, and travel?
Hello and welcome back to TechCrunch’s China Roundup, a digest of recent events shaping the Chinese tech landscape and what they mean to people in the rest of the world. The coronavirus outbreak is posing a devastating impact on people’s life and the economy in China, but there’s a silver lining that the epidemic might have benefited a few players in the technology industry as the population remains indoors.
According to ISO 27005, a threat is defined as a potential cause of an incident that may cause harm to systems and organization. Software attacks, theft of intellectual property, identity theft, sabotage, and information extortion are examples of information security threats. As a result, most of the organization chose active threat hunting practice to defend their organization from the network’s unknown threat.
However, in the financial industry, the percentage of attacks that targeted APIs rose sharply between May and September 2019, at times reaching 75%.
The plant was targeted with a phishing e-mail, that allowed the attacker to access its IT network and then pivot to its Operational Technology (OT) control network, where it compromised Windows PCs used as human machine interface, data historians and polling servers, which led the plant operator to shut it down along with other assets that depended on it, including pipelines.
Shira Rubinoff is the President and Co-Founder of Prime Tech Partners, which is a unique incubator in NYC. She is also the President of SecureMySocial, which warns people of social media problems in real time.
Today, it’s easy to guess if a piece of code is malicious or not. Many security solutions automatically detonates it into a sandbox by security solutions. This remains quick and (most of the time still) efficient to have a first idea about the code behaviour. In parallel, many obfuscation techniques exist to avoid detection by AV products and/or make the life of malware analysts more difficult. Personally, I like to find new techniques and discover how imaginative malware developers can be to implement new obfuscation techniques.
This morning, I spotted a very simple VBSscript based on only 50 lines of code. It gets an excellent VT score: 1/60 but it was spotted by my hunting rule!
Basically, all suspicious keywords that could trigger a bell are random strings and replaced during the execution. Example:
x010 = Replace(x010,"OXentrew","Executionpolicy") x010 = Replace(x010,"BCijaMA","bypass")
You may not believe it, but there are still thousands of businesses around the world that have yet to fully integrate with Cloud technologies. Cloud integration in business is an invaluable tool for visibility and seamless operations.
If you remember your Norse mythology (or just watched Marvel’s Thor movies), you’re probably familiar with Heimdal, the god whose ever-watchful eye was entrusted with protecting the home of the gods in Asgard.
First picked up by Reuters, disclosure letters dated February 11 have been sent out to those whose personal data may have been compromised. Although it is not clear which specific servers have been breached, nor the nature of the users to whom the letters have been sent, that an agency with a vision to “connect and protect the war-fighter in cyberspace” should suffer such an incident is concerning, to say the least. While many of the details surrounding this breach are likely to remain, understandably, confidential, given the nature of the DISA work, the letter itself has already been published on Twitter by one recipient. Signed by Roger S. Greenwell, the chief information officer at DISA, the letter revealed the breach took place between May and July last year, and information including social security numbers may have been compromised as a result. It also stated that there is no evidence that any personally identifiable information (PII) has been misused as a result. The letter does, however, confirm that DISA will be offering free credit monitoring services to those who want it.
Ethos Voluntarily Initiates Legally-Binding Public Interest Commitments that Enforce Price Limits on .ORG and Codify Strong Safeguards Against Censorship of Free Expression and Use of Personal Data
After trying to report these breaches to Slickwraps, Lynx stated they were blocked multiple times even when stating they did not want a bounty, but rather for Slickwraps to disclose the data breach. “They had no interest in accepting security advice from me. They simply blocked and ignored me,” Lynx stated in the Medium post. This post has since been taken down by Medium, but is still available via archive.org. Since posting his Medium post, Lynx told BleepingComputer that another unauthorized user sent an email to 377,428 customers using Slickwraps’ ZenDesk help desk system. These emails begin with “If you’re reading this it’s too late, we have your data” and then link to the Lynx’s Medium post. […] In a statement posted to their Twitter account, Slickwraps CEO Jonathan Endicott has apologized for the data breach and promises to do better in the future. In the statement, though, Endicott says they first learned about this today, February 21st, while Lynx stated and showed screenshots of attempts to contact both Endicott via email and Slickwraps on Twitter prior to today.
Written by Sean Lyngaas
NRC Health, which sells software to some of the country’s largest health care organizations, shut down its computer systems last week following a ransomware attack, the company said in a statement Thursday.