now browsing by tag
#sextrafficking | Fact check: Media was not “silent” about the NXVIM case | #tinder | #pof | #match | romancescams | #scams
Users on social media are sharing the screenshot of a 2019 tweet that misleadingly alleges the media did not report the NXVIM case, a U.S. sex cult founded by Keith […] View full post on National Cyber Security
The attacks that transpired last year alone
arguably made ransomware the hot topic of the year and most likely a leading contender
for 2020, as well, but a new element that cropped up late last year – attackers
adding a layer of blackmail to the threat of locking a target’s computer system
– solidified its standing.
The evolution, if one could apply such a lofty term, to blackmail stems from companies’ recent strides in better deflecting ransomware attacks.
Although the well-known threat actor The Dark
Overlord was a pioneer, several groups have been implementing this tactic,
including Maze, Sodinokibi and Nemty, since late last year, an indicator to
many security pros that the bad guys are responding to improved security
practices on the part of their intended victims.
“The attacker threatening, or going ahead with,
disclosure of the stolen data is their way of forcing even those companies that
have backup in place to reconsider paying the ransomware,” says Ilia
Kolochenko, founder and CEO of ImmuniWeb.
Over the last several weeks Maze has wielded
Sodinokibi ransomware as a lever to try and pry millions of dollars in ransom payments
from a series of targets, most recently Medical Diagnostic Laboratories and the
Gedia Automotive Group. Maze demanded 200 bitcoins from the former and when it
refused to pay up allegedly posted stolen data to several dark web forums.
Gedia also ignored the threat and had data revealed. Previously, Pensacola,
Fla., and Travelex have also been involved in this type of attack.
Maze’s is so brazen that it has created a public
website where it’s data stolen from companies that refuse to pay up.
The possibility that sensitive data could be
released certainly preys upon the mind of most ransomware victims. In almost
every case where a company, municipality or school district was hit, one of the
first things those in charge mention is that they do not believe any data has
been removed. This was generally a safe comment to make as attackers had not
previously made a habit of stealing data prior to encrypting a system.
The addition of blackmail now removes their ability
to throw out that particular safety net nor can they hide what happened if the
stolen data is made public.
“By threatening public exposure, attackers can add
layers of pressure to their ransom demands, in addition to the potential fines
from data protection acts like GDPR,” says Alex Guirakhoo, strategy and
research analyst at Digital Shadows. “Even empty threats of exposure can be
enough to elicit payment.”
If an organization pays the ransom that does not
mean the bad guys will comply and not make further use of the stolen
information. The people behind ransomware attacks are criminals and not to be
trusted always has been one of the primary reasons law enforcement has been
against paying a ransom. It guarantees nothing.
“Stealing data simply gives them additional
leverage to extort payment and, perhaps, other options for monetization –
selling the data to other criminal groups or competitors, for example,” says
Brett Callow, a threat analyst with Emsisoft.
director of marketing at Cymulate, notes criminals were forced to go in this direction
in order to maintain their cash flow as fewer companies were opting to pay. In
one sense these malicious actors were hoisted upon their own petard as the huge
number of ransomware attacks gained a great deal of public exposure thus
“Awareness has grown and companies are employing
better protection against ransomware and better recovery methods from a
successful ransomware attack,” he says, which has led to victims not paying
despite not being able to recover their data – in some cases because they had
cyber insurance to cover any loss.
Deciding to not pay has led to another plot twist.
Over the last four months the size of the average ransom payout has
dramatically increased for those who choose to give in to the demand.
The security firm Coveware recently reported that
in the fourth quarter of 2019, the average ransom payment increased by 104
percent to $84,116, up from $41,198 in the third quarter of 2019.
The report specifically cited the ransomware groups
now known for threatening to release data as one of the drivers of this higher
“Some variants such as Ryuk and Sodinokibi have
moved into the large enterprise space and are focusing their attacks on large
companies where they can attempt to extort the organization for a seven-figure
payout,” Coveware says.
Attackers still target smaller businesses,
primarily using Dharma, Snatch and Netwalker ransomware but with demands as low
as $1,500 – compared to the six- and seven-figure fees demanded from large
As with any adversarial relationship one side
generally comes up with a new weapon or methodology and it is then countered by
the opposing side. Since the criminal element has now brought in to play a
further level of blackmail defenders must adapt. Moshe Elias, Cymulate’s
director of product marketing, points out that there are already tools
available that can inform a targeted firm that data is being exfiltrated.
“What’s most surprising about this attack (Medical Diagnostic Laboratories) is that any fully functioning Data Loss Prevention solution should assist in detecting unwanted data that’s been accessed and sent out of the organization. Such a large amount of data, such as a 100GB, should at least raise a flag if not completely kill the communication channel for exfiltration,” he says, adding, “As ransomware has shifted to exfiltrating data and then encrypting it on the customer side, it’s imperative that all network security controls are optimized at all times to avoid these type of gaps.”
Whether or not Medical Diagnostic Laboratories had the internal staff in place to handle this attack is something only the company knows, but Bret Padres, CEO, Crypsis Group, says companies that find themselves in this position can turn to what is another hot topic: Cyber insurance. Such coverage will not only help defray any financial loss, but insurance firms can also help smaller or less tech savvy firms possibly recover from an attack.
The post #cybersecurity | hacker | The hottest topic: Ransomware | SC Media appeared first on National Cyber Security.
View full post on National Cyber Security
After fixing a fat pile of critical security flaws as part of last week’s Patch Tuesday update, Adobe has come back with two more that need urgent attention.
This is what’s called an out of band update, which means that a vulnerability is too risky or likely to be exploited to leave to the next scheduled update.
The first is in the Windows and macOS versions of the After Effects graphics software and affects anyone running version 16.1.2 and earlier.
Identified as CVE-2020-3765 after being reported to Adobe only days ago, the company offers little detail on the vulnerability itself beyond stating that the update:
Resolves a critical out-of-bounds write vulnerability that could lead to arbitrary code execution in the context of the current user.
All that tells us is that exploiting the flaw would require access to the user’s machine which shouldn’t detract from the need to patch the issue.
The second is also an out-of-bounds write weakness, this time in Adobe Media Encoder, affecting Windows and macOS versions 14.02. Identified as CVE-2020-3764, this requires similar current user access.
There is no evidence that either of these flaws is being exploited in the wild, but you never know, hence the need to patch now.
The fix for After Effects (APSB20-09) is to upgrade to version 17.0.3. For Media Encoder (APSB20-10) it’s version 14.0.2.
It’s unusual for Adobe to issue out of band updates. Excluding the later than usual patching of a slew of flaws last October, the last was three emergency fixes for ColdFusion the month before that.
Despite the inconvenience, this is to be applauded. The sooner a critical is patched, the sooner everybody stops worrying about it.
Latest Naked Security podcast
The post Adobe fixes critical flaws in Media Encoder and After Effects – Naked Security appeared first on National Cyber Security.
View full post on National Cyber Security
In today’s ever-shifting market, we recognize that you need to be constantly adapting, and Akamai provides a way to enhance your customers’ experiences through our unique expertise, helping you unlock the value of Akamai’s products and services.
Professional Services’ primary mission is to drive customer success and growth. In order to achieve that, Akamai’s Global Services and Support team rationalized the Web Performance and Media Services portfolio that bundles Advisory, Professional Services and Support to focus on value confirmation that is differentiated at each level of service.
As industry experts and trusted advisors, we can help our customers scale, meeting their needs by offering everything from break-fix support to implementation services, to maintaining and optimizing their Akamai products to assisting in addressing their specific business goals through the adoption of Akamai solutions.
The new Premium 3.0 Services and Support provides a high-touch engagement and access to aligned support professionals with extensive knowledge and understanding of all Akamai solutions. This service enables media configuration optimization through best-practices and regular validation of product value to improve viewer experience. As part of its capabilities, Premium 3.0 includes a catalog of Technical Business Assessment with tools such as Ingest Readiness, Reduced Rebuffering and Media Distribution Optimization, all this to ensure that the different aspects of media distribution are set up and configured correctly.
To learn more about professional services, please visit our website: https://www.akamai.com/us/en/services/
*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Nancy Carvajal. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/MEV-MF3Sx1M/march-2020—professional-services-and-the-media-industry.html
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans Data on 92M Brazilians found for sale on underground forums In October 92 million Brazilians had their name, birth date, mother’s name, gender and tax details including taxpayer IDs exposed contained in a Brazilian government 16GB SQL database was found for sale on a dark web […] View full post on AmIHackerProof.com