Tag Archive for: Exposure

Ransomware now dispenses with data encryption and blackmails with brand exposure – Intelligent CIO LATAM

/in


With Brazil already facing an overwhelming wave of ransomware attacks, Hilmar Becker, Country Manager, F5 networks, Brazil, warns of a switch in tactics by threat actors – leaving organisations even more exposed.

Hilmar Becker, Country Manager, F5 networks, Brazil

Throughout 2023, a harsh reality set in.

The ever-evolving threat landscape has ransomware continuing to wreak havoc.

Brazil remains in a prominent position in relation to this threat: we are the fourth largest ransomware target in the world, according to a report released in the first half of this year.

Only the US, UK and Spain beat our market in this regard.

The accelerated digitalization of the Brazilian economy is not always accompanied by alignment with the best practices of digital security, which increases the vulnerability of companies to these types of attacks.

For years, the practice of encrypting data and holding it hostage until a payment was made was the hallmark of ransomware attacks. The victim’s dilemma was quite simple: pay the ransom or risk losing access to critical data.

To maintain their effectiveness, ransomware gangs have started to innovate with different tactics.

This is the case of double extortion, in which not only is data encrypted, but also stolen information is threatened to be publicly exposed or sold on the dark web.

The first case of this modality happened in 2019.

Shortly after, in 2020, triple extortion began to make the news, which takes double extortion a step further, taking advantage of confidential information about customers, relatives, or other entities related to the victim.

This is an advanced level of blackmail that starts from the attack on the organization to, at another time,

trigger actions pulverized by all the people who had their data exposed.

In recent months, cybercriminals have introduced yet another technique to their arsenal: unencrypted attacks.

In the face of the overwhelming wave of ransomware affecting Brazil, it has become commonplace for companies to keep backups of their data, and decryption tools are being created to neutralize ransomware variants.

This advocacy has changed digital gangs. Thus,…

Source…

OnePlus Open’s latest update lets you set a specific exposure value in Photo mode

/in


The OnePlus Open is receiving a new software update. It doesn’t upgrade the foldable from Android 13 to Android 14 but brings some system and communications improvements. More importantly, it now lets users set a specific exposure value for the camera, but only in the Photo mode.

The update also bumps up the Android security patch level on the OnePlus Open to November 2023. It has firmware CPH2551_13.2.0.201(EX01) and requires a download of about 510MB. You can check the screenshots below for the update’s changelog.



OnePlus Open OxygenOS 13.2.0.201 update’s changelog

It’s worth mentioning that this update is currently only seeding in India, but the rollout should expand to other regions soon.

Via

Source…

Excessive Data Exposure: What It Is, How We Can Help

/in


No. 3 on the OWASP API Top 10 vulnerabilities list is excessive data exposure (after BOLA and broken user authentication). OWASP says of this vulnerability, “Looking forward to generic implementations, developers tend to expose all object properties without considering their individual sensitivity, relying on clients to perform the data filtering before displaying it to the user.” 

How Do Excessive Data Exposure Exploits Work? 

Attackers can probe for excessive data exposure in a number of ways. They can analyze legitimate response traffic, looking for exposed sensitive data, or, more commonly, they can look for human patterns – development team practices – that indicate ways to attack an API. 

OWASP gives this example: 

The mobile team uses the /api/articles/{articleId}/comments/{commentId} endpoint in the articles view to render comments metadata. Sniffing the mobile application traffic, an attacker finds out that other sensitive data related to comment’s author is also returned. The endpoint implementation uses a generic toJSON() method on the User model, which contains PII, to serialize the object. 

How to Prevent Excessive Data Exposure 

It’s a common practice when building APIs for developers to simply serialize all the data related to a particular API resource, irrespective of that data’s sensitivity. This practice may seem like a common sense time-saving design pattern, but it can result in an info leak, where sensitive data is exposed to unauthorized clients, or bad actors. A more defensive practice is to clearly classify data in a system, and to define a separate data model for public interfaces such as APIs. 

Bottom line for developers: Be conservative about what data you return in API responses. It might seem like a great idea to “future-proof” an API, making it applicable for applications that were not originally envisioned by the application owner. But, a future fraught with data breaches isn’t on anyone’s bucket list. Instead, be conservative in resource representations and only include data necessary for well-understood use cases. This conservative approach dramatically decreases implementation effort, and also presents…

Source…

Can You Minimize Ransomware Settlement Exposure with Cyber Insurance?

/in


Nearly anyone can be a victim on the cyber battlefield, including celebrities. The personal data of Madonna, Bruce Springsteen, Lady Gaga, and Elton John was stolen from Grubman Shire Meiselas & Sacks (GSMS), and because GSMS refused to pay the ransom in full, much of the information ended up for sale on the internet. Even though the FBI got involved and GSMS hired private individuals to recover the data, only some of it was reclaimed.

The GSMS attack used what’s referred to as the double extortion method:

  • First, they stole data
  • Then, they threatened to publish the data if GSMS didn’t pay the ransom within a specified time frame

A ransomware attacker can gain access to your system through a number of ways, including guessing an employee’s password, using malware to infiltrate your network, email spoofing, or spear phishing, which is explained in this video by Cisco.

While cyber insurance cannot prevent a ransomware attack, there’s a lot it can do if you find your systems hacked and your data held for ransom. But each attack—and insurance policy—is different. 

Below, we’ll discuss how cyber insurance works, how it can be used to reduce the impact of ransomware settlements, what it covers, and the trends shaping the cyber insurance industry.

What Is Cyber Insurance and Who Needs It?

An organization can obtain cybersecurity insurance, also known as cyber liability insurance or cyber insurance, to help mitigate internet-related risks such as ransomware and other forms of cyberattack. The insurance contract transfers some of the risks to the insurer in return for a monthly or quarterly payment.

Cyber insurance benefits companies that produce, store, and handle electronic data online, such as credit card details, client contact information, and consumer purchases. It can help pay for the costs of reclaiming data in case it gets stolen. Cyber insurance is also an advantage for e-commerce companies because downtime resulting from a breach may result in lost clients and sales. 

Can You Minimize Ransomware Settlement Exposure with Cyber Insurance?

Ransomware attacks are becoming more prevalent. And because no company is too big or small for malicious actors, it’s only a…

Source…