Tag Archive for: Vendor

Ransomware, Vendor Hacks Push Breach Number to Record High


Cybercrime
,
Fraud Management & Cybercrime
,
Ransomware

Report: 2.6 Billion Personal Records Exposed in the Last 2 Years

Ransomware, Vendor Hacks Push Breach Number to Record High
Data breaches in the U.S. have hit an all-time high thanks to hacking incidents, including ransomware and vendor attacks, says a new study released by Apple and MIT. (Image: Getty)

The number of data breaches in the U.S. has hit an all-time high amid mounting attacks against third party vendors and aggressive ransomware attacks, says a report from Apple and a Massachusetts Institute of Technology researcher.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail’s ATO & Fraud Prevention Challenge

Data breaches have more than tripled between 2013 and 2022, compromising 2.6 billion personal records in just the past two years – and that trend has continued to worsen in 2023, says the report written by MIT professor Stuart Madnick and published Thursday.

In the first eight months of 2023, more than 360 million people were affected by corporate and institutional data breaches, and 1 in 4 people in the U.S. had their health data exposed in data breaches.

More ransomware attacks were reported through January to September 2023 than in all of 2022, the report said. In the first three quarters of 2023, the number of ransomware attacks increased by nearly 70% compared to the same period in 2022.

A 2023 survey of 233 IT and cybersecurity professionals across 14 countries working in the healthcare sector found that 60% of organizations have faced a ransomware attack, which is…

Source…

Data breach reported by Suffolk County computer security vendor


A computer security application that Suffolk County installed last year to protect its systems in the wake of a 2022 cyberattack has itself been the subject of a data breach, leading Suffolk this week to alert its computer administrators to potential new attacks.

In an email obtained by Newsday, Suffolk’s computer team notified administrators across its network that a breach last month of computer security company Okta could result in attempts by hackers to gain access to systems protected by the measures.

Okta makes a security product known as a multi-factor authentication which verifies the identity of users requiring a unique security code sent to a cellphone or email system outside the primary work address.

A copy of an email sent to IT administrators in Suffolk on Wednesday noted that Okta “just revealed” that a “threat actor ran and downloaded a report that contained the names and email addresses of all Okta customer support system users.”

WHAT TO KNOW

  • A computer security application that Suffolk County installed last year to protect its systems in the wake of the 2022 cyberattack has itself been the subject of a data breach
  • Suffolk has alerted its computer administrators that the breach of computer security company Okta could result in potential new attacks.
  • Okta makes a product known as a multi-factor authentication which verifies the identity of users requiring a unique security code sent to a cellphone or email system outside the primary work address.

It notes that every administrator that has “ever been created for our Okta tenant is present in this report.”

For Suffolk and other customers, the breach means there is a “possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks.” Such attacks lure computer users into exposing sign-in or password information by appearing to come from legitimate sources.

Suffolk alerted its administrators to “ensure that all” have multi-factor authentication enrolled and activated to “protect not only the customer support system, but also to secure access to their Okta admin console.”

“I just wanted to let you know so you can be vigilant…

Source…

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones


Apple announced on Thursday that its latest operating system updates patch three new zero-day vulnerabilities. Based on the previous work of the organizations credited for reporting the flaws, they have likely been exploited by a spyware vendor.

The zero-days are tracked as CVE-2023-41991, which allows a malicious app to bypass signature verification, CVE-2023-41992, a kernel flaw that allows a local attacker to elevate privileges, and CVE-2023-41993, a WebKit bug that can be exploited for arbitrary code execution by luring the targeted user to a malicious webpage. 

Apple patched some or all of these vulnerabilities in Safari, iOS and iPadOS (including versions 17 and 16), macOS (including Ventura and Monterey), and watchOS.

It’s worth noting that while each of these operating systems is impacted by the zero-days, Apple said it’s only aware of active exploitation targeting iOS versions before 16.7.

Apple has not shared any information about the attacks exploiting the new vulnerabilities. However, considering that they were reported to the tech giant by researchers at the University of Toronto’s Citizen Lab group and Google’s Threat Analysis Group, they have likely been exploited by a commercial spyware vendor to hack iPhones. 

Citizen Lab and Apple recently investigated attacks involving a zero-day identified as CVE-2023-41064. That security hole, part of a zero-click exploit named BlastPass, was used to  deliver the NSO Group’s notorious Pegasus spyware to iPhones.

In an attack investigated by Citizen Lab, the spyware was delivered to an employee at an international civil society organization based in Washington DC. 

Advertisement. Scroll to continue reading.

CVE-2023-41064 impacts the WebP image format. The affected library is also used in the Chrome and Firefox web browsers, and Google and Mozilla were also forced to release emergency updates to address the zero-day, which they track as CVE-2023-4863.

Related: Google Links More iOS, Android Zero-Day Exploits to Spyware Vendors

Related: US to Adopt New Restrictions on Using Commercial Spyware

Related: Details Emerge on Israeli Spyware Vendor QuaDream and Its iOS Malware 

Source…

State Looks to Better Assess Vendor Security – Route Fifty



State Looks to Better Assess Vendor Security  Route Fifty

Source…