Tag Archive for: increasingly

Hackers Increasingly Infiltrate Software While It’s Still in Development—Before Guard Is Up


Imagine a lauded restaurant that attracts government officials and corporate elite. One day, someone sneaks into the kitchen and puts cyanide into a pot of stock used in its signature dish. The sitting U.S. president happens to be a guest that evening and consumes it. Now, the president is dead.

“That’s kind of what’s happened here, where SolarWinds are the cooks in the kitchen, and somebody has snuck in and put some malicious code into their software as they’re building it. And nobody noticed,” said Dan Draper, technologist and founder of Australia-based cybersecurity and governance platform CipherStash.

Source…

Fidelity National Financial hack highlights why many are increasingly concerned about cybersecurity


Recently, Fidelity National Financial, a Fortune 500 provider of title insurance for buyers and sellers, was hit by a devastating cyber attack.

Fidelity National Financial submitted regulatory documents to the U.S. Securities and Exchange Commission acknowledging the attack on Nov. 21, 2023, describing how it handled the situation. “Among other containment measures, we blocked access to certain of our systems, which resulted in disruptions to our business. For example, the services we provide related to title insurance, escrow and other title-related services, mortgage transaction services, and technology to the real estate and mortgage industries, have been affected by these measures.”

The next day, AlphV/Black Cat ransomware gang claimed credit.

On Nov. 30, 2023, FHF submitted an updated filing to the SEC regarding the attack. “The incident was contained on November 26, 2023. The company is restoring normal business operations and is coordinating with its customers.” As we write this, a week after FNF initially acknowledged the attack, Fidelity National Financial’s website is finally back online. The company hasn’t said whether it paid a ransom to restart its systems. While its website may be back online, many of its title company and settlement agent services were, at the time, still suffering an outage.

Regardless, the hack compromised the ability for the title company to close deals for its buyer and seller customers over the Thanksgiving weekend. For most people, when you buy or sell a home, you’re closing on the single biggest financial transaction of your life. Having that go awry can cause confusion, concern and even panic.

The FNF hack also highlights why so many in the financial services industry are increasingly concerned about cybersecurity. On its website, FHF has a link to a page discussing its “Commitment to Helping Combat Wire Fraud” and another to “potentially fraudulent employment offers.”

Business Email Compromise (BEC) is one way wire fraud happens in real estate. A hacker targets employees of a business. They send phishing emails that look real enough for someone in the business to click on them. The hacker then gains access to that…

Source…

Elastio uses reverse engineering to better understand increasingly sophisticated ransomware


Ransomware is on the minds of most corporations today, with a big concern about the impact of getting hit on day-to-day operations. Various solutions have emerged to help mitigate those headaches, including when it comes to cloud-native and cloud services.

The operating model in the cloud is much different than it is on-prem, according to Najaf Husain (pictured), founder and chief executive officer of Elastio Software Inc. That means there’s a very different strategy in place when it comes to technologies in the cloud to make things work, scale and be cost-performant for customers.

“We started out with the cloud in mind. All our technologies [are] focused on the cloud,” Husain said. “We work today on Amazon, you’ll see us go to multiple clouds soon — namely Azure, [Google Cloud Platform], the big triumvirate — but that’s where we start. Usually, the personas we focus on are the cloud security folks. Also, the infrastructure people get involved as well because it’s data. So, we’re kind of in between both of them.”

Husain spoke with theCUBE industry analyst John Furrier at the “Cybersecurity” AWS Startup Showcase event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the secret sauce of Elastio’s solutions and technology, along with the problems it aims to solve. (* Disclosure below.)

Knowing what’s in the data

Elastio is available out of the AWS Marketplace and works with a lot of Microsoft Corp. partners currently. The company also has a team that works with customers directly to get them deployed, with the product installed in 10 minutes through a cloud formation template, according to Husain.

“One thing that’s very unique about what we do, everything’s operated in the customer VPC,” he said. “So, it lives in the customer account, so the data never leaves that account. That’s a very important component of the platform.”

When it comes to Elastio’s core technologies, there are several areas at play, including the company’s deep inspection, its data integrity engine, and its ability to finally detect ransomware, malware and corruption inside data, according to…

Source…

Cyber Security Essentials: Safeguarding Your Digital Life In An Increasingly Connected World


Welcome to the digital age, where everything from our personal lives to global commerce relies on technology. As we revel in the convenience and endless possibilities it offers, we must also face a sobering reality – the ever-growing threat of cybercrime. With each passing day, hackers are becoming savvier and more relentless, posing serious risks to our digital lives. In this blog post, we will delve into cyber security essentials – an indispensable guide to fortify your online defenses in an increasingly connected world. Whether you’re a tech enthusiast or just starting out on your digital journey, join us as we navigate through the complexities of safeguarding your valuable data and ensuring peace of mind in this rapidly evolving cyber landscape.

What is Cyber Security?

Cybersecurity is the practice of protecting information systems from cyberattacks. Cyberattacks can take many forms, including:

-Spyware and malware: Private data such as e-mails, bank account numbers, and passwords can be stolen by spyware or malware. Spyware and malware can also monitor user activity and gather sensitive information.

-Data breaches: In a data breach, hackers access personal data belonging to either individuals or organizations. This can include name, address, e-mail addresses, and Social Security numbers. Data breaches can also result in the release of confidential information.

-Criminals exploiting online security vulnerabilities: Criminals could exploit online security vulnerabilities to gain unauthorized access to a system or to steal confidential information.

What are the threats to your digital life?

In an increasingly interconnected and digital world, cyber security is more important than ever. Here are five of the most common threats to digital life and how to safeguard yourself against them:

1. Hackers: Hackers can steal your personal information, passwords, and other confidential information. To protect yourself from hackers, make sure you keep…

Source…