Tag Archive for: comes

Don’t be foolish when it comes to data security

/in
Don’t be foolish when it comes to data security

Graham Cluley Security News is sponsored this week by the folks at SafeToGo Solutions. Thanks to the great team there for their support!

It doesn’t matter how big or small your business, or what industry you operate in, data breaches pose a real threat to all of us. In addition to monetary fines, a data breach can result in long-term reputational damage, business disruption, staff and customer churn.

Whilst businesses are busy investing huge amounts of money in the latest high-tech information security products, we shouldn’t forget the importance of bolstering internal security through staff training and security measures such as encryption and access management. After all the second largest contributor to data breaches globally is human error.

Find out now how SafeToGo Solutions can help businesses of all sizes reduce the risk of a data breach due to human error, with their range of data security products.

Find out more now!

Better SafeToGo than Sorry.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Graham Cluley

Russia’s Cozy Bear comes out of hiding with post-election spear-phishing blitz

/in
Russian President Vladmir Putin in St. Petersburg today for the St. Petersburg International Economic Forum, acknowledged today that Russian hackers may have interfered in the US election.

Enlarge / Russian President Vladmir Putin in St. Petersburg today for the St. Petersburg International Economic Forum, acknowledged today that Russian hackers may have interfered in the US election. (credit: Mikhail Svetlov/Getty Images)

Attackers suspected of working for the Russian government masqueraded as a US State Department official in an attempt to infect dozens of organizations in government, military, defense contracting, media, and other industries, researchers from security firm FireEye warned on Monday.

The spear-phishing campaign began last Wednesday. This is almost exactly two years after the Russian hacking group known under a variety of monikers, including APT29 and Cozy Bear, sent a similar barrage of emails that targeted many of the same industries, FireEye said in a blog post. The tactics and techniques used in both post-election campaigns largely overlap, leading FireEye to suspect the new one is also the work of the Russian-government-controlled hacking arm. FireEye researchers Matthew Dunwoody, Andrew Thompson, Ben Withnell, Jonathan Leathery, Michael Matonis, and Nick Carr wrote:

Analysis of this activity is ongoing, but if the APT29 attribution is strengthened, it would be the first activity uncovered from this sophisticated group in at least a year. Given the widespread nature of the targeting, organizations that have previously been targeted by APT29 should take note of this activity. For network defenders, whether or not this activity was conducted by APT29 should be secondary to properly investigating the full scope of the intrusion, which is of critical importance if the elusive and deceptive APT29 operators indeed had access to your environment.

“Secure” communications

At least 38 FireEye clients have been targeted so far in the spear-phishing campaign, Carr told Ars. The emails purport to deliver an official US State Department from a known public-affairs official at the same US agency. The messages were designed to appear as a secure communication that’s hosted on a webpage linked to the official’s personal drive. To further appear legitimate, the message delivers a legitimate State Department form.

Read 9 remaining paragraphs | Comments

Biz & IT – Ars Technica

The War On Fan-Subtitles Comes To Australia in The Form Of Site-Blocking

/in

One of the more curious fronts in the never ending copyright wars is the one launched against fan-made subtitles. The theory from the entertainment industry goes something like this: these subtitles allow pirates to download movies in foreign countries and then apply the subtitles to view them coherently, therefore it’s all copyright infringement. It’s a dumb argument on many levels, but chiefly because it’s inescapably true that the entertainment industry has done an absolutely terrible job of making sure it releases its own subtitled movies in these same countries and in these same languages. In other words, the entertainment industry isn’t going to serve you foreigners, and we’re not going to let anyone else serve you either. To date, much of this front of the war has been fought in Europe.

But now it’s poised to make landfall in Australia, where a site-blocking request lobbed by a group of entertainment industry players has, for the first time, included fansub sites.

Together the companies filed an application for the broadest-ever blocking injunctionat the Federal Court in Australia. If successful, it would compel Australia’s ISPs to block a record-setting 151 domains related to 77 ‘pirate’ sites.

The list of ISPs in the case is familiar. Telstra, Optus, Vocus, TPG and their subsidiaries are all named as respondents in the case with the addition of Vodafone, which was added after recently entering the fixed-line broadband market.  What is notable about the list is the inclusion, for the first time, of sites such as Subscene, Subsmovies, YIFYSubtitles. As their names suggest, these platforms offer subtitles for the latest movies and TV shows, something that doesn’t sit well with any of the companies involved but particularly Madman Entertainment which specializes in Japanese anime.

Let’s be clear about what this represents. The entertainment industry wants entire websites blocked for helping viewers understand what is being said on in their own native languages. If that doesn’t smack of overreach, it’s hard to imagine what would. This isn’t to say that fansubs can’t be used in combination with pirated movies and shows. They sure as hell can, but that isn’t the only application. The other is that entertainment fans buy the products legitimately, rip them, and then apply the fansubs so they can enjoy what they bought. The fact that such a market even exists makes the obvious point that the entertainment industry is failing at giving customers what they want or, in this case, need in order to enjoy those products. And yet the end result here is bans on entire sites?

Fortunately, the judge overseeing all of this appears to be fairly sober on how big a shift this represents for site-blocking.

As a result, the ever precise Justice Nicholas told the parties to ensure that no stone is left unturned in preparing evidence for the Court.

“You better make sure your evidence in relation to that is particularly thorough,” the Judge said. “There’s some creep here occurring – I don’t say that critically… [but] it’s a new angle so I’ll need to look at that closely.”

That sure sounds like a judge telling the industry that it sure better have the goods if it expects the court to go along with any of this. That isn’t to say Nicholas can’t be convinced with a sub-par response to his request. Perhaps he will be. But from the outset it’s good to see Nicholas realize the importance of this shift and the industry’s creep into areas of site-blocking.

In the end, as is always the case, the bigger point is that attacking fansub sites is dumb. All the recent evidence seems to show that good legal alternatives are the recipe for stamping out concerns over piracy. Site-blocking those actually providing those alternatives, on the other hand, is not.

Permalink | Comments | Email This Story

Techdirt.

New Spider Ransomware Comes With 96-Hour Deadline

/in

  1. New Spider Ransomware Comes With 96-Hour Deadline  Threatpost

  2. Don’t Download This Word File: New Ransomware Deletes Victim’s Files In 96 Hours  International Business Times

    3. Full coverage

Ransomware – read more