ReportWire

Tag: Cybersecurity

  • Google Investors Surprisingly Chill About Major Data Breach

    [ad_1]

    The stock of Google’s parent company ended Friday’s trading session relatively unchanged, as investors digested news of a major data leak and broader market developments.

    Alphabet Inc. (GOOG)’s shares closed at $213.53, up slightly from the day’s prior end price, despite Google‘s global security alert advising its 2.5 billion Gmail users to update their information following a data breach involving one of its Salesforce databases.

    The company immediately issued a network-wide alert telling users to change their password immediately.

    Despite all that, investors in Google had either not fully digested the news during Friday trade, or were watching see what fallout might continue over the weekend, before pricing in any hit to the company’s value.

    So what was affected in the breach?

    Though consumer Gmail and Cloud accounts were not directly compromised, the incident has triggered an aggressive wave of phishing and impersonation attacks targeting users across the platform.

    The leak, which exposed hundreds of thousands of sensitive documents and personal data, has underscored growing concerns about cybersecurity risks facing major tech firms.

    Still, despite major data breaches at all the tech giants, seemingly in an endless game of round robin, investors continue to believe the potential of these companies outweighs most security concerns.

    Alphabet said in a statement it is investigating the breach and implementing additional security measures, but the incident has added to scrutiny of data management practices across the industry.

    “The safety and privacy of user data are paramount,” it read. “We are working diligently to address these issues and prevent future incidents.”

    Cybersecurity concerns ramp up

    Meanwhile, investors are still nervously cautious about signs of economic slowdown and Federal Reserve signals hinting at future interest rate cuts.

    Despite the turbulence, Alphabet’s stock maintained its position, reflecting investors’ ongoing confidence in the company’s core advertising and cloud businesses. But questions about data security continue to cloud its outlook.

    As the debate over digital privacy and cybersecurity intensifies, Alphabet’s response and its ability to restore trust will be closely watched by shareholders and regulators alike. Google sought this week to reassure consumers and investors.

    The breach exposed thousands of sensitive records, including personal details, corporate documents, and government information.

    The leaked data spread across multiple sources and was easily accessible via search engines. It includes confidential information such as legal files, financial records, and private communications.

    Company data policies under new scrutiny

    Experts warn that such exposure not only jeopardizes individual privacy but also heightens the risk of corporate espionage, identity theft, and national security threats.

    In its statement, Google emphasized that it is actively investigating the incident and has deployed additional security measures to identify and mitigate the breach’s impact.

    Cybersecurity analysts warn that the proliferation of data leaks reflects broader systemic issues in how companies handle sensitive information, as the industry remains largely unregulated and prone to cyberattacks. The incident serves as a stark reminder of the urgent need for stronger data protection standards and increased transparency around data management practices.

    As consumers and businesses grapple with the potential fallout, authorities worldwide are calling for stricter oversight of data security protocols to mitigate the risks posed by such breaches in an increasingly interconnected world.

    [ad_2]

    Riley Gutiérrez McDermid

    Source link

  • WhatsApp Just Patched a ‘Zero Click’ Bug Being Used to Hack Apple Users

    [ad_1]

    On Friday, WhatsApp announced that it had patched a software vulnerability that was being used by unknown hackers to target specific users of Apple products and hack them with spyware.

    WhatsApp, which is owned by Meta, said in an advisory that the previously unknown bug “may have been exploited in a sophisticated attack against specific targeted users.” The vulnerability is officially dubbed CVE-2025-55177.

    TechCrunch notes that this week, WhatsApp fixed the bug while last week, Apple fixed another bug, known as CVE-2025-43300. Together, these vulnerabilities appear to have been the weak spots that allowed malicious spyware attacks targeting specific Apple users, intended to steal data from their devices, the outlet writes.

    Apple describes its bug as such: “Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.” Gizmodo reached out to Apple and WhatsApp for more information.

    WhatsApp told TechCrunch that it had notified “less than 200 users” that they may have been impacted by the campaign. Donncha Ó Cearbhaill, head of Amnesty International’s Security Lab, said that the notifications had been sent out over the past 90 days. “Our team at Amnesty International’s Security Lab is actively investigating cases with a number of individuals targeted in this campaign,” Cearbhaill said on X. “We are available to support members of civil society who have received the WhatsApp notifications.”

    Zero-click attacks have become increasingly common and are frightening because, just as the name would suggest, they don’t require any active phishing to penetrate into the inner contents of a person’s mobile OS. Often, all a bad actor needs to do is send a malicious file (often an image), which can take over the phone by itself. Over the last several years, malware capable of zero-click attacks has been targeted at journalists, activists, and government officials—much of it originating from companies based in Israel.

    [ad_2]

    Lucas Ropek

    Source link

  • DOGE Put Everyone’s Social Security Data at Risk, Whistleblower Claims

    [ad_1]

    As students returned to school this week, WIRED spoke to a self-proclaimed leader of a violent online group known as “Purgatory” about a rash of swattings at universities across the US in recent days. The group claims to have ties to the loose cybercriminal network known as The Com, and the alleged Purgatory leader claimed responsibility for calling in hoax active-shooter alerts.

    Researchers from multiple organizations warned this week that cybercriminals are increasingly using generative AI tools to fuel ransomware attacks, including real situations where cybercriminals without technical expertise are using AI to develop the malware. And a popular, yet enigmatic, shortwave Russian radio station known as UVB-76 seems to have turned into a tool for Kremlin propaganda after decades of mystery and intrigue.

    But wait, there’s more! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

    Since it was first created, critics have warned that the young and inexperienced engineers in Elon Musk’s so-called Department of Government Efficiency (DOGE) were trampling over security and privacy rules in their seemingly reckless handling of US government data. Now a whistleblower claims that DOGE staff put one massive dataset at risk of hacking or leaking: a database containing troves of personal data about US residents, including virtually every American’s Social Security number.

    The complaint from Social Security Administration chief data officer Charles Borges, filed with the Office of the Special Counsel and reviewed by The New York Times, states that DOGE affiliates explicitly overruled security and privacy concerns to upload the SSA database to a cloud server that lacked sufficient security monitoring, “potentially violating multiple federal statutes” in its allegedly reckless handling of the data. Internal DOGE and SSA communications reviewed by the Times shows officials waving off concerns about the data’s lack of sanitization or anonymization before it was uploaded to the server, despite concerns from SSA officials about the lack of security of that data transfer.

    Borges didn’t allege that the data was actually breached or leaked, but Borges emphasized the vulnerability of the data and the immense cost if it were compromised. “Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital health care and food benefits, and the government may be responsible for reissuing every American a new Social Security number at great cost,” Borges wrote.

    Nearly 10 months have passed since the revelation that China’s cyberespionage group known as Salt Typhoon had penetrated US telecoms, spying on Americans’ calls and texts. Now the FBI is warning that the net cast by those hackers may have been far broader than even previously thought, encompassing potential victims in 80 countries. The bureau’s top cyber official, Brett Leatherman, told The Wall Street Journal and The Washington Post that the hackers had shown interest in at least 600 companies, which the FBI notified, though it’s not clear how many of those possible targets the hackers breached or what level of access they achieved. “That global indiscriminate targeting really is something that is outside the norms of cyberspace operations,” Leatherman told the Journal. The FBI says that Salt Typhoon’s telecom hacking alone resulted in the spies gaining access to at least a million call records and targeted the calls and texts of more than a hundred Americans.

    Days after Donald Trump’s Alaska summit with Vladimir Putin, the White House moved to gut its own intelligence ranks. A senior CIA Russia analyst—29 years in service and slated for a coveted overseas post—was abruptly stripped of her clearance, The Washington Post reported. She was one of 37 officials forced out under an August 19 memo from Director of National Intelligence Tulsi Gabbard. The order listed no infractions. To colleagues, it looked like a loyalty purge. The firings have reportedly unsettled the CIA’s rank and file, sending a message that survival depends on hewing intelligence to fit the president’s views.

    On Monday, Gabbard unveiled what she calls “ODNI 2.0,” a restructuring that cuts more than 500 positions and shutters or folds whole offices she deems redundant. The Foreign Malign Influence Center and the Cyber Threat Intelligence Integration Center are being pared back, while the National Intelligence University will be absorbed into the Pentagon’s defense school. Gabbard says the plan will save $700 million a year and depoliticize intelligence. Critics noted, however, a fact sheet published by Gabbard on Monday itemized only a fraction of those savings, and tjeu warned that the overhaul could hollow out the very coordination ODNI was created post-9/11 to provide—discarding expertise and leaving the intelligence fragmented at a time of escalating threats.

    [ad_2]

    Andy Greenberg, Lily Hay Newman, Dell Cameron

    Source link

  • How to Protect Your Company From Deepfake Fraud | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    In 2024, a scammer used deepfake audio and video to impersonate Ferrari CEO Benedetto Vigna and attempted to authorize a wire transfer, reportedly tied to an acquisition. Ferrari never confirmed the amount, which rumors placed in the millions of euros.

    The scheme failed when an executive assistant stopped it by asking a security question only the real CEO could answer.

    This isn’t sci-fi. Deepfakes have jumped from political misinformation to corporate fraud. Ferrari foiled this one — but other companies haven’t been so lucky.

    Executive deepfake attacks are no longer rare outliers. They’re strategic, scalable and surging. If your company hasn’t faced one yet, odds are it’s only a matter of time.

    Related: Hackers Targeted a $12 Billion Cybersecurity Company With a Deepfake of Its CEO. Here’s Why Small Details Made It Unsuccessful.

    How AI empowers imposters

    You need less than three minutes of a CEO’s public video — and under $15 worth of software — to make a convincing deepfake.

    With just a short YouTube clip, AI software can recreate a person’s face and voice in real time. No studio. No Hollywood budget. Just a laptop and someone ready to use it.

    In Q1  2025, deepfake fraud cost an estimated $200 million globally, according to Resemble AI’s Q1 2025 Deepfake Incident Report. These are not pranks — they’re targeted heists hitting C‑suite wallets.

    The biggest liability isn’t technical infrastructure; it’s trust.

    Why the C‑suite is a prime target

    Executives make easy targets because:

    • They share earnings calls, webinars and LinkedIn videos that feed training data

    • Their words carry weight — teams obey with little pushback

    • They approve big payments fast, often without red flags

    In a Deloitte poll from May 2024, 26% of execs said someone had tried a deepfake scam on their financial data in the past year.

    Behind the scenes, these attacks often begin with stolen credentials harvested from malware infections. One criminal group develops the malware, another scours leaks for promising targets — company names, exec titles and email patterns.

    Multivector engagement follows: text, email, social media chats — building familiarity and trust before a live video or voice deepfake seals the deal. The final stage? A faked order from the top and a wire transfer to nowhere.

    Common attack tactics

    Voice cloning:

    In 2024, the U.S. saw over 845,000 imposter scams, according to data from the Federal Trade Commission. This shows that seconds of audio can make a convincing clone.

    Attackers hide by using encrypted chats — WhatsApp or personal phones — to skirt IT controls.

    One notable case: In 2021, a UAE bank manager got a call mimicking the regional director’s voice. He wired $35 million to a fraudster.

    Live video deepfakes:

    AI now enables real-time video impersonation, as nearly happened in the Ferrari case. The attacker created a synthetic video call of CEO Benedetto Vigna that nearly fooled staff.

    Staged, multi-channel social engineering:

    Attackers often build pretexts over time — fake recruiter emails, LinkedIn chats, calendar invites — before a call.

    These tactics echo other scams like counterfeit ads: Criminals duplicate legitimate brand campaigns, then trick users onto fake landing pages to steal data or sell knockoffs. Users blame the real brand, compounding reputational damage.

    Multivector trust-building works the same way in executive impersonation: Familiarity opens the door, and AI walks right through it.

    Related: The Deepfake Threat is Real. Here Are 3 Ways to Protect Your Business

    What if someone deepfakes the C‑suite

    Ferrari came close to wiring funds after a live deepfake of their CEO. Only an assistant’s quick challenge about a personal security question stopped it. While no money was lost in this case, the incident raised concerns about how AI-enabled fraud might exploit executive workflows.

    Other companies weren’t so lucky. In the UAE case above, a deepfaked phone call and forged documents led to a $35 million loss. Only $400,000 was later traced to U.S. accounts — the rest vanished. Law enforcement never identified the perpetrators.

    A 2023 case involved a Beazley-insured company, where a finance director received a deepfaked WhatsApp video of the CEO. Over two weeks, they transferred $6 million to a bogus account in Hong Kong. While insurance helped recover the financial loss, the incident still disrupted operations and exposed critical vulnerabilities.

    The shift from passive misinformation to active manipulation changes the game entirely. Deepfake attacks aren’t just threats to reputation or financial survival anymore — they directly undermine trust and operational integrity.

    How to protect the C‑suite

    • Audit public executive content.

    • Limit unnecessary executive exposure in video/audio formats.

    • Ask: Does the CFO need to be in every public webinar?

    • Enforce multi-factor verification.

    • Always verify high-risk requests through secondary channels — not just email or video. Avoid putting full trust in any one medium.

    • Adopt AI-powered detection tools.

    • Use tools that fight fire with fire by leveraging AI features for AI-generated fake content detection:

      • Photo analysis: Detects AI-generated images by spotting facial irregularities, lighting issues or visual inconsistencies

      • Video analysis: Flags deepfakes by examining unnatural movements, frame glitches and facial syncing errors

      • Voice analysis: Identifies synthetic speech by analyzing tone, cadence and voice pattern mismatches

      • Ad monitoring: Detects deepfake ads featuring AI-generated executive likenesses, fake endorsements or manipulated video/audio clips

      • Impersonation detection: Spots deepfakes by identifying mismatched voice, face or behavior patterns used to mimic real people

      • Fake support line detection: Identifies fraudulent customer service channels — including cloned phone numbers, spoofed websites or AI-run chatbots designed to impersonate real brands

    But beware: Criminals use AI too and often move faster. At the moment, criminals are using more advanced AI in their attacks than we are using in our defense systems.

    Strategies that are all about preventative technology are likely to fail — attackers will always find ways in. Thorough personnel training is just as crucial as technology is to catch deepfakes and social engineering and to thwart attacks.

    Train with realistic simulations:

    Use simulated phishing and deepfake drills to test your team. For example, some security platforms now simulate deepfake-based attacks to train employees and flag vulnerabilities to AI-generated content.

    Just as we train AI using the best data, the same applies to humans: Gather realistic samples, simulate real deepfake attacks and measure responses.

    Develop an incident response playbook:

    Create an incident response plan with clear roles and escalation steps. Test it regularly — don’t wait until you need it. Data leaks and AI-powered attacks can’t be fully prevented. But with the right tools and training, you can stop impersonation before it becomes infiltration.

    Related: Jack Dorsey Says It Will Soon Be ‘Impossible to Tell’ if Deepfakes Are Real: ‘Like You’re in a Simulation’

    Trust is the new attack vector

    Deepfake fraud isn’t just clever code; it hits where it hurts — your trust.

    When an attacker mimics the CEO’s face or voice, they don’t just wear a mask. They seize the very authority that keeps your company running. In an age where voice and video can be forged in seconds, trust must be earned — and verified — every time.

    Don’t just upgrade your firewalls and test your systems. Train your people. Review your public-facing content. A trusted voice can still be a threat — pause and confirm.

    [ad_2]

    Ivan Shkvarun

    Source link

  • Lifetime Email Hosting: A Strategic Investment for Your Business | Entrepreneur

    [ad_1]

    Disclosure: Our goal is to feature products and services that we think you’ll find interesting and useful. If you purchase them, Entrepreneur may get a small share of the revenue from the sale from our commerce partners.

    TL;DR: Your inbox just got an upgrade. Choose BuzzEmailHost for $29.99 (reg. $49) and lock in on professional, reliable email for life without the burden of recurring costs.

    BuzzEmailHost is a business-grade email hosting service that gives you secure, professional email addresses tied to your own domain, along with tools to keep your communications organized and protected. For just $29.99 (reg. $49), you can lock in its Lifetime Tier 1 Business Email Hosting.

    You know how important first impressions are. Whether you’re pitching investors, closing deals, or following up with clients, the way you present yourself matters. With BuzzEmailHost, you can set up a branded email address (think you@yourcompany.com) to immediately position you as professional and trustworthy. And you get to do it without watching a monthly subscription drain your budget.

    Features that work as hard as you do

    Instead of committing to another recurring software bill, you make a single investment and enjoy the benefits for years. That kind of cost predictability is gold when you’re managing cash flow, freeing up funds for the growth moves that actually move your business forward.

    You also get enterprise-grade features that keep your communication secure and dependable. Advanced antivirus and spam filtering, email encryption, 99.99% uptime, and global data center support work behind the scenes so you can focus on business, not troubleshooting email issues, the company says. Every message you send arrives polished, protected, and on time, thereby helping you maintain the trust of your clients, partners, and team.

    The platform isn’t just about security, it’s built to help you work smarter. You’ll have access to email forwarding, autoresponders, a DMARC wizard, DKIM signatures, and customizable filters that keep your inbox organized. Plus, with 10 GB of storage per mailbox, you won’t be deleting important files or conversations just to make space.

    Switching to BuzzEmailHost is straightforward. The IMAP migration tool transfers your existing emails seamlessly, so you don’t lose a single thread of conversation. And because you get lifetime updates and support, you’re not left scrambling if you need help later down the line.

    Whether you’re running a lean startup, freelancing, or managing a small team, BuzzEmailHost is one of those rare tools that can pay for itself almost immediately.

    Get your lifetime subscription to BuzzEmailHost for $29.99 (MSRP $49).

    StackSocial prices subject to change.

    TL;DR: Your inbox just got an upgrade. Choose BuzzEmailHost for $29.99 (reg. $49) and lock in on professional, reliable email for life without the burden of recurring costs.

    BuzzEmailHost is a business-grade email hosting service that gives you secure, professional email addresses tied to your own domain, along with tools to keep your communications organized and protected. For just $29.99 (reg. $49), you can lock in its Lifetime Tier 1 Business Email Hosting.

    You know how important first impressions are. Whether you’re pitching investors, closing deals, or following up with clients, the way you present yourself matters. With BuzzEmailHost, you can set up a branded email address (think you@yourcompany.com) to immediately position you as professional and trustworthy. And you get to do it without watching a monthly subscription drain your budget.

    The rest of this article is locked.

    Join Entrepreneur+ today for access.

    [ad_2]

    Entrepreneur Store

    Source link

  • SIMS Software Earns CMMC Level 2 Certification

    [ad_1]

    SIMS Software announces CMMC 2.0 Level 2 Certification for SIMS Cloud 4.0, a certified cloud solution offering secure and compliant hosting for the national security community. 


    CARLSBAD, Calif., June 17, 2025 (Newswire.com)

    SIMS Software, the preeminent provider of security information management solutions, announced that their SIMS Cloud 4.0 offering has been awarded CMMC Level 2 certification meeting all 110 controls, with zero requirements for Plans of Action and Milestones (POA&Ms), reinforcing its position as the leader in providing secure, compliant solutions for the national security community.

    The Department of Defense program known as Cybersecurity Maturity Model Certification (CMMC) went into effect December 16, 2024, and requires a third-party assessment to ensure contractors are applying cybersecurity best practices for those handling sensitive unclassified information. SIMS Cloud 4.0 achieving Level 2 certification enables SIMS Software’s customers to comply with the DoD requirements to securely manage their sensitive and Controlled Unclassified Information (CUI).

    “This certification represents a major milestone in our ongoing commitment to helping cleared industry and government clients stay ahead of evolving compliance mandates and reflects our ongoing investment in securing the critical systems and data our customers rely on,” said Michael Struttmann, CEO at SIMS Software. “SIMS Cloud 4.0 offers our customers a secure, scalable, and fully managed cloud hosted solution that’s purpose-built for the complexity of classified operations-now with the confidence of CMMC Level 2 certification.”

    SIMS Software’s achievement has been the result of the company’s preparation over many years to build a rigorous security framework that led to a flawless assessment. Based on publicly available data from the CMMC ecosystem, SIMS Software is among the first 1% of approximately 76,000 cleared contractors to achieve CMMC 2.0 Level 2 certification, reflecting their early and proactive approach to cybersecurity compliance.

    As defense contractors and security professionals prepare for CMMC enforcement and increasing cybersecurity demands, SIMS Cloud 4.0 provides a compliant path forward, with subscription-based flexibility and rapid deployment, allowing organizations to modernize real-time data management needs without sacrificing resources and mission integrity.

    About SIMS Software

    For over 40 years, SIMS Software has been the preeminent software solution provider in digitizing and modernizing security information systems for the most demanding and at-risk customer sets. SIMS provides one fully integrated solution that harmonizes all security disciplines through modules that cover personnel security, classified asset tracking, insider threat detection, and facility access control. SIMS addresses massive gaps in security information management to streamline the orchestration of critical data and risk mitigation across one security domain.

    To learn more about SIMS Cloud 4.0, visit https://simssoftware.com/sims-cloud-4-0.

    Source: SIMS Software

    [ad_2]

    Source link

  • GrammaTech Appoints Lt. Gen. Bill Bender (Ret.), Cybersecurity and IT Leader, to Board of Directors

    [ad_1]


    ITHACA, N.Y., March 11, 2025 (Newswire.com)

    GrammaTech, Inc., a seasoned developer of advanced cyber capability in support of government, intelligence and mission-critical infrastructure is pleased to announce the appointment of Lieutenant General Bill Bender US Air Force (Ret.) to its Board of Directors. A seasoned board member, technology industry executive, and retired three-star general, Lt Gen Bender brings extensive expertise in IT, cybersecurity, and governance to the organization.

    With a distinguished career spanning the public and private sectors, Lt Gen Bender has held key leadership roles in technology, defense, and business strategy. As the former Chief Information Officer (CIO) of the United States Air Force (USAF), he oversaw a $17 billion IT budget and led a 54,000-person workforce, spearheading modernization and cybersecurity initiatives. His contributions to IT innovation included establishing the first Chief Information Security Officer (CISO) and Chief Data Officer (CDO) offices in the Department of Defense and launching the USAF’s Cloud First strategy.

    Lt Gen Bender also brings a wealth of experience from the private sector, having served as Senior Vice President at Leidos, where he played a pivotal role in driving business growth from $10 billion to $15 billion. He is a highly regarded board member and advisor, with experience on the boards of Tangram Flex, Smartsheet, and AFCEA International, where he previously served as Chair and currently contributes to the Cybersecurity Committee. Additionally, he provides strategic guidance to startups and enterprises through his role as a Principal at Deep Water Point & Associates and as a Strategic Growth Advisor at Keeper Technology.

    “We are thrilled to welcome Bill to our board. His exceptional leadership in technology, defense, and business strategy strengthens GrammaTech’s position at the forefront of cybersecurity and code modernization, working closely with the U.S. Department of Defense and Intelligence Community.” said Dan Goodwin, GrammaTech’s CEO. Ray DeMeo, GrammaTech Chief Growth Officer added “General Bender’s experience and strategic vision make him an invaluable teammate in support of our mission.”

    Throughout his career, Lt Gen Bender has played a critical role in shaping technology and security strategies for both government and commercial entities. His leadership in defense technology includes his tenure as Deputy Chief at the Office of Security Cooperation in Baghdad, where he led foreign military sales to Iraq, and his command of the USAF Expeditionary Center, overseeing global operations and sustainment.

    “I am honored to join the Board of GrammaTech at such an exciting time,” said General Bender. “I look forward to contributing my experience in technology, cybersecurity, and strategic growth to help drive the company’s mission forward.”

    The General also served in advisory roles for leading global organizations including Samsung, Cylance, Symantec, Tanium, Dun & Bradstreet, and Smartsheet.

    Contact Information

    Sarah Riggins
    Project Manager, GrammaTech
    sriggins@grammatech.com
    301-530-2900

    Source: GrammaTech

    [ad_2]

    Source link

  • Kryptowire Labs Changes Name to A2 Labs, LLC

    [ad_1]

    The name change reflects the company’s continued commitment to cybersecurity, xG technology, testbed development, and custom software solutions for government agencies and industry.


    ARLINGTON, Va., February 13, 2025 (Newswire.com)

    Kryptowire Labs is officially changing its name to A2 Labs, LLC. While the name is new, the company remains the same-offering the same expertise, leadership, and commitment to innovation that clients and partners have trusted for years.

    A2 Labs continues to specialize in cybersecurity, xG innovation, testbed development, and custom software solutions for government agencies and industry. The name change reflects continuity, not change, reinforcing the company’s long-standing dedication to providing mission-critical technology solutions.

    Same Mission, New Name

    “We are excited to officially operate under our new name, A2 Labs,” said Angelos Stavrou, President and Founder of A2 Labs. “This is a true name change, not a rebranding or shift in direction. Our mission remains the same-to deliver cutting-edge technology solutions that support government agencies, industry partners, and their most critical initiatives.”

    The transition also distinguishes A2 Labs from Kryptowire Inc., which spun out in 2021 and now operates independently as Quokka. Quokka focuses on enterprise mobile security and privacy solutions for apps and devices, expanding on its expertise in protecting mobile ecosystems.

    What This Means for Clients and Partners

    For government agencies, industry partners, and collaborators, the name change has no impact on existing operations, contracts, or relationships. A2 Labs remains the same company with the same team, expertise, and commitment to innovation.

    About A2 Labs, LLC

    A2 Labs, LLC (formerly Kryptowire Labs) is a leading provider of cybersecurity, xG technology, testbeds, and custom software solutions for government agencies and industry. With a legacy of research excellence and mission-driven innovation, A2 Labs continues to empower organizations with cutting-edge technology solutions. To learn more, visit www.a2labs.com.

    Contact Information

    Susan Kloss
    VP Operations
    info@a2labs.com
    7037550036

    Source: A2 Labs, LLC

    [ad_2]

    Source link

  • Okta vulnerability allowed accounts with long usernames to log in without a password

    Okta vulnerability allowed accounts with long usernames to log in without a password

    [ad_1]

    In a new security advisory, Okta has revealed that its system had a vulnerability that allowed people to log into an account without having to provide the correct password. Okta bypassed password authentication if the account had a username that had 52 or more characters. Further, its system had to detect a “stored cache key” of a previous successful authentication, which means the account’s owner had to have previous history of logging in using that browser. It also didn’t affect organizations that require multi-factor authentication, according to the notice the company sent to its users.

    Still, a 52-character username is easier to guess than a random password — it could be as simple as a person’s email address that has their full name along with their organization’s website domain. The company has admitted that the vulnerability was introduced as part of a standard update that went out on July 23, 2024 and that it only discovered (and fixed) the issue on October 30. It’s now advising customers who meet all of the vulnerability’s conditions to check their access log over the past few months.

    Okta provides software that makes it easy for companies to add authentication services to their application. For organizations with multiple apps, it gives users access to a single, unified log-in so they don’t have to verify their identities for each application. The company didn’t say whether it’s aware of anybody who’s been affected by this specific issue, but it promised to “communicate more rapidly with customers” in the past after the threat group Lapsus$ accessed a couple of users’ accounts.

    [ad_2]

    Mariella Moon

    Source link

  • Florida Man Accused of Hacking Disney World Menus, Changing Font to Wingdings

    Florida Man Accused of Hacking Disney World Menus, Changing Font to Wingdings

    [ad_1]

    With just days to go until the 2024 presidential election in the United States, WIRED reported on documents that revealed US government assessments about multiple components of election security and stability. First obtained by the national security transparency nonprofit Property of the People, one report distributed by the US Department of Homeland Security in October assessed that financially motivated cybercriminals and ideologically motivated hacktivists are more likely than state-backed hackers to attack US election infrastructure. Another government memo warned of the risk to the election of insider threats, noting that such internal malfeasance “could derail or jeopardize a fair and transparent election process.”

    With so much at stake in a hyper-polarized and combative climate, US elections have become increasingly militarized, with bulletproof glass, drones, defensive blockades, and snipers protecting election offices, and election officials bracing for the possibility of violent attacks. A WIRED investigation also revealed a successful CIA hack of Venezuela’s military payroll system that was part of a clandestine Trump administration effort to overthrow the country’s autocratic president, Nicolás Maduro.

    In other cybersecurity news, WIRED did a deep dive into the firewall vendor Sophos’ five-year turf war to try to remove Chinese hackers running espionage operations on some vulnerable devices—and keep them out. And researchers warn that a “critical” zero-click vulnerability in a default photo app on Synology network-attached storage devices could be exploited by hackers to steal data or infiltrate networks.

    As always, there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

    A Disney employee who was fired from the company and still had access to its passwords allegedly hacked into the software used by Walt Disney World’s restaurants, according to reporting by 404 Media and Court Watch. A criminal complaint against Michael Scheuer claims he repeatedly accessed the third-party menu-creation system created for Disney and changed menus, including changing fonts to Windings—the font made up entirely of symbols.

    “The fonts were renamed by the threat actor to maintain the name of the original font, but the actual characters appeared as symbols,” the criminal complaint says. “As a result of this change, all of the menus within the database were unusable because the font changes propagated throughout the database.”

    The allegations aren’t limited to whimsical font vandalism, however. The federal complaint also details how Scheuer allegedly changed menu listings to say that foods with peanuts in them were safe for people with allergies, tried to log into Disney employees’ accounts, locked 14 employees out of their accounts by trying to log in with an automated script, and maintained a folder of personal information about employees and turned up at one person’s home. A lawyer representing Scheuer did not comment on the allegations.

    For the past few years, infostealers have become a popular tool of choice for hackers, from cybercriminals trying to make money to sophisticated nation state groups. The malware, which is often bundled into pirated software, uses web browsers to collect usernames and passwords, cookies, financial information, and other data you enter into your computer. This week, cops around the world took down the Redline infostealer, which has been used to grab more than 170 million pieces of information and has been linked to large-scale hacks. An almost identical infostealer called Meta was also disrupted. As part of Operation Magnus, US officials identified Russian national Maxim Rudometov as being behind the development of Redline. As TechCrunch reports, Rudometov was identified following a series of operational security errors, including reusing online handles and emails across social media apps and other websites. In its criminal complaint, the US Department of Justice pointed out Rudometov’s dating profile, which apparently has “liked” 89 other users and received no likes in return.

    In January 2018, it emerged that GPS data from running and cycling app Strava could expose secret military locations and the movements of people exercising around them. Officials warned that it was a clear security risk. Years later, many seemingly haven’t paid attention. French newspaper Le Monde has revealed in a series of stories that US Secret Service agents are leaking their data through the fitness app, allowing the movements of Joe Biden, Donald Trump, and Kamala Harris to be tracked. Security staff linked to French president Emmanuel Macron and Russian president Vladimir Putin are similarly exposing their movements. Those exposing their data used public profiles and often posted runs starting or finishing at the locations they were staying during official trips. Included in the leaks were bodyguards linked to Putin who were running near a palace the Russian leader has denied owning.

    Italian prosecutors placed four people under house arrest and revealed they are investigating at least 60 others after an intelligence firm in the country allegedly hacked government databases and gathered information on more than 800,000 people. Intelligence company Equalize allegedly gathered information about some of Italy’s most prominent politicians, entrepreneurs, and sports stars, Politico reported. It is alleged that the information accessed included bank transactions, police investigations, and more. The hacked information was reportedly sold or potentially used as part of extortion attempts, with those behind the scheme allegedly earning €3.1 million. The scandal, which has enraged Italian politicians, may also be wider than just its impact in Italy, with the latest reports suggesting Equalize counted Israeli intelligence and the Vatican as clients.

    [ad_2]

    Matt Burgess, Lily Hay Newman

    Source link

  • Cybercriminals Pose a Greater Threat of Disruptive US Election Hacks Than Russia or China

    Cybercriminals Pose a Greater Threat of Disruptive US Election Hacks Than Russia or China

    [ad_1]

    Russian, Chinese, and Iranian state-backed hackers have been active throughout the 2024 United States campaign season, compromising digital accounts associated with political campaigns, spreading disinformation, and probing election systems. But in a report from early October, the threat-sharing and coordination group known as the Election Infrastructure ISAC warned that cybercriminals like ransomware attackers pose a far greater risk of launching disruptive attacks than foreign espionage actors.

    While state-backed actors were emboldened following Russia’s meddling in the 2016 US presidential election, the report points out that they favor intelligence-gathering and influence operations rather than disruptive attacks, which would be viewed as direct hostility against the US government. Ideologically and financially motivated actors, on the other hand, generally aim to cause disruption with hacks like ransomware or DDoS attacks.

    The document was first obtained by the national security transparency nonprofit Property of the People and viewed by WIRED. The US Department of Homeland Security, which contributed to the report and distributed it, did not return WIRED’s requests for comment. The Center for Internet Security, which runs the Election Infrastructure ISAC, declined to comment.

    “Since the 2022 midterm elections, financially and ideologically motivated cyber criminals have targeted US state and local government entity networks that manage or support election processes,” the alert states. “In some cases, successful ransomware attacks and a distributed denial-of-service (DDoS) attack on such infrastructure delayed election-related operations in the affected state or locality but did not compromise the integrity of voting processes … Nation-state-affiliated cyber actors have not attempted to disrupt US elections infrastructure, despite reconnaissance and occasionally acquiring access to non-voting infrastructure.”

    According to DHS statistics highlighted in the report, 95 percent of “cyber threats to elections” were unsuccessful attempts by unknown actors. Two percent were unsuccessful attempts by known actors, and 3 percent were successful attempts “to gain access or cause disruption.” The report emphasizes that threat intelligence sharing and collaboration between local, state, and federal authorities help prevent breaches and mitigate the fallout of successful attacks.

    In general, government-backed hackers may stoke geopolitical tension by conducting particularly aggressive digital espionage, but their activity isn’t inherently escalatory so long as they are abiding by espionage norms. Criminal hackers are bound by no such restrictions, though they can call too much attention to themselves if their attacks are too disruptive and risk a law enforcement crackdown.

    [ad_2]

    Lily Hay Newman, Dell Cameron

    Source link

  • Train Your Company to Avoid Costly Data Breaches With This $30 Bundle | Entrepreneur

    Train Your Company to Avoid Costly Data Breaches With This $30 Bundle | Entrepreneur

    [ad_1]

    Disclosure: Our goal is to feature products and services that we think you’ll find interesting and useful. If you purchase them, Entrepreneur may get a small share of the revenue from the sale from our commerce partners.

    Data breaches can be devastating for businesses, costing an average of $3.92 million per incident, according to a recent Security Intelligence report. As a business owner, safeguarding your company from such risks is crucial, especially as cyber threats become more sophisticated and prevalent.

    Understanding the fundamentals of security and risk management is no longer optional; it’s essential. The CISSP Security & Risk Management Training Bundle offers comprehensive training designed to arm you and your team with the skills needed to effectively navigate these challenges. This comprehensive risk management training bundle is available for $29.97 (reg. $424) but only during this limited-time sale.

    Essential IT training for your team

    This training bundle includes eight courses covering vital domains in Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security and more.

    The first course in the bundle focuses on Security and Risk Management, which lays the groundwork for all subsequent domains. It covers key topics such as security governance, compliance, risk management concepts, and the development of security policies.

    Asset Security delves into managing and protecting critical organizational assets. This includes understanding data ownership, data classification, and implementing appropriate data security controls.

    Security Engineering is where you’ll get to study the engineering lifecycle and the various security components necessary to protect data structures and physical facilities. You’ll explore vulnerabilities in security architectures and the essential role of cryptography in information security.

    These three are just the introductory courses. Dedicated professionals can tackle all eight courses and apply what you’ve learned to your own security infrastructure.

    The bundle goes beyond theory, diving into the practical aspects of security engineering. Courses within this area teach how to identify and mitigate vulnerabilities, apply cryptographic tools, and build secure facilities and systems. These lessons empower businesses to engineer robust defenses that are both scalable and adaptable to future threats.

    Train your own cybersecurity team

    Invest in your company’s cybersecurity.

    October 27 at 11:59 p.m. PT is the deadline to get the CISSP Security and Risk Management Training Bundle on sale for $29.97.

    StackSocial prices subject to change.

    [ad_2]

    StackCommerce

    Source link

  • Chinese Hackers Target Trump Campaign via Verizon Breach

    Chinese Hackers Target Trump Campaign via Verizon Breach

    [ad_1]

    The Chinese spy operation adds to the growing sense of a melee of foreign digital interference in the election, which has already included Iranian hackers’ attempt to hack and leak emails from the Trump campaign—with limited success—and Russia-linked disinformation efforts across social media.

    Ahead of the full launch next week of Apple’s AI platform, Apple Intelligence, the company debuted tools this week for security researchers to evaluate its cloud infrastructure known as Private Cloud Compute. Apple has gone to great lengths to engineer a secure and private AI cloud platform, and this week’s release includes extensive detailed technical documentation of its security features as well as a research environment that is already available in the macOS Sequoia 15.1 beta release. The testing features allow researchers (or anyone) to download and evaluate the actual version of PCC software that Apple is running in the cloud at a given time. The company tells WIRED that the only modifications to the software relate to optimizing it to run in the virtual machine for the research environment. Apple also released the PCC source code and said that as part of its bug bounty program, vulnerabilities that researchers discover in PCC will be eligible for a maximum bounty payout of up to $1 million.

    Over the summer, Politico, The New York Times, and The Washington Post each revealed that they’d been approached by a source offering hacked Trump campaign emails—a source whom the US Justice Department says was working on behalf of the Iranian government. The news outlets all refused to publish or report on those stolen materials. Now it appears that Iran’s hackers did eventually find outlets outside the mainstream media that were willing to release those emails. American Muckrakers, a PAC run by a Democratic operative, did publish the documents after soliciting them in a public post on X, writing, “Send it to us and we’ll get it out.”

    American Muckrakers then published internal Trump campaign communications about North Carolina Republican gubernatorial candidate Mark Robinson and Florida Republican representative Anna Paulina Luna, as well as material that seemed to suggest a financial arrangement between Donald Trump and Robert F. Kennedy Jr., the third-party candidate who dropped out of the race and endorsed Trump. Independent journalist Ken Klippenstein also received and published some of the hacked material, including a research profile on Trump running mate and US senator JD Vance that the campaign assembled when assessing him for the role. Klippenstein subsequently received a visit from the FBI, he’s said, warning him that the documents were shared as part of a foreign influence campaign. Klippenstein has defended his position, arguing that the media should not serve as “gatekeeper of what the public should know.”

    As Russia has both waged war and cyberwar against Ukraine, it’s also carried out a vast campaign of hacking against another neighbor to the west with whom it’s long had a fraught relationship: Georgia. Bloomberg this week revealed ahead of the Georgian election how Russia systematically penetrated the smaller country’s infrastructure and government in a yearslong series of digital intrusion operations. From 2017 to 2020, for instance, Russia’s military intelligence agency, the GRU, hacked Georgia’s Central Election Commission (just as it did in Ukraine in 2014), multiple media organizations, and IT systems at the country’s national railway company—all in addition to the attack on Georgian TV stations that the NSA pinned on the GRU’s Sandworm unit in 2020. Meanwhile, hackers known as Turla, working for the Kremlin’s KGB successor, the FSB, broke into Georgia’s Foreign Ministry and stole gigabytes of officials’ emails over months. According to Bloomberg, Russia’s hacking efforts weren’t limited to espionage but also appeared to include preparing for disruption of Georgian infrastructure like the electric grid and oil companies in the event of an escalating conflict.

    For years, cybersecurity professionals have argued about what constitutes a cyberattack. An intrusion designed to destroy data, cause disruption, or sabotage infrastructure? Yes, that’s a cyberattack. A hacker breach to steal data? No. A hack-and-leak operation or an espionage mission with a disruptive clean-up phase? Probably not, but there’s room for debate. The Jerusalem Post this week, however, achieved perhaps the clearest-cut example of calling something a cyberattack—in a headline no less—that is very clearly not: disinformation on social media. The so-called “Hezbollah cyberattack” that the news outlet reported was a collection of photos of Israeli hospitals posted by “hackers” identifying as Hezbollah supporters that suggested weapons and cash were stored underneath them and that they should be attacked. The posts seemingly came in response to the Israeli Defense Forces’ repeating similar claims about hospitals in Gaza that the IDF has bombed, as well as another more recently in Lebanon’s capital city of Beirut.

    “These are NOT CYBERATTACKS,” security researcher Lukasz Olejnik, the author of the books The Philosophy of Cybersecurity and Propaganda, wrote next to a screenshot of the Jerusalem Post headline on X. “Posting images to social media is not hacking. Such a bad take.”

    [ad_2]

    Lily Hay Newman, Andy Greenberg

    Source link

  • Exposed United Nations Database Left Sensitive Information Accessible Online

    Exposed United Nations Database Left Sensitive Information Accessible Online

    [ad_1]

    A database containing sensitive, sometimes personal information from the United Nations Trust Fund to End Violence Against Women was openly accessible on the internet, revealing more than 115,000 files related to organizations that partner with or receive funding from UN Women. The documents range from staffing information and contracts to letters and even detailed financial audits about organizations working with vulnerable communities around the world, including under repressive regimes.

    Security researcher Jeremiah Fowler discovered the database, which was not password protected or otherwise access controlled, and disclosed the finding to the UN, which secured the database. Such incidents are not uncommon, and many researchers regularly find and disclose examples of exposures to help organizations correct data management mistakes. But Fowler emphasizes that this ubiquity is exactly why it is important to continue to raise awareness about the threat of such misconfigurations. The UN Women database is a prime example of a small error that could create additional risk for women, children, and LGBTQ people living in hostile situations worldwide.

    “They’re doing great work and helping real people on the ground, but the cybersecurity aspect is still critical,” Fowler tells WIRED. “I’ve found lots of data before, including from all sorts of government agencies, but these organizations are helping people who are at risk just for being who they are, where they are.”

    A spokesperson for UN Women tells WIRED in a statement that the organization appreciates collaboration from cybersecurity researchers and combines any outside findings with its own telemetry and monitoring.

    “As per our incident response procedure, containment measures were rapidly put in place and investigative actions are being taken,” the spokesperson said of the database Fowler discovered. “We are in the process of assessing how to communicate with the potential affected persons so that they are aware and alert as well as incorporating the lessons learned to prevent similar incidents in the future.”

    The data could expose people in multiple ways. At the organizational level, some of the financial audits include bank account information, but more broadly, the disclosures provide granular detail on where each organization gets its funding and how it budgets. The information also includes breakdowns of operating costs, and details about employees that could be used to map the interconnections between civil society groups in a country or region. Such information is also ripe for abuse in scams since the UN is such a trusted organization, and the exposed data would provide details on internal operations and potentially serve as templates for malicious actors to create legitimate-looking communications that purport to come from the UN.

    [ad_2]

    Lily Hay Newman

    Source link

  • Simplifying data security in healthcare using AI

    Simplifying data security in healthcare using AI

    [ad_1]

    In today’s rapidly evolving healthcare landscape, organizations like Amedisys are facing a unique challenge: how to serve more than 415,000 patients with 21,000 clinicians while balancing a seamless user experience with security and compliance. Home care improves accessibility but also complicates security. “Organizational data has become ambient,” says Richard Kaufmann, former chief information security officer at Amedisys. “If data is everywhere, how do you protect it?” 

    Amedisys is successfully addressing this challenge by integrating modern security tools to manage permissions, update security protocols, and respond to threats quickly. As a result, it has streamlined operations and can focus on what truly matters: —delivering the best possible care to patients. This practical application of AI not only boosts efficiency but also provides peace of mind for both the organization and its patients. 

    Addressing the complexity of data security in home health 

    For healthcare organizations, leveraging technology to improve workflows is crucial. Healthcare professionals are acutely aware of the need to keep patient information private, yet every interaction generates data that may be shared with multiple organizations involved in the patient’s care. 

    This decentralization of healthcare—including the rise in telemedicine and home health services—adds layers of complexity to data security. Accidental disclosures are a significant risk, along with phishing and data theft. According to the 2024 Microsoft Digital Defense Report, 90% of organizations are exposed to at least one attack path. 

    That’s where flexible and reliable security solutions come into play. Organizations are adopting AI across industries, including healthcare. And AI in security offers a unique opportunity for highly regulated organizations, where compliance is an essential aspect of their operations. Amedisys offers a clear example of what’s possible with a combination of innovative technology and organizational buy-in. 

    For more information about security trends and the latest strategies, download the 2024 Microsoft Digital Defense Report

    Achieving AI-driven security 

    Amedisys needed a scalable, secure platform that would work in various environments. The company found its answer in cost-effective healthcare solutions that include data encryption, threat detection, and rapid response capabilities. 

    As a result, Amedisys doesn’t have to prioritize data and cost optimization over innovation. “There’s a balancing act here between cost and value,” says Kaufmann. “It’s about aligning company objectives with keeping data private in the most effective way possible.”  

    Cybersecurity is also a balancing act between innovation and compliance with regulations such as HIPAA. “At Amedisys we use the full Microsoft 365 E5 suite of security tools,” says Kaufmann. “We’ve had access to some amazing expertise from within the walls of Microsoft as we started implementing that platform.” Microsoft 365 E5 promotes safe, compliant AI adoption by helping organizations safeguard sensitive data, identify risks, and assess compliance with regulatory requirements. 

    Using Microsoft technology, companies can trust that patient data is secure and focus on delivering excellent healthcare. Whether they work entirely in the cloud or employ a hybrid architecture, businesses can use AI-powered solutions to protect data across all environments. 

    Learn more about the latest capabilities for deploying AI securely

    Optimizing for data transparency and protection using AI 

    Being transparent with customers is a keystone of data security. “It should be a simple exercise for a patient to understand where their data is going, and more importantly, why,” says Kaufmann. Companies using Microsoft solutions can take advantage of built-in security and AI features without sacrificing transparency. Amedisys is integrating AI seamlessly into existing workflows using Microsoft solutions, so healthcare organizations can enhance their employees’ productivity and drive better patient outcomes while maintaining transparency.  

    The best way healthcare organizations like Amedisys can overcome complex security challenges and improve patient care is to go with a single provider with a variety of services. “Amedisys has been investing heavily in Microsoft Security solutions for that very reason,” says Kaufmann. “Not only do the individual products meet our requirements, but there is added simplicity in those security products having native functionality to our productivity suite.” 

    Amedisys is using AI-powered tools like Microsoft 365 Copilot, which empowers the company to maintain data protection across all platforms. Microsoft continues to improve its security offerings and launch new AI-powered features that promote innovation and adapt to future industry needs. 

    Strengthening security with a comprehensive approach 

    Healthcare companies like Amedisys are using AI to transform their approach to security while maintaining regulatory compliance. As healthcare evolves and data becomes even more complex, companies adopting innovative, secure technologies will be best positioned to thrive, and their patients will benefit from enhanced transparency and better care. 

    Learn more about Microsoft security solutions and AI with these resources: 

    [ad_2]

    George Jones

    Source link

  • ICE’s $2 Million Contract With a Spyware Vendor Is Under White House Review

    ICE’s $2 Million Contract With a Spyware Vendor Is Under White House Review

    [ad_1]

    A $2 million contract that United States Immigration and Customs Enforcement signed with Israeli commercial spyware vendor Paragon Solutions has been paused and placed under compliance review, WIRED has learned.

    The White House’s scrutiny of the contract marks the first test of the Biden administration’s executive order restricting the government’s use of spyware.

    The one-year contract between Paragon’s US subsidiary in Chantilly, Virginia, and ICE’s Homeland Security Investigations (HSI) Division 3 was signed on September 27 and first reported by WIRED on October 1. A few days later, on October 8, HSI issued a stop-work order for the award “to review and verify compliance with Executive Order 14093,” a Department of Homeland Security spokesperson tells WIRED.

    The executive order signed by President Joe Biden in March 2023 aims to restrict the US government’s use of commercial spyware technology while promoting its “responsible use” that aligns with the protection of human rights.

    DHS did not confirm whether the contract, which says it covers a “fully configured proprietary solution including license, hardware, warranty, maintenance, and training,” includes the deployment of Paragon’s flagship product, Graphite, a powerful spyware tool that reportedly extracts data primarily from cloud backups.

    “We immediately engaged the leadership at DHS and worked very collaboratively together to understand exactly what was put in place, what the scope of this contract was, and whether or not it adhered to the procedures and requirements of the executive order,” a senior US administration official with first-hand knowledge of the workings of the executive order tells WIRED. The official requested anonymity to speak candidly about the White House’s review of the ICE contract.

    Paragon Solutions did not respond to WIRED’s request to comment on the contract’s review.

    The process laid out in the executive order requires a robust review of the due diligence regarding both the vendor and the tool, to see whether any concerns, such as counterintelligence, security, and improper use risks, arise. It also stipulates that an agency may not make operational use of the commercial spyware until at least seven days after providing this information to the White House or until the president’s national security adviser consents.

    “Ultimately, there will have to be a determination made by the leadership of the department. The outcome may be—based on the information and the facts that we have—that this particular vendor and tool does not spur a violation of the requirements in the executive order,” the senior official says.

    [ad_2]

    Vas Panagiotopoulos

    Source link

  • Google Chrome’s uBlock Origin Purge Has Begun

    Google Chrome’s uBlock Origin Purge Has Begun

    [ad_1]

    And that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

    If you use uBlock Origin’s Chrome extension to filter out online ads, expect to get mildly annoyed in the near future. Google has begun implementing new Chrome extension standards, called Manifest V3, that will disable the legacy version of uBlock Origin’s extension that most users likely have installed. And while you might be thinking, “Google is a silverback gorilla of online advertising, of course they’re finally forcing me to see ads!” there is some good news. A new version of the ad-filtering extension that meets the Manifest V3 standards, uBlock Origin Lite, is now available. Then again, it won’t block as much as the previous iteration of uBlock. Still, as a Google spokesperson told The Verge, you have options: “The top content filtering extensions all have Manifest V3 versions available — with options for users of AdBlock, Adblock Plus, uBlock Origin and AdGuard.” Either way, you’ll need to install a new extension soon.

    US authorities announced charges this week against a 25-year-old Alabama man accused of hacking the Security and Exchange Commission’s X account. Prosecutors claim Eric Council Jr. obtained personal information and the materials for a fake ID of a person who controlled the @SECGov account from unidentified coconspirators. Council allegedly used the fake ID to carry out a SIM-swapping attack, duping AT&T retail store staff into giving him a new SIM card, which he ultimately used to take control of the victim’s phone account. The coconspirators used that to gain access to the SEC’s X account, where they posted a fake announcement about Bitcoin’s regulatory status, which was followed by a price jump of $1,000 per bitcoin. Council stands charged of conspiracy to commit aggravated identity theft and access device fraud.

    The grocery store chain Kroger has never used facial-recognition technology broadly in its stores and has no current plans to, a spokesperson told Fast Company this week. The company has been facing a firestorm over its use of electronic shelving labels over concerns that ESLs could be used to impose surge pricing on popular items, and fears that the devices could also be deployed with facial recognition. The company did a single-store facial-recognition pilot of a technology called EDGE in 2019, but it did not move forward with the service. US lawmakers including Rashida Tlaib, Elizabeth Warren, and Robert Casey have publicly raised concerns about Kroger’s use of ESLs.

    Microsoft told customers that it failed to capture more than two weeks of security logs from certain cloud services in September, including Microsoft Entra, Sentinel, Defender for Cloud, and Purview. News of the lost logs was first reported by Business Insider. The company said in the notification that “a bug in one of Microsoft’s internal monitoring agents resulted in a malfunction in some of the agents when uploading log data to our internal logging platform.” The blank extends from September 2 to September 19. A Microsoft executive confirmed to TechCrunch that the incident was caused by an “operational bug within our internal monitoring agent.”

    System activity logs are crucial for all sorts of operations and are particularly used for security monitoring and investigations, because they can expose breaches and malicious activity. After Russian hackers breached US government networks through SolarWinds software in 2020, many agencies couldn’t detect the activity in their Microsoft Azure cloud services because they weren’t paying for Microsoft’s premium tier features, so they didn’t have adequate network activity logs. Lawmakers were outraged about the up-charge, and the Biden administration worked for more than two years to get Microsoft to make the logging services free. The company ultimately announced the change in July 2023.

    [ad_2]

    Lily Hay Newman, Andrew Couts

    Source link

  • After rejecting Google takeover, cyber firm Wiz says it will IPO ‘when the stars align’

    After rejecting Google takeover, cyber firm Wiz says it will IPO ‘when the stars align’

    [ad_1]

    LONDON — Cybersecurity firm Wiz is seeking to hit $1 billion of annual recurring revenues next year, the company’s billionaire co-founder Roy Reznik told CNBC, adding that the firm will go public “when the stars align.”

    Wiz makes software that connects to cloud storage providers like Amazon Web Services or Microsoft Azure and scans for everything it stores in the cloud, helping organizations identify and remove risks in their cloud environments. It was founded by four Israeli friends while they served in 8200, the intelligence unit of Israel’s army, and most of Wiz’s engineering personnel are still based in Tel Aviv, Israel.

    Earlier this year, the company rejected a $23-billion acquisition bid from Google, which would have marked the tech giant’s largest-ever takeover. At the time, Wiz CEO Assaf Rappaport said the startup was “flattered” by the offer, but would remain an independent company and aim to list instead.

    Speaking with CNBC at Wiz’s new office space in London, Reznik said that the company has received offers from “many people that want to get their hands on Wiz stock” — but that, while “very flattering,” the firm still thinks it can do it alone by going public.

    “We’ve already broken a few records as a private company, and we believe we can also break a few more records as an independent public company as well,” Reznik said.

    Four-year-old Wiz has raised $1.9 billion in venture capital to date, including $1 billion secured this year in a funding round led by Andreessen Horowitz, Lightspeed Venture Partners and Thrive Capital at a valuation of $12 billion.

    In 2022, Wiz said it had reached $100 million in annual recurring revenue (ARR), up from just $1 million in 18 months. At the time, the startup said it was “the fastest software company to achieve this feat.”

    Reznik, who is the vice president of research and development at Wiz, said the firm now hopes to double from the $500 million of ARR it achieved this year and hit $1 billion in ARR in 2025, which CEO Rappaport cited as a key condition before the company goes public.

    UK expansion

    Wiz has been expanding its presence internationally, with a particular focus on Europe, from where it sources 35% of its revenues. Last month, the firm opened its first European office in London.

    Wiz co-founder discusses the company's expansion into the UK

    “I think the talent here is amazing, and the ecosystem is amazing,” Reznik told CNBC. “We have always been very much involved in Europe — and specifically the U.K. — and I feel like it’s a natural evolvement of Wiz to double down even more here in London and the U.K.”

    The U.K. represents a major growth opportunity when it comes to cybersecurity, Reznik said, adding that recent events like the cyberattack on National Health Service hospitals and an incident affecting Transport for London have “roof topped” the level of interest in the kinds of products Wiz offers.

    “The cloud market is going to reach $1 trillion over the next next few years,” Reznik, who moved from Israel to the U.K. just three months ago, told CNBC. “This year is going to be around $700 million, while security is just 4% out of that, I would say. So that makes it a $30 billion market, which is huge.”

    Speaking about the U.K. market, Reznik said: “We see a lot of interest here. Many of the largest banks and retailers, are Wiz customers. But we’re also seeing a huge potential for growth.”

    Wiz’s customers include online retailer ASOS and digital bank Revolut as customers in the U.K.

    [ad_2]
    Source link

  • Embracing AI to defend against cyberthreats

    Embracing AI to defend against cyberthreats

    [ad_1]

    In today’s rapidly evolving digital world, AI is no longer a futuristic concept—it’s transforming industries right now. As industries and organizations worldwide accelerate their AI adoption, businesses are realizing productivity and efficiency gains that can fuel new growth and innovation. Securing the future of AI means acknowledging the dual nature of this technology: it brings new capabilities as well as new vulnerabilities, particularly for data security. 

    As cyberattacks become more advanced, how can industries minimize risk while reaping the benefits of generative AI? It has never been more important to deploy and use AI securely. New security capabilities are helping businesses identify and defend against threats more quickly. Implementing these AI-driven security measures not only safeguards your data but also enhances customer trust and can drive business growth. 

    A holistic security strategy based on the principles of responsible AI can accelerate your organization’s digital transformation. Microsoft is committed to the advancement of AI driven by ethical principles so businesses can implement best practices to augment existing workflows and still achieve a stronger overall security posture. 

    As you embrace new security technologies and opportunities, consider the following aspects of AI and cybersecurity: 

    As AI reshapes the business environment, it is also changing the tactics and capabilities of malicious actors, creating an ever-evolving cyberthreat landscape.  Adopting a security stack that manages, protects, and governs data, identities, endpoints, and cloud assets empowers businesses to deploy AI capabilities safely. Unlocking access to data with generative AI or other AI-powered tools must be done with care to help protect sensitive information from potential leaks or unauthorized access. Organizations in financial services, government, healthcare industries, and others face strict privacy and compliance regulations, with significant implications for AI-related security breaches. 

    Fintech company Saphyre reduced manual processes by 75% when it used Microsoft Azure to create a cloud-based solution for investment firms and service providers seeking to perform trades efficiently. To strengthen its security posture and protect both financial institutions and clients, Saphyre relies on a comprehensive approach that uses Microsoft security solutions to safeguard data and manage their endpoint security. 

    By sharing data more securely, clients can be ready to trade three to five times faster compared to manual onboarding, increasing revenue opportunities by completing trades more quickly and at better prices. “In addition to Azure, we layered on Microsoft security products,” says Michael Brandi, Chief Information Officer of Saphyre. “These technologies help Saphyre serve global enterprises with a small team.” 

    For industries ready to accelerate their digital transformation, AI security solutions empower businesses with trust, transparency, and strong built-in security features. Every day, Microsoft synthesizes more than 78 trillion signals, using data analytics and AI to understand and help protect against digital threats, according to the 2024 Microsoft Digital Defense Report. A robust security strategy can help your organization drive innovation and creativity with AI-powered capabilities while protecting your sensitive information. 

    Read more about balancing innovation and security 

    SEC20_Security_029

    Security solutions that use AI defend against cyberthreats in several ways. Using AI-powered security solutions can speed up risk detection, help in blocking malicious access, and expand continuous monitoring at massive scales. With 3 million unfilled positions worldwide, it is critical to have these capabilities bridge the skills gap in the cybersecurity workforce. 

    Microsoft Copilot for Security is a generative AI–powered assistant that helps protect your digital infrastructure at the speed and scale of AI. With Copilot for Security, organizations can gain key insights from large datasets, get critical guidance to security teams quickly, and receive practical tips for common security tasks in seconds. One study showed that new-in-career security analysts who used Copilot for Security were 44% more accurate and 26% faster across all tasks. Of those surveyed, 86% reported that it helped them improve the quality of their work. 

    Businesses that adopt AI-powered security solutions are realizing the benefits of accelerated upskilling, step-by-step guidance for response, and faster threat remediation. Specialty materials manufacturer Eastman has a vast global network of contacts that drive its business, creating a significant attack surface for malicious actors. Incorporating Copilot for Security into the company’s comprehensive security architecture helps junior analysts upskill more quickly and allows security teams to rapidly respond to potential threats. 

    “I enjoy the passion I see ignited in our teams,” says Adam Keown, Chief Information Security Officer of Eastman. “That means a more productive, effective team. The speed at which we’re able to use Copilot for Security to pull threat information across time zones and extensive geographies is a huge advantage.” 

    Explore more about using AI for proactive security 

    Back to security fundamentals with AI

    Although AI presents novel risks, understanding and applying updated security best practices is still critical to data protection. The steps you’re taking to enhance data security can work alongside the new AI technologies that you adopt. For example, multifactor authentication and Zero Trust principles can reduce instances of unauthorized access and limit the impact of attacks by requiring explicit verification and using least-privilege access. 

    Responsible AI practices are driven by underlying ethical principles to promote trust in how the capabilities are used. Security teams must approach AI with a full understanding of its benefits and limitations. Microsoft solutions that incorporate AI have built-in transparency, so organizations can understand how they work to help protect user data. Thus, teams can focus on defending against attacks, avoiding leaks, and guarding sensitive data. Organizations that incorporate Microsoft Purview into their security stack can govern their entire data estate while meeting compliance regulations. 

    One of Peru’s leading insurance companies, Pacífico Seguros, designed a holistic security architecture where all security components operate together to increase cybersecurity. The company’s strategy is based on the six core pillars of Zero Trust, and its combination of Microsoft security products has reduced low latency incidents related to security technology by 95%. 

    By adopting a strategic security outlook, Pacífico Seguros has become a leading expert for cybersecurity in the region. “This isn’t a journey with a beginning and an end, but a radical mindset change,” says José Carlos Vargas, IT Security Manager at Pacífico Seguros. 

    Learn more about secure implementation of AI 

    Empowering security teams with AI

    IT team member inside a secure room looking at data displayed on a large monitor behind glass walls with reflections.

    Innovative technologies such as AI might present new vulnerabilities, but they also provide revolutionary tools to help protect against threats. You can empower your security team with AI to guard users’ data in this rapidly changing security landscape. 

    Microsoft Logo

    [ad_2]

    Microsoft in Business Team

    Source link

  • Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals

    Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals

    [ad_1]

    In December of 2023, for instance, Anonymous Sudan took OpenAI’s ChatGPT offline with a sustained series of DDoS attacks in response to the company’s executive Tal Broda vocally supporting the Israel Defense Forces’ missile attacks in Gaza. “More! No mercy! IDF don’t stop!” Broda had written on X over a photo of a devastated urban landscape in Gaza, and in another post denied the existence of Palestine.

    “We will continue targeting ChatGPT until the genocide supporter, Tal Broda, is fired and ChatGPT stops having dehumanizing views of Palestinians,” Anonymous Sudan responded in a Telegram post explaining its attacks on OpenAI.

    Still, Anonymous Sudan’s true goals haven’t always seemed entirely ideological, Akamai’s Seaman says. The group has also offered to sell access to its DDoS infrastructure to other hackers: Telegram posts from the group as recently as March offered the use of its DDoS service, known as Godzilla or Skynet, for $2,500 a month. That suggests that even its attacks that appeared to be politically motivated may have been intended, at least in part, as marketing for its moneymaking side, Seaman argues.

    “They seem to have thought, ‘We can get involved, really put a hurting on people, and market this service at the same time,’” Seaman says. He notes that, in the group’s anti-Israel, pro-Palestine focus following the October 7 attacks, “there’s definitely an ideological thread in there. But the way it weaved through the different victims is something that maybe only the perpetrators of the attack fully understand.”

    At times, Anonymous Sudan also hit Ukrainian targets, seemingly partnering with pro-Russian hacker groups like Killnet. That led some in the cybersecurity community to suspect that Anonymous Sudan was, in fact, a Russia-linked operation using its Sudanese identity as a front, given Russia’s history of using hacktivism as false flag. The charges against Ahmed and Alaa Omer suggest that the group was, instead, authentically Sudanese in origin. But aside from its name, the group doesn’t appear to have any clear ties to the original Anonymous hacker collective, which has been largely inactive for the last decade.

    Aside from its targeting and politics, the group has distinguished itself through a relatively novel and effective technical approach, Akamai’s Seaman says: Its DDoS service was built by gaining access to hundreds or possibly even thousands of virtual private servers—often-powerful machines offered by cloud services companies—by renting them with fraudulent credentials. It then used those machines to launch so-called layer 7 attacks, overwhelming web servers with requests for websites, rather than the lower-level floods of raw internet data requests that DDoS hackers have tended to use in the past. Anonymous Sudan and the customers of its DDoS services would then target victims with vast numbers of those layer 7 requests in parallel, sometimes using techniques called “multiplexing” or “pipelining” to simultaneously create multiple bandwidth demands on servers until they dropped offline.

    [ad_2]

    Andy Greenberg

    Source link