Tag Archive for: Hosted

Houston unknowingly hosted mail-order bride, casino posts on city website

/in


The page on Wednesday morning featured a spate of blog entries on a variety of confounding topics that were decidedly unrelated to City Hall. They were taken down by the afternoon, after the Houston Chronicle inquired about them.

The source of the blog entries, many of which were nonsensical, was unknown Wednesday. Mary Benton, the city’s communications director, said she alerted the information technology department to the posts. The listed author on the articles, a housing department employee named Ashley Lawson, did not actually write and post them, Benton said.

CITY HALL NEWS: Mayoral aide took bribe to help bar pass inspection, fast-track permit, records show

The entries appeared on the city’s news site, cityofhouston.news, a WordPress blog that does not share a domain with the city’s primary website, houstontx.gov.

Christopher Mitchell, the city’s chief information security officer, said no city information was compromised. 

“We were recently made aware of improper posts appearing on a blog site utilized by the city to allow individual departments to post departmental content,” Mitchell said in a statement. “The blog site is hosted on a third-party platform and is not connected to any City of Houston enterprise systems. At no point did the city experience a compromise of city systems, data, or information. The origin of the posts was from an active account that was no longer in use, and the city is taking all necessary precautions to correct the issue and prevent a recurrence.”

The posts, often in broken or garbled English, had appeared at least 29 times since Sept. 13, displayed as “uncategorized” entries among more routine posts about police and fire investigations and where to get a flu shot.

RELATED NEWS: Once again, Houston is cutting its tax rate — but that doesn’t mean your bill will go down

Source…

DarkOwl Ransomware API offers insight into content from ransomware websites hosted on the darknet

/in


DarkOwl released Ransomware API, the latest in their suite of darknet products. By enabling users to monitor darknet ransomware sites for their strategic assets – including first and third party vendors – organizations have the most accurate information available as to whether an entity has been extorted or compromised in a ransomware attack.

Ransomware API accesses the same database of darknet content as DarkOwl’s other data products, but targets results to content that was posted on ransomware group websites. These sites include those where actors post about their victims, and frequently leak compromised data that resulted from their attacks. Using this data, a company could expose potential risk for their own organization, assess supply chain vendor risk, or calculate risk to support cybersecurity insurance underwriting processes.

“As ransomware actors become ever more prevalent and advanced in the darknet, companies need tools that allow them to monitor and stay ahead of any cyberattacks. We hope that our deep coverage of this space can help illuminate a criminal economy that is constantly shifting and evolving,” said Mark Turnage, President and CEO of DarkOwl.

DarkOwl’s newest product was developed as a direct result of market demand, and is the first in the industry to offer streamlined, targeted insight into ransomware-hosted content on the darknet. As stated by DarkOwl’s Director of Product Technology, Sarah Prime, “We’re excited to release this new endpoint as a response to what we were hearing from our customers. Our insight into this area of darknet is unique, particularly our historical archive. Through this API product, organization mentions on these sites can now serve as a critical risk indicator.”

Source…

Military experts discuss the future of warfare in Thursday night forum hosted by The Gazette and KKTV | Subscriber-Only Content

/in


Now that America’s longest war has come to an end, what does the future of warfare look like?

That was the focus of many questions put to a panel of former and current military officers Thursday night at the Southeast Armed Services YMCA during a community conversation hosted by The Gazette and KKTV.

But as many of the roughly 50 in attendance arrived at the facility, a group of about two dozen stood on the sidewalk singing and holding signs.

Amy Zimbelman, a conference minister – something like a bishop – with Mountain States Mennonite Conference, which represents 17 churches in Colorado and New Mexico, stood next to fellow church members, peace and justice activists and Colorado College students.

The Colorado Springs resident had issue with the forum’s title: After Afghanistan: The Future of Warfare.

“The way the conversation is framed makes it sound as though warfare is just a foregone conclusion,” she said. “We need to look at other alternatives. We need to take seriously, active, non-violent resistance in our world.”



Community Conversation - After Afghanistan: The Future of Warfare

Amy Zimbelman, a conference minister with Mountain States Mennonite Conference, stands with a few dozen others outside the Southeast Armed Services YMCA before a community conversation with a panel of military experts discussing the future of warfare that was presented by The Gazette and KKTV on Thursday

. “We need to take seriously, active, nonviolent resistance in our world,” she said.




Colorado College freshman Wiley Holbrooke, 19, of Telluride, and…

Source…

Former Microsoft Security Analyst Claims Office 365 Knowingly Hosted Malware For Years

/in


microsoft hosting malware on office365 and onedrive

Malware on Windows devices has become a real problem in the last few years, specifically with a recent uptick in ransomware. It appears that Microsoft has been trying to combat this issue, though, with updates to Microsoft Defender, so it has more teeth than ever before. However, what if Microsoft is part of the problem too?

On Friday, cybersecurity researcher TheAnalyst explained on Twitter how BazarLoader malware leads to ransomware that can severely affect healthcare, among other industries. He then called out Microsoft, asking if the company has “any responsibility in this when they KNOWINGLY are hosting hundreds of files leading to this,” alongside an image of what appears to be malicious files being hosted in OneDrive.

bazar microsoft hosting malware on office365 and onedrive

To back this up, former Microsoft security analyst Kevin Beaumont replied, saying that Microsoft cannot call itself a security leader due to Office365 and OneDrive abuse happening for years. He continued, explaining that getting things taken down from OneDrive is a nightmare process with rather slow reaction times, making Microsoft the “world’s best malware hoster for about a decade, due to O365.”

response microsoft hosting malware on office365 and onedrive

However, this is not a Microsoft-exclusive problem nor a new issue, as we have seen malware hosted on other platforms in the past. According to research by the Bern University of Applied Sciences, Google and Cloudflare are currently among the top online malware hosting networks.  As such, the entire tech industry needs to be better about finding malicious content hosted on its servers before looking elsewhere for problems. 

top list microsoft hosting malware on office365 and onedrive

In any event, hopefully, this incident will drive Microsoft to decisive action that can help protect millions of people and thousands of organizations from debilitating malware attacks. However, let us know what you make of this entire situation in the comments below.  

Source…