Project Hyphae

Information Security News – 7-24-2023

Share This Post

White House, Big Tech Ink Commitments to Secure AI

  • The commitments that the tech companies have agreed on revolve around information sharing and testing, as well as transparency of the information they compile with the government and with the public.
  • Examples of these would be commitments to protect privacy, to prevent bias and discrimination, and even to implement a watermark so that public users are aware of what content is created by AI. 
  • The Biden Administration says that it is working with Congress to create legislation on AI that would provide safeguards and regulations to this kind of technology, as well as preparing executive actions that are soon to be announced.

Trends in ransomware-as-a-service and cryptocurrency to monitor

  • For example, Hive affiliates have been known to breach organizations using Remote Desktop Protocol (RDP) without multi-factor authentication (MFA), stolen credentials, phishing campaigns, and software vulnerabilities. There isn’t a single solution to effectively tackle these issues; you’d need multiple solutions working synergistically together to thwart attacks.
  • Almost all threat actors disseminate malware via phishing emails and targeting – in fact this is where most breaches start according to the 2023 Verizon Data Breach Investigations Report.

Cybersecurity measures SMBs should implement

  • SMBs often underestimate their appeal as a potential target. They assume they are “little fish” not worth the attackers’ effort and that their data holds little value. But that’s not true: their systems store sensitive information, including employee and customer data and financial information.
  • First and foremost, the notion that cybersecurity is solely the responsibility of the IT department must be dispelled; every individual within an organization plays a vital role in minimizing the risk of cyber incidents.
  • The Verizon 2023 DBIR report outlines three essential cybersecurity controls that will help SMBs with limited IT and cybersecurity expertise thwart general, non-targeted attacks: Security awareness and skills training, Data recovery, and Access control management.

Microsoft 365 Breach Risk Widens to Millions of Azure AD Apps

  • The Storm-0558 breach that gave Chinese advanced persistent threat (APT) actors access to emails within at least 25 US government agencies could be much further-reaching and impactful than anyone anticipated.
  • any Microsoft customers have lacked visibility as to the impact of the attacks on their businesses, because the advanced logging that could detect the anomalous behavior has only been available as part of a paid premium service.
  • Personal Microsoft accounts for services like Skype and Xbox are also vulnerable.

U.S. preparing Cyber Trust Mark for more secure smart devices

  • A new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose connected devices that are more secure and resilient to hacker attacks.
  • Major vendors and makers in the U.S. have already announced their participation. Among them Amazon, Google, Best Buy , LG Electronics U.S.A., Logitech, and Samsung Electronics.
  • To improve transparency and stimulate competition, certified devices would be listed into a national registry that consumers could consult via a QR code to compare the security information present in multiple products.

IT worker jailed for impersonating ransomware gang to extort employer

  • 28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail his employer during a ransomware attack.
  • To deceive the company, he impersonated the ransomware gang extorting them. He tried to redirect the ransomware payments by switching the cybercriminals’ cryptocurrency wallet to one under his control.
  • However, the company didn’t comply with the attackers’ demands, and internal investigations during that period exposed Liles’ unauthorized access to confidential emails while using the Internet connection at this home.
  • Although Liles took precautions by erasing all data from his personal devices after becoming aware of the progressing investigations, SEROCU’s cybercrime team seized his computer and successfully recovered incriminating evidence.

Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware

  • Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name for their operation.
  • Furthermore, ID Ransomware shows one submission from infected victims, indicating that this Ransomware-as-a-Service operation is active.

Reach out to our incident response team for help

More To Explore

Information Security News 2-26-2024

United Health Confirms Optum Hack Behind US Healthcare Billing Outage Article Link: Privacy Beats Ransomware as Top Insurance Concern for Some Article Link:

Information Security News 2-19-2024

U.S. Internet Leaked Years of Internal, Customer Emails Article Link: Prudential Files Voluntary Breach Notice With SEC Article Link: U.S. State Government Network

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.