METAIRIE, La. (AP) — Authorities in Louisiana say a woman has been arrested for pretending to be an attorney and stealing $2 million from a client with special needs. Kristina Galjour was arrested Thursday and charged with bank fraud, computer fraud, theft valued over $25,000, exploitation of the infirm and illegally practicing law without a license. The 57-year-old victim has a developmental disability and inherited a trust fund after his parents died. Jefferson Parish Sheriff’s Capt. Jason Rivarde says Galijour coerced the man into thinking she was an attorney and over a three-year period she emptied his $2 million trust fund. The investigation is ongoing. It’s unclear whether Galijour has an attorney.
Source: National Cyber Security – Produced By Gregory Evans The city’s airport customs officers on Sunday arrested a 28-year-old man from Chembur who had placed an order for drugs through a mobile messaging app and paid for them through the dark web using cryptocurrency. Officers seized the drugs from a courier parcel and booked the man […]
View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans By Elizabeth F. McNamara Town Manager Andrew Nota said Saturday the town had been hit with computer ransomware and had shut down the system townwide to evaluate the damage and rebuild. “There have been numerous system breaches in municipalities in Rhode Island, New England and nationally […]
View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Accel’s new India fund What’s the news? Accel India, backer of leading technology startups such as Flipkart, Freshworks and Swiggy, has raised about $550 million for its sixth India fund, taking its assets under management to $1.5 billion. This makes Accel VI among the largest corpuses […]
View full post on AmIHackerProof.com
Stolen credit card data from Singapore banks is valued higher on the Dark Web than that from other countries because of the robust cyber security measures protecting it and the difficulty in obtaining such data, according to new research from cyber security firm Group-IB.
The Singapore-based firm yesterday said that for cards from the United States, the average price for raw payment card data, which includes credit card number, expiration date, cardholder name and CVV number, is between US$8 (S$11) and US$10 on Dark Web shops.
PORT NECHES — The Port Neches-Groves Independent School District will welcome its students back to campus Tuesday after the evacuation notice was lifted Friday morning following the TPC Group plant explosion and fires.
Both Port Arthur ISD and Nederland ISD will resume classes Monday as scheduled.
While the repairs on the affected PNGISD campuses are moving swiftly, Superintendent Mike Gonzales said he intends to take extra precautions by cancelling school Monday, Dec. 2.
“We have a couple schools that were impacted by the blast,” he said. “We currently have our team working on those campuses and we believe we will get our schools back into working condition before Monday. I think we should be ready to go as soon as the workers clear us.”
All campuses within the Port Neches city limits were damaged, except for Ridgewood Elementary.
“We have broken glass and ceiling tiles that have came down,” Gonzales said. “We’re going to have to put all that up, wipe down the desks and deal with minor stuff at the elementary schools.”
Port Neches-Groves High School, which sustained the most damage, has begun repairs to broken windows, caved in gym doors, falling tiles and framework issues.
“In one or two spots the frames got damaged,” Gonzales said. “Other than that, it’s just a lot of minor stuff. There is just so much of it. That’s what makes it difficult. It’s the little things that you have to go back and clean up, make sure the classrooms are wiped down so students aren’t touching, breathing or eating anything harmful.”
As cleaning up continues, Gonzales said the campuses will conduct several air quality tests to ensure there is no detection of harmful chemicals or lingering asbestos fumes.
“We’re walking through everything,” he said. “We’re doing everything we can to make sure our kids are safe before they come back.”
Gonzales said he is grateful that students were not in school during the incident, but is using the experience as a learning tool for the future.
“We hate that this happened, but it did happen,” he said. “I’m just glad that kids weren’t in the classes. We have drills in place because of the area we live in, but there really hasn’t been anything catastrophic. This is something we will just learn from in the future and use to move forward.”
After sustaining considerable damage during the explosion only 15 days after a cybersecurity threat, Gonzales said he is proud of his students and staff who have remained resilient through the chaos.
“Our employees are well-versed,” he said. “They know how to handle all different situations. We’ve dealt with hurricanes. We’ve dealt with floods, ransomware and now this. Our teachers are just as resilient as our students. They get a little rattled, but before you know it they are back at it. It’s just what they do. It’s who we are.”
Periodic updates will be posted on the school districts Facebook page. Residents are urged to continue monitoring via social media.
The annual discount has become a major event for businesses and it now appears to have filtered down to the darkest depths of the internet, experts claim. Online security firm Digital Shadows co-founder James Chappell said common marketing strategies used by regular businesses are now being used by criminals. He claimed: “We’ve seen the same strategies that online retailers and physical retailers use, being used in these criminal markets.
Mr Chappell described how one strategy to provide discounts is to “stack ‘em high and sell ‘em cheap”.
He added: “We’ve seen the same with discount codes, introductions, building up excitement before the event, adverts that entice and enthuse.”
UK criminals make more from selling drugs online than anywhere else in Europe.
It was revealed this week in a report from the European Monitoring Centre for Drugs and Drug Addiction.
The report claimed there were £24million worth of sales in 2017/18.
Sky News reported how social media contributes to the issue.
The outlet claimed platforms such as Facebook, Instagram and Snapchat are increasingly being used to sell illegal drugs.
National Crime Agency director of investigations Nikki Holland said she wanted to do more to tackle the problem.
JUST IN: France warning: Beaches closed as over 1,000kg of cocaine washes up
Despite this, the dark web also hosts harmless and legal content.
In the legal world of Black Friday, the consumer rights group warned customers this week many offers were not as good as they seem.
There were claims that some items were much cheaper at other times of the year.
Black Friday is an American celebration on the first Friday following Thanksgiving.
It is used as a method of firing the starting gun for the Christmas shopping season.
Black Friday is increasingly gaining traction in the UK, with many businesses offering Black Friday deals.
The consumer rights group has urged shoppers to do their research before buying any products which appear to be on sale.
The organisation tracked the prices of 83 products which went on sale on Black Friday last year for six months before the big sales day.
It found that all but four (five percent) were cheaper at other times during that period.
Elasticsearch services make storing, searching and analyzing large volumes of data simple, but that’s what makes them prime targets for cybercriminals.
Available as a service, AWS Elasticsearch allows users to easily deploy and operate Elasticsearch without the management overhead. (AWS provides help on how to configured AWS Elasticsearch correctly.)
However, did you know those domains have a “public” mode that leaves data exposed to unsigned requests made to these resources (ES clusters) by attackers?
Examples of unprotected Elasticsearch clusters that have been found public include the personally identifiable information (PII) of more than 20 million Ecuadorian citizens, and over 20 million tax records belonging to Russian citizens.
When left unprotected with publicly accessible domains, attackers can easily identify exposed AWS Elasticsearch clusters using popular search engines like Shodan. Then once they gain access, hackers can copy the data remotely or index it using other internet services.
Sophos Cloud Optix helps organizations identify and prevent publicly accessible AWS Elasticsearch domains within minutes.
Using a combination of contextual topology view and AI capabilities, Cloud Optix infers the ELK stack (“ELK” is the acronym for three open source projects: Elasticsearch, Logstash and Kibana), identifying where Amazon EC2 instances are running Elasticsearch, Logstash and Kibana applications. This allows Cloud Optix users to quickly identify, during their routine security hygiene reviews, where an Amazon EC2 instance hosting Elasticsearch is receiving traffic from the Internet.
Say yes to open source, but keep data safe with this simple check from Cloud Optix.
Join us at AWS re:Invent
If you want to find out more come to our session on building security solutions using the AWS Elasticsearch Service, at AWS re:Invent.
Cloud Engineer Key Vaidya and Senior Director of MDR Platforms Dennis Griffin will share best practices on designing for scale based on their experiences developing a security monitoring and alerting system leveraging Amazon ES and other components.
What: Building Security Solutions using the Amazon Elasticsearch Service When: Wednesday, December 4 @ 5:30 pm – 6:30 pm Where: Mirage, Events Center B2 Red
Transport Layer Security (TLS) is the encryption standard used on the internet today – the terms SSL and TLS are often used interchangeably but Secure Sockets Layer (SSL) is an old standard that has been eclipsed by TLS. So, although the more common term is still SSL, just know that most people mean TLS when they say SSL.
Encryption provides privacy not security
TLS is designed to provide confidentiality and authenticity by encrypting the communication between two parties and verifying the server is who it claims to be, based on its certificate and who issued it.
TLS encryption does NOT provide any security or assurance of the content. So when someone says their connection to the server is secure, they really only mean it’s secure from eavesdropping and that the identity of the server is confirmed.
You can have a perfectly valid encrypted and ‘secure’ connection to a site hosting malicious payloads… which is why inspection of this encrypted traffic is so important.
TLS inspection is not easy
The problem is that TLS is a very complex protocol with different certificates having to be exchanged, as well as negotiation over cipher suites to be used to determine how the connection should be encrypted.
There are also, of course, several TLS versions, and many applications and web services do things differently. Despite having rigorous standards, this makes it very possible for things to be incompatible.
This presents enormous challenges for any security solution that attempts to inject itself into this process for the purpose of inspecting and securing the content that is exchanged.
On top of all the technical complexity, there are policy decisions that need to be made. Not all SSL traffic can or should be treated the same. It’s a balancing act: You have to balance privacy, performance, security and compliance. Some traffic, like banking and finance, should not be inspected and some traffic cannot be inspected.
Encrypted traffic volume is approaching 100%
For many good reasons, most internet connections are now fully encrypted. In fact, on most platforms over 80% of web sessions are now encrypted according to the Google Transparency Report.
Has encryption rendered your firewall irrelevant?
Encryption is great for privacy, yes. But, it is also creating an enormous blind spot for most organizations, where their current firewalls are not up to the task of inspecting great volumes of encrypted traffic.
In effect, TLS encryption has rendered most firewalls irrelevant and useless as they no longer have insight into the majority of traffic passing through the network.
The real danger is the threats hiding in encrypted traffic
With the explosive growth in TLS encryption in recent years, it’s probably no surprise that hackers are catching onto this trend and leveraging it to help get malware on your network undetected and keep it there.
In fact, according to SophosLabs, about 1/3rd of malware and unwanted applications are using TLS, to stealthily get on your network and communicate once there, all in the interest of remaining undetected.
Why most organizations are powerless to do something
As I outlined earlier, TLS is complex and resource intensive.
It’s extremely expensive to invest in the R&D necessary to properly inspect TLS encrypted traffic at the firewall, in an efficient and effective way. As a result, most firewall products simply aren’t up to the task of inspecting the current volume of encrypted traffic passing through them.
Most network admins have been forced to accept the risk of threats and non-compliance due to serious performance limitations. Enabling TLS inspection is just too costly in terms of the performance impact.
On top of that, poor inspection implementations that don’t support the latest standards result in downgraded security, which opens up vulnerabilities, or simply break a lot of websites, resulting in a terrible user experience.
This situation is creating conditions for a perfect storm.
There has to be a better way
And, there is!
Over the last few years, we’ve been investing heavily in solving the problem with TLS inspection. The result of all that effort is the new Xstream Architecture in XG Firewall v18.
It offers a new ground-up solution to eliminating that vast blind spot, without all the performance and user experience compromises that have plagued other solutions.
High performance – a light weight engine with high connection capacity
Top security – supporting TLS 1.3 and all modern cipher suites
Inspection of all traffic – being application & port agnostic
A great user experience – with extensive interoperability to avoid breaking the internet
Powerful policy – offering the perfect balance of performance, privacy and protection
Unmatched visibility – into your encrypted traffic flows and any errors
There’s no longer a need to run blind. Return your firewall to relevance and start inspecting the traffic flowing through it.
You can try the new Xstream SSL Inspection in XG Firewall v18 as part of the early access program. Get started today! All our licensed XG Firewall customers get this great new capability at no charge.
Watch this video to learn more about how it works: