Tag Archives: GDPR

Security Never Sleeps- Locky Ransomware, Kaiser Breach

Locky Ransomware Rears its Head in Big August Campaigns

“Encryption extension changed”

A few weeks ago Locky changed its encryption extension to .lukitus (“locked” in Finnish). This variant has still proven frustratingly difficult to decrypt, according to Heimdal Security. It is often viewed as a part of a set of malicious spam waves that are hitting users one after the other. Comodo Labs has dubbed the late August campaign as the IKARUSdilapidated version of Locky. This still has the .lukitus extension and it spreads using a botnet of zombie computers responsible for coordinating a phishing attack.

There have been two waves in the new attacks so far. The first attempts targeted emails which appeared to be from an organization’s scanner/printer or other legitimate device. When the program was successful, it encrypted the victims’ computers and demanded a bitcoin ransom payment.

Comodo released the following in an analysis sent to Infosecurity: “As many employees today scan original documents at the company scanner printer and email them to themselves and others, this malware-laden email will look very innocent,” and “The sophistication here includes even matching the scanner/printer model number to make it look more common as the Sharp MX2600N is one of the most popular models of business scanner/printers in the market.”

Cyber Security Regulation — The Move Towards Board Involvement

“New regulations will have large impact on citizens and companies”

Regulators are often times the catalyst for stronger trends in cyber security, and new regulation from the EU is going to have a serious impact on organizations that process EU data in their busineses. After four years of diligence and debate, The EU Parliament approved the Global Data Protection Regulation on April 14, 2016. It will enter into effect on May 25, 2018, at which time those organizations in non-compliance will face heavy fines.

Kaiser Permanente says 600 Riverside area members affected by data breach

“Sensitive information thought to be safe”

Kaiser Permanente is notifying about 600 members from Riverside and “surrounding areas” by mail about a patient data breach, which include medical record numbers and procedures. No other identifying information was apparenty released. The breach was detected Aug. 9 when a list of information was “inadvertently sent to an unintended email address,” the statement noted. The information did not include Social Security numbers, financial information or other member information.

Almost half a million pacemakers need a firmware update to avoid getting hacked

“Patient hearts need hacking protections”

Nearly half a million pacemakers are being recalled by the US Food and Drug Administration after the agency found that the devices could be hacked to control pacing or deplete batteries. Rather than having patients remove or replace the device, however, the manufacturer is releasing a firmware update designed to address the vulnerabilities.

Enjoy your read? Check out our other content here.

10Fold Security Never Sleeps- GDPR, Law and IoT

New Trojan malware campaign sends users to fake banking site that looks just like the real thing

“False login ages steal sensitive info”

A credential stealing trickbot banking malware has been engaging in a email spam campaign that gives users a fake webpage that is nearly identical to the original. Online banking users in the US, UK, Australia, and many other countries have been affected, and this number is expected to grow as those developing it have been experimenting with EternalBlue. This was the exploit that allowed WannaCry and Petya to spread so efficiently.

Can U.S. lawmakers fix IoT security for good?

“Inter-connectivity leaves devices vulnerable”

Several U.S. Senators believe they have proposals that will aid in preventing the attacks that have plagued IoT devices in the last few years. The proposed solutions, put forward in the Internet of Things Cybersecurity Improvement Act of 2017. Many expert analyses of the IoT Act reveals that it’s likely a hearty step in the right direction, but it may not be enough to stop the tide of attacks that cause major issues for many people.

How to protect personally identifiable information under GDPR

“New rules grant more rights in PII for consumers”

The GDPR goes into force May 25, 2018, impacting many firms worldwide that process data for EU citizens. Heavy fines and other penalties are due to the companies that do not enforce the more rigorous personal identifiable information (PII) regulations, often up to 4% of a firms yearly revenue. Breaches are also required to reported with three days.

Ex-NSA Analyst Raises $10 Million To Stop Hackers Destroying Power Grids

“Infrastructure targets more popular”

Part of an espionage mission to disrupt critical services began in 2013, when a U.S. dam was targeted by mercenaries hired by Iran’s revolutionary Guard Corps. This relays the importance of national cyber security, recognized by Rob Lee, who was once part of National Security Agency and currently co-founder at infrastructure-focused cybersecurity firm Dragos Inc. The firm has recently raised $10 million in Series A funding for its goals, and a recognition of the seriousness of the situation.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 197

Ransomware can cost firms over $700,000; cloud computing may provide the protection they need

“Cybercrime costs are increasing”

A single ransomware incident can, on average, run a tab of over $713,000. About 21% of 200 SME businesses in the U.S. said they are completely ready to manage IT security and protect against threats. This number is dangerously small, but cloud computing may provide the security against the threats that many firms need.

The GDPR Deadline is Fast Approaching; How Enterprises are Readying Themselves

“Compliance needed by May 25, 2018”

Many organizations have dedicated countless hours for preparation for the European Union General Data Protection Regulation, but too many have just started taking steps to ensure compliance. The new regulations will have international consequences that must be addressed by firms who deal across borders, as the legislation has dire consequences for those who don’t comply.

WannaCry ‘Kill Switch’ Creator Arrested in Vegas

“Marcus Hutchins indicted for Kronos malware”

Federal authorities have nabbed user MalwareTech, aka Marcus Hutchins, for the creation and distribution of the Kronos banking Trojan. In an unsuspected move, authorities arrested Hutchins after his role as the researcher who stopped the expansion of the WannaCry ransomware earlier this year. WannaCry was deemed an extremely high risk malware, spanning over 150 countries in just a matter of days.

How do you predict cyber attacks? Listen to your Cassandras

“Proprietary data collection and intellectual property need protection”

Bad actors targeting vital institutions that had previously been sacrosanct have become harder to detect. The damages inflicted in many cases have dealt virtually fatal blows to corporate finance and organizational operations.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 182

The 15 biggest data breaches of the 21st century

“Highlights need for infosec upgrades”

Data breaches are, unfortunately, daily occurrences that end up exposing millions to undue risk. CSO have compiled a list of the 15 biggest breaches of this century, with criteria that includes damage to companies, insurers, and customer account holders. In many cases, passwords and other information were protected via encryption so a password reset eliminated.

New Malware Threatens to Send Users’ Pictures, Internet History and Messages to Friends

“LeakerLocker threatens privacy”

A new type of malware that can access and distribute pictures, browsing history and messages in a users device. The program, LeakerLocker, can be downloaded inadvertently through applications on Google Play, and will lock your phones screen and then claims your sensitive information has been stored.

Hospitals to receive £21m to increase cybersecurity at major trauma centres

“Huge beefing up of infosec”

Hospitals that treat patients for major incidents will receive over £21m for cybersecurity upgrades in the wake of the WannaCry ransomware attacks on NHS IT systems. Helath Secretary Jeremy Hunt pledged the funds in an attempt to shield the healthcare sector from the disruptions of malware events in the future.

Cyber security industry believes GDPR is stifling innovation

“Looked skeptically upon by the community”

A recent poll of Infosecurity Europe 2017 attendees showed that almost half think that the EU General Data Protection Regulation is stifling innovation by making companies nervous about cloud services. There are several concerns respondents named as issues with the regulations, including the perceived inability to find and/or report a data breach within 72 hours.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 177

More than half of major malware attack’s victims are industrial targets

“Petya intended effects examined”

Kaspersky Labs has released a new report with some grand insights in the Petya malware attack. First appearing as a widespread ransomware attack, it became clear later into the ordeal that the spread was more intended for destruction rather than financial gain. Kaspersky reported specifically that financial sectors were the most affected, as well as manufacturing or oil mechanisms.

Hacking Factory Robot Arms for Sabotage, Fun & Profit

“Could open a new world of ‘Subtle Blackmail'”

Black Hat talk will discuss how cybercriminals could manipulate robotic arms and create defects in vital products. Security researchers have been accumulating cache’s of big discoveries about IIoT vulnerabilities, and Black Hat is planning on continuing their release to raise awareness of critical flaws in infrastructure, power grids, and gas pipeline controls.

General Data Protection Regulation (GDPR) requirements, deadlines and facts

“EU legislation lowdown” 

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states, and non-compliance could cost companies dearly. This article details what every company that does business in Europe needs to know about GDPR.

Online fraud costs public billions but is still not a police priority, says watchdog

“Policing institutions not enforcing rules effectively”

The National Audit Office has claimed that various policing and regulatory agencies were insufficiently addressing the issue of online fraud. The NAO says that for most police forces the incidents are: “not yet a priority” and the problem had been overlooked by government, law enforcement and industry.

10Fold- Security Never Sleeps- 167

New Jaff Ransomware Variant Emerges

“Another active threat detected”

As WannaCry headlines begin to die down, another variant of a detrimental ransomware has begun to make the rounds. Jaff, a necurs distributed botnet, uses a similar deliery system as Locky and WannaCry. This gives security researchers an insight into the threat actors who designed Locky and Dridex, who also launched the Bart ransomware that grew concerns last year.

Survey Shows Disparity in GDPR Preparedness and Concerns

“New regulation affects any firm that does business in EU”

The GDPR will take affect one year from toay, but there seems to be little readiness for firms to take on the necessities outlined in the legislation. Specifically, geographic differences are highlighted in a recent study that shows just how ill-prepared disparate nations are.

Newly discovered vulnerability raises fears of another WannaCry

“Tens of thousands of devices potentially open to attacks”

A recently found flaw in widely used networking programs have a new flaw that could leave users open to ransomware like WannaCry. The U.S. Department of Homeland Security announced the potential for harm on Wednesday, which is claimed to be able to take control of the compromised device entirely without a patch applied by the user and admisistrator.