A51
Newsflash vrijdag 17 mei 2024
Politie houdt verdachten aan voor grootschalige bankhelpdeskfraude
(security.nl)
De politie heeft drie verdachten aangehouden op verdenking van grootschalige bankhelpdeskfraude. De politie kwam de mannen op het spoor door informatie uit onderzoek naar phishing-as-a-service platform LabHost, dat vorige maand door de autoriteiten offline werd gehaald.
Via het platform konden criminelen tegen betaling uit allerlei soorten phishingsites kiezen, bijvoorbeeld voor banken, bezorgdiensten en telecombedrijven.
De nu aangehouden mannen worden verdacht van onder andere telefonische oplichting. Zo zouden de mannen vooral senioren hebben gebeld, waarbij ze zich voordeden als medewerker van een bank of van de overheid.
Nederland getroffen door landelijke storing bij pinnen
(tweakers.net)
Nederland heeft te maken met een landelijke storing bij het betalen via pin. Zowel betaalautomaten in winkels als geldautomaten lijken hierdoor niet goed te functioneren.
Duizenden getroffenen melden sinds 18.00 uur problemen met pinnen via . Het is niet duidelijk wat de oorzaak van de storing is en hoelang deze nog zal duren.
Update, 20.45 uur: Het aantal meldingen neemt intussen drastisch af. Verschillende bronnen meldden dat de oorsprong van de storing bij betalingsverwerker Equens lag. Het is nog steeds niet duidelijk wat de precieze oorzaak van de storing was.
Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware
(theregister.com)
A cybercrime gang has been abusing Microsoft's Quick Assist application in social engineering attacks that ultimately allow the crew to infect victims with Black Basta ransomware.
This, according to Redmond, which said the campaign has been ongoing since mid-April, and blamed a financially motivated group it tracks as Storm-1811 for the intrusions.
Microsoft did not immediately respond to The Register's questions about the attack, including how many customers have been hit. We will update this story when we receive a response.
US AI Experts Targeted in SugarGh0st RAT Campaign
(darkreading.com)
A likely Chinese threat actor is using a recent variant of the notorious Gh0st RAT malware to try and steal information from artificial intelligence experts in US companies, government agencies, and academia.
Researchers at security vendor Proofpoint first spotted the campaign earlier this month and are tracking the previously unknown threat actor behind it as "UNK_SweetSpecter."
In a report released on May 16, the security vendor identified the group as using an AI-themed phishing lure to distribute a remote access trojan (RAT) called SugarGh0st to a highly selective list of AI experts.
LockBit Takedown Indicates Shifting DOJ Cyber Strategy and Has Implications for Ransomware Victims
(jdsupra.com)
On May 7, 2024, the United States unsealed an indictment against Dmitry Yuryevich Khoroshev, one of the leaders of the Russian-based ransomware group LockBit, for his alleged involvement in developing and distributing the LockBit ransomware.
According to the indictment, Khoroshev performed both administrative and operational roles for the cybercrime group, including upgrading the LockBit infrastructure, managing LockBit affiliates, and recruiting new developers for the ransomware.
Since emerging in 2020, LockBit has become one of the most prolific ransomware groups in the world, targeting over 2,500 victims worldwide and allegedly receiving more than $500 million in ransom payments, according to Department of Justice statistics.
Report: 11 Vulnerabilities Found in GE Ultrasound Devices
(bankinfosecurity.com)
Security researchers have identified nearly a dozen vulnerabilities in certain GE HealthCare ultrasound products that could allow malicious actors with physical access to the devices to implant ransomware or access and manipulate patient data stored on the affected devices, says a new report published Tuesday by Nozomi Networks.
GE HealthCare issued security bulletins on Tuesday in response to the Nozomi report, downplaying the findings and saying that "existing mitigations and controls are in place" that reduce the risks to acceptable levels.
The Cybersecurity and Infrastructure Security Agency on Thursday also issued an advisory about the vulnerabilities.
CISA, HHS warn healthcare of Black Basta ransomware attacks
(healthitsecurity.com)
Healthcare organizations should harden their systems to protect against Black Basta ransomware, the Cybersecurity and Infrastructure Security Agency (CISA), FBI, and HHS warned in a joint cybersecurity advisory (CSA).
As previously reported, Black Basta emerged in 2022 and has remained a threat to healthcare and other critical infrastructure sectors since.
The ransomware as a service variant has been leveraged against 12 of the 16 designated critical infrastructure sectors across North America, Europe and Australia, enabling threat actors to encrypt and steal data.
Santander Falls Victim to Data Breach Involving Third-Party Provider
(darkreading.com)
Santander, a Spanish banking institution, has announced that it recently suffered a data breach in which a victim gained access to a database hosted by a third-party provider.
In the immediate aftermath of the breach, Santander moved to limit the scope of the intrusion by blocking access to the compromised database. Fraud prevention controls were also established to protect customers who were affected by the breach, it said though a press release, which did not mention the name of the provider.
"No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords," according to a Santander statement.
Too many ICS assets are exposed to the public internet
(helpnetsecurity.com)
The enterprise attack surface is expanding in multiple ways, becoming more numerous and more specific, according to runZero.
“Our research reveals alarming gaps and unexpected trends in enterprise infrastructure, including the decay of network segmentation, persistent challenges in attack surface management, and the increasing volume of dark matter on modern networks,” said HD Moore, CEO.
IT and OT are converging, expanding the attack surface of organizations and requiring new techniques to discover and manage assets. OT systems are high-value targets for attackers and are consistently exposed to untrusted networks.
Immutable Backups: Enhancing Data Resilience Through 5 Key Strategies
(latesthackingnews.com)
Your essential company data is vulnerable to various risks, including cyberattacks like ransomware and human blunders such as accidental deletion.
Simultaneously, continually increasing data quantities make managing and securing data more difficult than ever. However, the repercussions of failing to do so can be severe: lost or stolen data can disrupt business continuity, impede operations, harm your reputation, and, ultimately, impact your bottom line.
The cloud is critical to improving data resilience, but what is the best cloud defense? Here are five best practices to help you build an effective data resilience strategy for your organization.
SMBs Face Growing Threat of Triangulation Fraud
(bankinfosecurity.com)
As digital transformation grows, small and medium businesses increasingly face threats from triangulation fraud, in which fraudulent merchants appear and act as real merchants.
Offers made by these fake merchants are often too good to miss, said Mike Lemberger, senior vice president and regional risk officer at Visa's North American Region.
"They're trying to sell goods and services on the network itself, and it falls into the 'too good to be true' space where they're selling. Maybe a phone that you want to buy costs $1,000, and they would sell it for $600," Lemberger said.
Top 7 Technical Resource Providers for ICS Security Professionals
(tripwire.com)
Attacks against industrial control systems (ICS) are on the rise. Cyberattacks are more prevalent, creative, and faster than ever. So, understanding attackers' tactics is crucial.
The IBM Security X-Force Threat Intelligence Index 2023 highlights that backdoor deployments enabling remote access to ICS systems were the most common type of attacker action in 2022.
The positive news is that 67% of attempts to deploy ransomware through backdoors were foiled by defenders who disrupted the backdoor before the attackers could execute the ransomware.
Understanding the Key Differences Between FIM and EDR
(tripwire.com)
File integrity monitoring (FIM) and endpoint detection and response (EDR) are two cybersecurity solutions that are often foundational aspects of organizations’ security strategies.
EDR is implemented in order to stop known and unknown threats at endpoints, often with advanced functions such as behavioral monitoring and analysis, antivirus protection, and threat response capabilities.
FIM can monitor files, servers, operating systems, and networks for potentially suspicious changes and provides insight into what changes are made and by whom in an effort to enable the restoration of files after unauthorized changes.
How to Protect Your Information and Identity Against Today’s Data Breaches
(infosecurity-magazine.com)
Staying informed about the latest trends in data breaches is crucial for understanding the threats facing individuals and organizations alike as we continue to see large-scale incidents in the US in 2024.
In the first quarter of 2024 alone, major organizations that are used by many people, such as American Express and AT&T, suffered damaging breaches.
American Express alerted customers that their credit card details may have been compromised following a third-party data breach in March 2024.
68% of Companies are More Vulnerable to DDoS Than They Think
(infosecurity-magazine.com)
As everyone in the security space knows, misplaced confidence can often be much worse than a known weakness. When you have an accurate idea of where your vulnerabilities are, at least you can focus your mitigation resources there accordingly.
But if you think your defenses are strong where they are not, or you don’t truly understand the adversary’s capabilities, then you will always misallocate your forces and leave yourself open to attack.
Unfortunately, that is almost always the case when it comes to DDoS protection.
Identity Systems: Attackers' Keys to the Kingdom
(inforisktoday.com)
Ransomware attackers are increasingly targeting identity systems and backup files to gain control over organizational operations. Securing these systems has become critical to preventing cybercriminals from significantly disrupting operations and demanding ransom payments.
There is no single way for bad actors to access an identity system. They can target it directly from the start or breach other areas and then move laterally or escalate their permissions to reach the identity system, Bresman said. And the advantages are many.
"Once I have breached your identity system and I own your identity system, I can access anything in the organization. And if I take down the identity system, the organization is completely disabled.
CISO Confidence in AI Security Grows as GenAI Adoption Rises
(infosecurity-magazine.com)
CISOs are becoming more confident that generative AI is being used securely in their organization, according to a new survey led by professional association ClubCISO.
Two years after generative AI's emergence into the mainstream, nearly half (45%) of CISOs surveyed by ClubCISO said their organizations now allow the use of some generative AI tools for specific applications.
The same share of respondents said that the CISO office makes the final decision on which AI use is admitted.
How Generative AI Is Transforming Readers' Experiences
(bankinfosecurity.com)
Print and digital media platforms are again undergoing a transformation with a focus on improving reader experiences.
Generative AI and LLMs have a role to play in this market, but first media houses will need to overcome the challenges and weigh the pros and cons of adopting this technology, with an eye on ROI, said Rajeev Batra, CIO, Bennett, Coleman & Co. - The Times Group.
"Generative AI is causing a paradigm shift in how the user experience can be managed. It has also cut down the time for research and content preparation. The content can also be curated for the reader," Batra said.
I ranked the AI features announced at Google I/O from most useful to gimmicky
(zdnet.com)
At its annual developer event, Google I/O, Google unveiled many new AI products, features, and upgrades. How many? AI was mentioned 120 times during the two-hour keynote, as CEO Sundar Pichai unabashedly admitted by the end of it.
Some of these new offerings provide AI solutions to common problems, while others, although impressive, are unlikely to add much value to our everyday lives. Not mine, at least.
To help you sort through all of the announcements and identify which can positively impact your everyday life, I've rounded up what I found to be the most impressive AI features, ranked from most likely to optimize your everyday life to least likely.
AI and Passwordless Systems: The New Era in Cybersecurity
(inforisktoday.com)
As cyberthreats continue to evolve, organizations are increasingly turning to advanced technological solutions to mitigate risks.
Replacing traditional passwords with biometrics and passwordless has become imperative for many organizations due to the inherent risks associated with passwords, according to Kris Burkhardt, CISO, Accenture.
Passwordless systems offer heightened security by eliminating the transmission of user secrets over networks, and maintaining an accurate inventory of applications is paramount for implementing passwordless effectively, Burkhardt said.
Business locked in expensive AI 'arms race'
(bbc.com)
There’s no doubt we’re in an AI arms race says Jon Collins. He’s worked in IT for 35 years in various roles, including as a software programmer, systems manager and chief technology officer.
He’s now an industry analyst for research firm Gigaom. The current arms race was spurred by the launch of ChatGPT at the end of 2022, says Mr Collins.
Since then, many such generative AI systems have emerged, and millions of people use them every day to create artwork, text or video. For business leaders the stakes are high. Generative AI systems are very powerful tools that can digest more data in minutes than a human could in several lifetimes.
REPORTS
23-05-2024
23-05-2024
>>
healthcare alerts
23-05-2024
23-05-2024
>>
HEALTHCARE REPORTS
07-04-2024
22-03-2024
>>
Copyright © 2024, A51|disclaimer|privacy|algemene voorwaarden
back up ↑
