News Item
Kaseya victim of sophisticated ransomware attack
Kaseya which provides solutions to managed service providers (MSP) was the victim of a ransomware attack on July 2. There were up to 1500 small to medium-sized companies that may have had their systems compromised through their MSP.Kayseya provides remote-monitoring and management tools for networks and endpoints as well as compliance systems and service desks. Over 40,000 organizations worldwide use at least one Kaseya software solution that makes it central to a wide software supply chain.
Submitted by Eileen Buckholtz on July 10th, 2021
News Item
Firmware Security Issues put 30 Million Dell Devices at Risk
30 million Dell devices are at risk from firmware security issues. Researchers from Eclypsium report that 128 recent models including desktops, laptops, and tablets are exposed. The problems show up in a Dell feature called BIOSConnect which allows users to easily and even automatically receive firmware updates. While attackers need a foothold into the internal network, it is still an attractive target for hackers because of the ease of exploitation and insufficient monitoring.
Submitted by Eileen Buckholtz on June 25th, 2021
News Item
Chris Inglis confirmed as first national cyber director
Former NSA’er Chris Inglis was confirmed by the Senate as the first national cyber director. His job is to make sure that all federal agencies are operating consistent with the national cyber policy. The director will be the Biden administration’s main contact for cyber security problems when things go wrong as the coordinator for the response from the federal agencies with offensive and defenses responsibilities in cyberspace. https://www.scmagazine.com/home/security-news/government-and-defense/inglis-confirmed-as-first-national-cyber-director/
Submitted by Eileen Buckholtz on June 19th, 2021
News Item
FBI recovers part of Colonial Piple line ransom
FBI recovers a chunk of the BITCOIN Ransom paid for the Colonial Pipeline ransom attack. The victim contacted the FBI and then agreed to pay the ransom. The FBI was able to track the origin back to a hacking group called Darkside. They followed the bitcoin public ledger to identify the address receiving the two bitcoin payments. The FBI then used a private key to collect a portion of the funds. They also used blockchain explorer software to track down the payment. https://cyware.com/news/how-the-fbi-recovered-bitcoin-ransom-paid-to-darkside-ransomware-gang-02887672
Submitted by Eileen Buckholtz on June 12th, 2021
News Item
GOOGLE Adds new suspicious downloads feature
GOOGLE adds new features to Chrome to detect suspicious downloads. The new protections let the users know if a download from the Chrome Webstore can be considered “trusted.” This is part of its Enhanced Safe Browsing feature and has enabled the browsers to improve privacy and security, disabling an additional 80% of malicious extensions. Watch for upcoming Chrome cybersecurity alerts including scans of downloaded files for malware using metadata about the downloaded file. https://thehackernews.com/2021/06/google-chrome-to-help-users-identify.html
Submitted by Eileen Buckholtz on June 5th, 2021
News Item
Malvertising

 Hackers used fake ads on Google to trick users into downloading a malicious AnyDesk application. The ad campaign ranked higher in downloads than even the real AnyDesk ads. Researchers estimated that over 40% of users who clicked on the fake ad, downloaded and installed the malware, showing that this was a very successful strategy for the fraudsters.

Submitted by Eileen Buckholtz on May 28th, 2021
News Item
CNA ransomware attack

CNA, a US insurance giant, paid $40 million ransom to recover its systems in March.  This was one of the largest payments so far.  The attack was carried out using Phoenix CryptoLocker believed to have been used by Evil Corp a Russian cybercrime Network.  Since the pandemic there has been a large increase in the number of ransomware attacks and ask payments by hackers.  To defend against ransomware attacks, companies should secure

Submitted by Eileen Buckholtz on May 21st, 2021
News Item
The Empire strickes back at the DarkSide Ransomware Group

 

The DarkSide Ransomware group lost all its servers used to pull off ransomware attacks such as the recent one against Colonial Pipeline. The hackers said they had lost access to key parts of their infrastructure—the servers used for its blog, payment processing, and denial of service operations. DarkSide didn’t release where those servers were located or which country’s law enforcement had seized them. The takedown rattled other underground ransomware forums.

Submitted by Eileen Buckholtz on May 15th, 2021
News Item
Possible security threats linked to recycled phone numbers.

Possible security threats linked to recycled phone numbers. 

Submitted by Eileen Buckholtz on May 7th, 2021
Event
IJCAI 2021
International Joint Conference on Artificial Intelligence (IJCAI 2021) International Joint Conferences on Artificial Intelligence is a non-profit corporation founded in California, in 1969 for scientific and educational purposes, including dissemination of information on Artificial Intelligence at conferences in which cutting-edge scientific results are presented and through dissemination of materials presented at these meetings in form of Proceedings, books, video recordings, and other educational materials.
Submitted by Anonymous on May 5th, 2021
Subscribe to 2021