‘Major’

now browsing by tag

 
 

Palo Alto Unified is canceling major events but no longer opting out of state exam due to coronavirus concerns | News | #coronavirus | #kids. | #children | #schools | #parenting | #parenting | #kids

Source: National Cyber Security – Produced By Gregory Evans

Palo Alto Unified is canceling major events but no longer opting out of state exam due to coronavirus concerns | News | #coronavirus | #kids. | #children | #schools | […]

The post Palo Alto Unified is canceling major events but no longer opting out of state exam due to coronavirus concerns | News | #coronavirus | #kids. | #children | #schools | #parenting | #parenting | #kids appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | bne IntelliNews – US Justice Department indicts Russian national Yevgeniy Nikulin in several major cybercriminal offenses

Source: National Cyber Security – Produced By Gregory Evans

The US Department of Justice indicted Russian national Yevgeniy Nikulin in several major cybercriminal offenses, such as stealing personal identities, usernames and credit card information of customers  from Formspring, LinkedIn and Dropbox.

Nikita Kislitsin, an employee of a cybersecurity firm with offices in Moscow and Singapore Group-IB is an alleged co-conspirator in the Formspring 2012 case, according to the DOJ. Kislitsin joined the company in January 2013, about six months after the US prosecutors say Kislitsin tried to sell the Formspring data. US prosecutors have not alleged any wrongdoing by Group-IB.

Russian software firms are under scrutiny too after leading anti-virus software firm Kaspersky Labs, that has sold its software all over the world, was cooperating with the Russian Federal Security Service (FSB) – a claim the company has stringently denied.

Group-IB is a leading Russian cyber-security firm that also has an international clientele however, the company dismissed the charges against Kislitsin in statement the company shared with bne IntelliNews, as “only allegations,” arguing that no case has been made yet.

Indeed, Group-IB said that company representatives and Kislitsin met with representatives of the Justice Department to discuss Kislitsin research into hackers and the dark web that he conducted before joining Group-IB, while editor of the magazine “Hacker.”

From 2006-2012, Nikita Kislitsin was a famous journalist and as chief editor of Hacker wrote extensively about information security, programming, and computer network administration. The magazine paid particular attention to research into cyberattacks, analysis of cybercriminal groups’ tools, case studies of online fraud and hacking, and recommendations on cybersecurity measures and protection against cyberthreats. Kislitsin has also worked in the US as independent threat researcher in the US in 2012.

In Russia the cases of “poacher turned game-keeper” are common amongst the software engineering community and are usually amongst Russia’s best engineers.

Group-IB has offered to fully cooperate with the authorities as the company’s raison d’etre is to prevent cybercrime and hacking attacks. Like most countries Russia also suffers from digital crime and the Central Bank of Russia (CBR) reported earlier this year that Russian banks lost hundreds of millions of dollar to cybercrime in 2019. Last October the state-owned retail banking giant Sberbank was hacked and the personal details of millions Sberbank’s clients were offered for sale on the black marketing in what was Russia’s largest ever data breach, according to security experts. Group-IB regularly publishes research about payment fraud techniques and other cyber threat as a public service and has assisted international law enforcement in its investigations on occasion, according to a company spokesman.

Group-IB said it will support Kislitsin and has taken advice from international lawyers before taking its next steps. Kislitsin is currently employed as the head of network security, according to a company webiste

The indictment is short on details of the alleged crime and the evidence that has been publically released is based on little more than a conspiracy theory.

According to US press reports the case against Kislitsin is largely built on linking him to Yevgeniy Nikulin, a Russian national, who is set to stand trial in March in San Francisco for allegedly stealing 117mn usernames and passwords from Formspring, LinkedIn and Dropbox in a separate case.

Source link

The post #nationalcybersecuritymonth | bne IntelliNews – US Justice Department indicts Russian national Yevgeniy Nikulin in several major cybercriminal offenses appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Ransomware attacks several major cities worldwide in 2019 | Science/technology

Source: National Cyber Security – Produced By Gregory Evans

This figure means an increase of at least 60 percent compared to last year. In 2019, ransomware aims at giant and influential organizations.

Although the demanded payment of each ransomware normally comes up to US$5 million, the real damage is much more than that. Therefore, these kinds of attacks are a thorny issue of businesses in all the world.

According to researchers, the infected organizations are usually not capable of paying a large sum of ransom, yet they tend to agree with other just as dangerous requests as temporarily blocking a certain service in a city.

This obviously create an adverse impact of social welfare of citizens there, further leading to even more negative effects on finance as well as other sensitive social matters.

By KIM THANH – Translated by Huong Vuong

Source link

The post #comptia | #ransomware | Ransomware attacks several major cities worldwide in 2019 | Science/technology appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | Major data center provider hit by ransomware attack, claims report

Source: National Cyber Security – Produced By Gregory Evans CyrusOne, a major provider of enterprise data center services, is reported to have suffered a ransomware attack. The Dallas-headquartered company, which operates more than 30 data centers across the United States, China, London, and Singapore, is reported by ZDnet to have had some of its systems […] View full post on AmIHackerProof.com

#city | #ransomware | Second Major Ransomware Attack in Louisiana Causes Significant Problems » The Merkle Hash

Source: National Cyber Security – Produced By Gregory Evans A good ransomware attack can cause significant problems. The city of Louisiana knows that all too well, as its problems have only just begun. The initial Ryuk ransomware attack against the Louisiana infrastructure dates back to November 18. Louisiana is a Ransomware Target Nearly two weeks […] View full post on AmIHackerProof.com

#cybersecurity | Cybersecurity firm Acronis investing major growth in Arizona

Source: National Cyber Security – Produced By Gregory Evans

Internet security firm F-Secure recently published a report covering the current landscape of cybersecurity attacks and data hygiene in the United States. The report, “Attack Landscape H1 2019,” revealed nearly three billion separate attacks had hit individual Internet of Things (IoT) devices in the first half of the year alone, a surge of 300 percent.

To combat the growing issue around cybersecurity in everything from IoT to social media to U.S. elections, security firms are trying to stay ahead of the curve with efforts to strengthen their research and development departments, coming up with solutions to help keep threats away. 

One of those companies is global cyber protection agency Acronis International, which has raised $147 million to make acquisitions, grow business more aggressively, and expand on its engineering. The data recovery company nabbed investment funding from Goldman Sachs at a valuation of more than $1 billion.

The company, which has a reach across the globe including split headquarters in Switzerland and Singapore, is using those investment funds here in Arizona, where it has a presence in Scottsdale. The company will soon see a new building open in Tempe’s thriving Tempe Town Lake business district, where it will be pumping $50 million into research and development projects around more sophisticated cybersecurity technology.

According to Gaidar Magdanurov, Chief Cyber Strategy Officer, Acronis’ R&D team in Arizona is working on several strategic projects including:

  • Acronis Cyber Platform that enables third-party developers to customize, extend and integrate cyber protection into their solutions
  • Acronis Cyber Infrastructure that provides the most cost-efficient and secure environment for running cyber protection solutions and data storage.
  • Acronis Cyber Cloud that enables service providers and enterprise IT to deliver cyber protection services to end customers.

In July, Acronis announced it was investing in the new Tempe digs while doubling the investment of its Scottsdale office to $20 million to hire more staff to build out artificial intelligence (AI) solutions and blockchain projects.

It’s been a big year for Acronis, which reported 20-percent business growth last year and is looking to hit 30 percent by 2020.

“The revenue plan depends on the implementation of new capabilities in products, including capabilities for partners to integrate Acronis Cyber Platform, and the team in Arizona is at the core of those developments,” explains Magdanurov.

The global cybersecurity company is hiring engineers in Arizona as well as investing into joint programs with Acronis SCS – an independent software vendor and distributor for the public sector in the U.S. that is based in Scottsdale. Acronis SCS is hosting a ribbon cutting ceremony for its new initiative to decrease veteran unemployment and strengthen the cyber workforce. This initiative is in partnership with New Horizons of Phoenix and the Arizona Coalition for Military Families.

Acronis also expects to bring on new teams and technology to help build out the development of its products, including cyber protection solutions for things like data safety, privacy, authenticity, and accessibility. Additionally, Acronis will use some of the funds to develop more data centers and focus on acquiring other companies to speed up development of its product portfolio.

Currently, Acronis has more than five million consumer customers around the world as well as 500,000 separate business customers.

Source link

The post #cybersecurity | Cybersecurity firm Acronis investing major growth in Arizona appeared first on National Cyber Security.

View full post on National Cyber Security

New York is #quietly working to #prevent a major #cyber attack that could bring down the #financial #system

Source: National Cyber Security News

Five months before the 9/11 attacks, US Secretary of Defense Donald Rumsfeld sent a memo to one of his advisers with an ominous message.

“Cyberwar,” read the subject line.

“Please take a look at this article,” Rumsfeld wrote, “and tell me what you think I ought to do about it. Thanks.”

Attached was a 38-page paper, published seven months prior, analyzing the consequences of society’s increasing dependence on the internet.

It was April 30, 2001. Optimistic investors and frenzied tech entrepreneurs were still on a high from the dot-com boom. The World Wide Web was spreading fast.

Once America’s enemies got around to fully embracing the internet, the report predicted, it would be weaponized and turned against the homeland.

The internet would be to modern warfare what the airplane was to strategic bombers during World War I.

The paper’s three authors — two PhD graduates and the founder of a cyber defense research center — imagined the damage a hostile foreign power could inflict on the US. They warned of enemies infecting computers with malicious code, and launching mass denial of service attacks that could bring down networks critical to the functioning of the American economy.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Cash #Converters is #HACKED: Cyber #criminals hold UK #customer #credit card numbers, addresses and #passwords to #ransom after major #security breach

Source: National Cyber Security – Produced By Gregory Evans

Hackers who attacked the now defunct website of second hand goods store Cash Converters may have access to the account details of thousands of customers.

Usernames, passwords, delivery addresses and potentially partial credit card numbers are among the data believed to have been stolen.

The culprits are said to be holding the information to ransom while the firm works with law enforcement authorities to investigate the incident.

It is not known exactly how many customers were impacted in the hack or when it happened.

 

Cash Converters operates high street stores where customers can trade items like jewellery and electronics for money.

The affected website, which was put out of action in September 2017 and replaced with an updated version, lets people purchase these products online.

As well as cash trade ins, the company offers small financial loans to its customers.

The data breech is only believed to affect customers of the Perth-founded firm who are based in the UK.

In a breach notification email sent to customers, a Cash Converters spokesman said: ‘Please be reassured that, alongside the relevant authorities, we are investigating this as a matter of urgency and priority.

‘We are also actively implementing measures to ensure that this cannot happen again.

‘Although some details relating to the cybersecurity breach remain confidential while Cash Converters works with the relevant authorities, we will continue to provide as much detail as possible as it becomes available.

‘The current webshop site was independently and thoroughly security tested as part of its development process.

‘We have no reason to believe it has any vulnerability, however additional testing is being completed to get assurance of this.

‘Our customers truly are at the heart of everything we do and we are both disappointed and saddened that you have been affected.

‘We apologise for this situation.’

Cash Converts reportedly received an email from hackers who claiming to have gained access to the data.

They threatened to release the data if they were not paid, which means anyone who used the old site before September 22 could be at risk.

Customers have been to advised to change their passwords and the firm has forced a reset for all UK webshop users.

Speaking about the breach, Jon Topper, CEO of UK webhosting firm The Scale Factory, said: ‘When migrating away from old solutions it’s important to bear in mind that old digital assets will still be running and available online until such time as they are fully decommissioned.

‘As a result they should still be treated as ‘live” which means maintaining a good security posture around them, keeping up with patching and so forth.

‘In their customer notification, Cash Converters were quick to point out that the old site was operated by a third party, possibly intending to deflect responsibility for this breach.

‘This definitely won’t fly under General Data Protection Regulation regulations coming into force next year.

‘Companies running server infrastructure that handles customer data should be engaging with experts to review their security posture ahead of that, in order to avoid being slapped with a large fine.’

The post Cash #Converters is #HACKED: Cyber #criminals hold UK #customer #credit card numbers, addresses and #passwords to #ransom after major #security breach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach

Source: National Cyber Security – Produced By Gregory Evans

Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach

Hackers have once again targeted Verticalscope, a Canadian firm that manages hundreds of popular web discussion forums with over 45 million user accounts. The breach has compromised at least 2.7 million user accounts. The Toronto-based company runs a network of support forums and online community websites catering to a wide range of interests, from outdoor and automotive to sports and technology.

In June 2016, Verticalscope admitted that it had suffered a data breach that saw at least 45 million user accounts compromised and their data leaked in a blog post on Leakedsource.com.

The latest breach impacted six websites, including Toyotanation.comJeepforum.com – the company’s second-most popular website – and Watchuseek.com, security expert Brian Krebs first reported.

Security researcher and founder of Hold Security, Alex Holden, notified Krebs last week that hackers were selling access to Verticalscope.com and a number of other sites operated by the company.

Holden initially suspected that a nefarious actor was just trying to resell data stolen in the 2016 breach.

“That was before he contacted one of the hackers selling the data and was given screen shots indicating that Verticalscope.com and several other properties were in fact compromised with a backdoor known as a ‘Web shell’,” Krebs wrote. “With a Web shell installed on a site, anyone can remotely administer the site, upload and delete content at will, or dump entire databases of information — such as usernames, passwords, email addresses and Internet addresses associated with each account.”

The hackers reportedly obfuscated certain details in the screenshots that allowed him to locate at least two backdoors on Verticalscope’s website and Toyotanation.com, one of the company’s most popular forums.

Krebs reported that a simple search on one of Verticalscope’s compromised domains led to a series of Pastebin posts that have since been deleted “suggesting that the individual(s) responsible for this hack may be trying to use it to advertise a legally dicey new online service called LuiDB”.

“Similar to Leakedsource, LuiDB allows registered users to search for account details associated with any data element compromised in a breach — such as login, password, email, first/last name and Internet address,” Krebs noted. “The first search is free, but viewing results requires purchasing a subscription for between $5 and $400 in Bitcoin.”

“The intrusion granted access to each individual website files,” Verticalscope said in a statement to Krebs. “Out of an abundance of caution, we have removed the file manager, expired all passwords on the 6 websites in question, added the malicious file pattern and attack vector to our detection tools, and taken additional steps to lock down access.”

The company did not provide any details regarding when and how the attack took place or who carried out the hack. IBTimes UK has reached out to Verticalscope for further details.

The post Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity breaches: Centre is looking to roll out this major innovative approach

Source: National Cyber Security – Produced By Gregory Evans

The government is working on creating a single framework for reporting breach of cyber security at financial institutions and a working group is soon likely to be formed, sources in the know told FE. The government is working on creating a single framework for reporting breach of cyber security at…

The post Cybersecurity breaches: Centre is looking to roll out this major innovative approach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures