Hard-Earned Lessons about Cloud Computing in the Capital One Data Breach

Hard-Earned Lessons about Cloud Computing in the Capital One Data Breach

Information Security, News
Hard-Earned Lessons about Cloud Computing in the Capital OneData Breach One of the largest-ever thefts of financial data, the data theft at Capital One, has come to light early this week. This latest data breach has given the business community many hard-earned lessons about cloud computing. Last July 29th, Capital One Financial Corporationdisclosed that on July 19, 2019, it determined that information relating to individuals who had applied for the company’s credit card and credit card products was illegally accessed. Capital One said the data theft event affected approximately 100 million individuals in the U.S. and approximately 6 million in Canada. The company said the largest category of information that was illegally accessed was information that the company collected from 2005 through early 2019, specifically personal information that the company routinely collects at the time…
Read More
Human Error Drives Cyber Insurance Claims, Data Shows

Human Error Drives Cyber Insurance Claims, Data Shows

Information Security, News
Human Error Drives Cyber Insurance Claims, Data Shows   Insurance company CFC Underwriting, which conducts business in over 80 countries, reported that human error plays a part in the vast majority of cyber insurance claims.   CFC Underwritingreported that in 2018 the company responded to over 1,000 cyber insurance claims comprised of data breaches, theft of funds, ransomware and extortion, malware and more. In Canada alone, CFC Underwriting said that 32% of cyber insurance claims were about ransomware and extortion, 24% about non-malicious data breach, 20% about malicious data breach, 9% about theft of funds, 9% about malware and 6% referring to other cyber incidents.   "Whether a business suffers a data breach, a ransomware attack, or accidentally sends money to a fraudulent bank account, human error plays a part…
Read More
50,000 MS-SQL and PHPMyAdmin Servers Infected with Cryptocurrency Mining Malware, Researchers Found

50,000 MS-SQL and PHPMyAdmin Servers Infected with Cryptocurrency Mining Malware, Researchers Found

Information Security, News, Servers
50,000 MS-SQL and PHPMyAdmin Servers Infected with Cryptocurrency Mining Malware, Researchers Found Researchers at Guardicore revealed that 50,000 Microsoft SQL and PHPMyAdmin servers from different parts of the world and belonging to companies in the healthcare, telecommunications, media and IT sectors had been compromised and infected with a cryptocurrency mining malware – malicious software that secretly uses someone else’s computer for cryptocurrency mining. Cryptocurrency mining performs a dual function: first, for approving transactions, and second, for releasing new cryptocurrency into circulation. In many countries, cryptocurrency mining isn’t illegal. In countries where cryptocurrency mining is allowed, cryptocurrency mining is only illegal when this is done without the explicit permission from the computer owner – an act known as cryptojacking. In 2017, during the unprecedented rise of cryptocurrency prices, especially the top…
Read More
Importance of Securing Edge Devices

Importance of Securing Edge Devices

Information Security, IT Support, News
Importance of Securing Edge Devices Over the last few years, devices deployed at the boundaries of interconnected networks, also known as edge devices, such as routers and network-attached storage (NAS) devices have become the target of sophisticated malicious activity. Growing Threat to Edge Devices The discovery by researchers at Cisco Talos of the malicious software (malware) called “VPNFilter” highlighted the growing threat to edge devices. As of May 2018, researchers at Cisco Talos estimated that at least 500,000 home and office routers and network-attached storage (NAS) devices in at least 54 countries were infected with the VPNFilter malware. The known devices affected by VPNFilter were Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well as QNAP network-attached storage (NAS) devices. VPNFilter is…
Read More
City of Stratford Says Cyberattack Recovery Takes ‘Days, Not Hours’

City of Stratford Says Cyberattack Recovery Takes ‘Days, Not Hours’

Information Security, IT Support, News
City of Stratford Says Cyberattack Recovery Takes ‘Days, Not Hours’ It takes “days, not hours” to recover from the recent cyberattack that hit the City of Stratford, this according to the statement released by the City. Last April 14, the City of Stratford, Ontario announcedthat it was managing of what appears to be a cyberattack. More than a week after the initial cyberattack announcement, the City, in a statement, said that a virus encrypted the City’s data and locked the staff out. “We have now begun methodically unlocking and decrypting our systems,” the City said. “This is a thorough process that takes days, not hours.” In response to the cyber incident, the City said that it intentionally shut down its IT and email systems to contain the virus and in…
Read More
New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk?

New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk?

Information Security, News
New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk? The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that enterprise Virtual Private Network (VPN) products made by Cisco, Palo Alto Networks, F5 Networks and Pulse Secure have vulnerabilities that could compromise the security of users. The alert was issued in response to the disclosure made by the CERT Coordination Center (CERT/CC), the coordination center of the computer emergency response team for the Software Engineering Institute at Carnegie Mellon University. The following VPN products and versions, according to CERT/CC, store the cookie insecurely in log files: . Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573) . Pulse Secure Connect Secure prior to 8.1R14,…
Read More
Online Marketplace Selling Hacked Server Credentials Taken Offline by Authorities

Online Marketplace Selling Hacked Server Credentials Taken Offline by Authorities

Information Security, News
Online Marketplace Selling Hacked Server Credentials Taken Offline by Authorities xDedic, an online marketplace for buying and selling hacked server credentials, is no longer accessible to users after authorities took it offline as part of the coordinated multi-country law enforcement action. Users who try to access the xDedic website are referred to a U.S. government site explaining that the online marketplace was taken offline. On January 24, this year, the U.S. Federal Bureau of Investigation (FBI) in pursuant to a seizure warrant issued by the U.S District Court for the Middle District of Florida seized the servers and domain names of xDedic. The seizure was made possible with the assistance of the authorities in Europe, including the Federal Prosecutor’s Office and the Investigating Judge of Belgium, the Ukrainian National Cyber…
Read More