Tag Archive for: careless

When Ransomware Gangs Get Careless

/in


Cyber Fail
,
Fraud Management & Cybercrime
,
Ransomware

Also: Rampant App Vulnerabilities, Cloud Misconfiguration and Why CISOs Matter

Anna Delaney (annamadeline) •
February 2, 2024    



Watch ISMG host Anna Delaney and our panel of experts in this episode of “Cyber Fail.”



Welcome to “Cyber Fail,” where our experts uncover fails so we can all strengthen our defenses. Today, we examine what happens when ransomware groups get careless, application developers’ laissez-faire attitude toward vulnerabilities, and the security woes of a beleaguered crypto exchange.

See Also: OnDemand Panel | Securing Operational Excellence: Thwarting CISOs 5 Top Security Concerns

In this episode:

  • When Ransomware Gangs Get Careless. Security researcher Brian Krebs recently poked around the 8Base ransomware group’s data leak site and found an error page that yielded a wealth of information about the developer who built it. Here’s what happens when cybercriminals are negligent.

  • Hacking the Human Brain. News that the U.S. Food and Drug Administration approved a request from Elon Musk startup Neuralink for human testing of a neural link to the brain deserves a moment of introspection.

  • Passwords? Who Needs Passwords? Investigators finally got to the bottom of how bad actors hacked into the DC Health Link insurance system and compromised the personal information of 56,000 Washington, D.C., residents – including members of Congress. Was it a convincing phishing email? Highly sophisticated malware? Of course not!

  • App Security: What, Me…

Source…

Cyber Security Today – US, Canada among top countries for data theft, careless employees lead to data exposure, and watch out for signs of cyber espionage

/in


US, Canada ranked among top countries for data theft, more careless employees lead to data exposure and watch for this possible sign of cyber espionage

Welcome to Cyber Security Today. It’s Wednesday December 2nd. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:


Cyber Security Today is brought to you by the new Cisco Security Outcomes Study, where we surveyed 4,800 cybersecurity and IT professionals.

Visit https://cisco.com/go/SecurityOutcomes to read the results.

 

You might expect the United States is the country affected most by data theft in the past seven years. A British consumer website called USwitch came up with that nugget by calculating the amount of publicly-announced data stolen per 100,000 of a country’s population. In second place, South Korea. And number three: Canada. The United Kingdom was in fourth place, followed by Australia. That ranking gives weight to big data thefts rather than the number of breaches. Canada has a lot fewer data breaches than the U.S., but many of them were big — for example last year’s hack of medical laboratory LifeLabs led to the exposure of personal data belonging to 15 million people in Ontario and B.C. The hack in 2015 of the Toronto-based adult dating website Ashley Madison exposed personal data of over 30 million people in several countries.

Employees are still being careless with corporate data. Here’s two of the latest examples: Reporters at the TechCrunch news site recently found unprotected data on a server holding thousands of patient records and lab reports for American psychiatrists and therapists. The data belonged to a customer of NTreatment, a San Francisco-based provider of a cloud-based medical practice management software suite. Not only was the database not password-protected, the data wasn’t encrypted. After being alerted NTreatment said the server was being used for general purpose storage by the user.

Meanwhile The Register reports that a Cayman Island investments fund left its entire data backups open to anyone after failing to properly configure data left on Microsoft Azure, a cloud-based storage service. The fund’s…

Source…

Zoom takes action after meeting IDs leak in careless screenshots

/in

The video-conferencing app Zoom has been updated to remove the display of meeting IDs from its title bar, after a series of high profile privacy blunders by those sharing screenshots of their online meetings.

Read more in my article on the Hot for Security blog.

Graham Cluley

Android devices are stunningly vulnerable if you’re a careless power-user

/in

  1. Android devices are stunningly vulnerable if you’re a careless power-user  Mashable

  2. Research discovers Android’s open nature leads to devices shipping with vulnerabilities  SlashGear
  3. Surprise! Many Android devices come with vulnerabilities right out of the box  Neowin

    4. Full coverage

android security news – read more