media

now browsing by tag

 
 

#sextrafficking | Social Media Posts Describing Predators Scrawling Letters and Numbers on Vehicles, Not Proven, Says EPD and HCSO – Redheaded Blackbelt | #tinder | #pof | #match | romancescams | #scams

[Staged photo from the EPD] After receiving multiple people asking if the 1F/1C written in the dust on cars social media posts were real, we reached out the the Humboldt […] View full post on National Cyber Security

#romancescams | Social media influencer scams rise during COVID-19 | romancescams | #scams

A new report shows social media influencers are being increasingly hacked during Coronavirus by scammers looking to con adoring fans out of their money.  Influencers are usually attractive models trying […] View full post on National Cyber Security

#sextrafficking | Fact check: Media was not “silent” about the NXVIM case | #tinder | #pof | #match | romancescams | #scams

Users on social media are sharing the screenshot of a 2019 tweet that misleadingly alleges the media did not report the NXVIM case, a U.S. sex cult founded by Keith […] View full post on National Cyber Security

#sextrafficking | Florida prosecutors charge 17-year-old with sex trafficking 14-year-old girl on social media | #tinder | #pof | #match | romancescams | #scams

_________________________ MIAMI – Prosecutors in South Florida have charged a 17-year-old boy with sex trafficking after he was accused of selling a 14-year-old girl online. The Miami-Dade State Attorney’s Office […] View full post on National Cyber Security

#minorsextrafficking | Crackpot social media theories are now becoming part of the mainstream | #parenting | #parenting | #kids

The logo of Immuni app, a smartphone app to trace the coronavirus disease (COVID-19) infections, is seen on a mobile phone, June 12, 2020. [Photo/Agencies] In a normal year, the […] View full post on National Cyber Security

#cybersecurity | hacker | The hottest topic: Ransomware | SC Media

Source: National Cyber Security – Produced By Gregory Evans

The attacks that transpired last year alone
arguably made ransomware the hot topic of the year and most likely a leading contender
for 2020, as well, but a new element that cropped up late last year – attackers
adding a layer of blackmail to the threat of locking a target’s computer system
– solidified its standing.

The evolution, if one could apply such a lofty term, to blackmail stems from companies’ recent strides in better deflecting ransomware attacks.

Although the well-known threat actor The Dark
Overlord was a pioneer, several groups have been implementing this tactic,
including Maze, Sodinokibi and Nemty, since late last year, an indicator to
many security pros that the bad guys are responding to improved security
practices on the part of their intended victims.

“The attacker threatening, or going ahead with,
disclosure of the stolen data is their way of forcing even those companies that
have backup in place to reconsider paying the ransomware,” says Ilia
Kolochenko, founder and CEO of ImmuniWeb.

Over the last several weeks Maze has wielded
Sodinokibi ransomware as a lever to try and pry millions of dollars in ransom payments
from a series of targets, most recently Medical Diagnostic Laboratories and the
Gedia Automotive Group. Maze demanded 200 bitcoins from the former and when it
refused to pay up allegedly posted stolen data to several dark web forums.
Gedia also ignored the threat and had data revealed. Previously, Pensacola,
Fla., and Travelex have also been involved in this type of attack.

Maze’s is so brazen that it has created a public
website where it’s data stolen from companies that refuse to pay up.

The possibility that sensitive data could be
released certainly preys upon the mind of most ransomware victims. In almost
every case where a company, municipality or school district was hit, one of the
first things those in charge mention is that they do not believe any data has
been removed. This was generally a safe comment to make as attackers had not
previously made a habit of stealing data prior to encrypting a system.

The addition of blackmail now removes their ability
to throw out that particular safety net nor can they hide what happened if the
stolen data is made public.

“By threatening public exposure, attackers can add
layers of pressure to their ransom demands, in addition to the potential fines
from data protection acts like GDPR,” says Alex Guirakhoo, strategy and
research analyst at Digital Shadows. “Even empty threats of exposure can be
enough to elicit payment.”

If an organization pays the ransom that does not
mean the bad guys will comply and not make further use of the stolen
information. The people behind ransomware attacks are criminals and not to be
trusted always has been one of the primary reasons law enforcement has been
against paying a ransom. It guarantees nothing.

“Stealing data simply gives them additional
leverage to extort payment and, perhaps, other options for monetization –
selling the data to other criminal groups or competitors, for example,” says
Brett Callow, a threat analyst with Emsisoft.

Moshe Elias,
director of marketing at Cymulate, notes criminals were forced to go in this direction
in order to maintain their cash flow as fewer companies were opting to pay. In
one sense these malicious actors were hoisted upon their own petard as the huge
number of ransomware attacks gained a great deal of public exposure thus
raising awareness.

“Awareness has grown and companies are employing
better protection against ransomware and better recovery methods from a
successful ransomware attack,” he says, which has led to victims not paying
despite not being able to recover their data – in some cases because they had
cyber insurance to cover any loss.

Deciding to not pay has led to another plot twist.
Over the last four months the size of the average ransom payout has
dramatically increased for those who choose to give in to the demand.

The security firm Coveware recently reported that
in the fourth quarter of 2019, the average ransom payment increased by 104
percent to $84,116, up from $41,198 in the third quarter of 2019.

The report specifically cited the ransomware groups
now known for threatening to release data as one of the drivers of this higher
cost.

“Some variants such as Ryuk and Sodinokibi have
moved into the large enterprise space and are focusing their attacks on large
companies where they can attempt to extort the organization for a seven-figure
payout,” Coveware says.

Attackers still target smaller businesses,
primarily using Dharma, Snatch and Netwalker ransomware but with demands as low
as $1,500 – compared to the six- and seven-figure fees demanded from large
organizations.

As with any adversarial relationship one side
generally comes up with a new weapon or methodology and it is then countered by
the opposing side. Since the criminal element has now brought in to play a
further level of blackmail defenders must adapt. Moshe Elias, Cymulate’s
director of product marketing, points out that there are already tools
available that can inform a targeted firm that data is being exfiltrated.

“What’s most surprising about this attack (Medical Diagnostic Laboratories) is that any fully functioning Data Loss Prevention solution should assist in detecting unwanted data that’s been accessed and sent out of the organization. Such a large amount of data, such as a 100GB, should at least raise a flag if not completely kill the communication channel for exfiltration,” he says, adding, “As ransomware has shifted to exfiltrating data and then encrypting it on the customer side, it’s imperative that all network security controls are optimized at all times to avoid these type of gaps.”

Whether or not Medical Diagnostic Laboratories had the internal staff in place to handle this attack is something only the company knows, but Bret Padres, CEO, Crypsis Group, says companies that find themselves in this position can turn to what is another hot topic: Cyber insurance. Such coverage will not only help defray any financial loss, but insurance firms can also help smaller or less tech savvy firms possibly recover from an attack.

Original Source link

The post #cybersecurity | hacker | The hottest topic: Ransomware | SC Media appeared first on National Cyber Security.

View full post on National Cyber Security

Adobe fixes critical flaws in Media Encoder and After Effects – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

After fixing a fat pile of critical security flaws as part of last week’s Patch Tuesday update, Adobe has come back with two more that need urgent attention.

This is what’s called an out of band update, which means that a vulnerability is too risky or likely to be exploited to leave to the next scheduled update.

The first is in the Windows and macOS versions of the After Effects graphics software and affects anyone running version 16.1.2 and earlier.

Identified as CVE-2020-3765 after being reported to Adobe only days ago, the company offers little detail on the vulnerability itself beyond stating that the update:

Resolves a critical out-of-bounds write vulnerability that could lead to arbitrary code execution in the context of the current user.