Hackers Leak 2.7 Billion Data Records with Social Security Numbers
Article Link: https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers
- Nearly 2.7 billion data records with names, Social Security numbers, and addresses were leaked, exposing the sensitive personal information of U.S. residents.
- The leaked data comes from National Public Data, a company that collects and sells personal information primarily used for conducting background checks.
- Initially, a hacker named USDoD tried to sell 2.9 billion records in April 2024. However, pn August 6th, another hacker, “Fenice,” released 2.7 billion of the records for free. The release considerably increases the risk of fraud and phishing attacks. Industry experts encourage everyone to be cautious of scams and be mindful when clicking links from untrusted sources.
- As a result of this incident, National Public Data faces multiple class action lawsuits for failing to protect this data.
DDoS Attacks Surge 46% in First Half of 2024
Article Link: https://thehackernews.com/2024/08/ddos-attacks-surge-46-in-first-half-of.html
- Distributed Denial of Service (DDoS) attacks increased by 46% in the first half of 2024, reaching 445,000 incidents posing a growing threat to online infrastructure according to the security company GCore.
- The gaming and gambling industry suffered the most, with 49% of attacks, while the technology sector’s share doubled to 15%.
- Network-layer attacks disrupted real-time services in gaming, technology, and telecom. In contrast, application-layer attacks targeted financial services, e-commerce, and media.
- The rise in personalized and powerful DDoS attacks highlights the urgent need for advanced cyber defenses and increased international cooperation.
- Link to GCore’s Report: https://gcore.com/blog/radar-q1-q2-2024-insights/
NIST Releases First Encryption Tools to Resist Quantum Computing
Article Link: https://www.bleepingcomputer.com/news/security/nist-releases-first-encryption-tools-to-resist-quantum-computing
- The U.S. National Institute of Standards and Technology (NIST) has introduced three new encryption standards to protect data from future threats posed by quantum computers, which are powerful enough to break current encryption methods potentially.
- Quantum computers could one day crack the encryption that secures sensitive information. The new standards are designed to prevent this by using advanced algorithms that are resistant to quantum computing attacks.
- The finalized standards are FIPS 203, FIPS 204, and FIPS 205 which are based on three key algorithms respectively: ML-KEM ensures secure key exchanges between parties, ML-DSA validates identities and message integrity, and SLH-DSA acts as a backup digital signature method in case the primary one encounters issues.
- NIST advises organizations to start using these new encryption methods now, as the transition will be gradual. Many tech companies have already adopted these standards to safeguard their data against future quantum threats.
- Link to NIST’s Announcement: https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards
FBI Shuts Down Dozens of Radar/Dispossessor Ransomware Servers
Article Link: https://www.darkreading.com/cyberattacks-data-breaches/fbi-shuts-down-dozens-of-radar-dispossessor-ransomware-servers
- With U.S., U.K., and German partners, the FBI successfully dismantled the Radar/Dispossessor ransomware group, disrupting their global operations.
- The group used a hardnosed ransomware scheme of “double extortion” by stealing and encrypting data, then demanding ransoms from small to mid-sized businesses, especially in sectors like healthcare and education.
- Radar/Dispossessor’s global impact has affected U.S., U.K., Germany, Australia, and other countries with aggressive tactics that included directly pressuring employees to pay ransoms.
- Despite this law enforcement victory, the ransomware threat remains. Businesses must stay vigilant by regularly updating software and using strong passwords to protect against future attacks.
High-Risk Cloud Exposures Surge Due to Rapid Service Growth
Article Link: https://www.infosecurity-magazine.com/news/high-risk-cloud-exposures-palo
- The rapid growth of over 300 new cloud services introduced monthly has significantly increased the risk of high or critical cybersecurity exposures.
- High-risk exposures are primarily concentrated in essential areas like IT infrastructure, business applications, and remote access services, which are critical to maintaining security integrity.
- Affected sectors such as media, telecommunications, insurance, and healthcare are experiencing heightened risks due to the addition of thousands of new services, broadening their attack surfaces.
- To mitigate these risks, organizations should adopt strategies for continuously scanning internet-exposed services, prioritize vulnerabilities based on potential impact, and leverage automation for effective threat detection and response.
- Link to Unit 42’s Report: https://unit42.paloaltonetworks.com/2024-unit-42-attack-surface-threat-research-internet-connected-exposures/
The AI Hangover is Here – The End of the Beginning
Article Link: https://thehackernews.com/2024/08/the-ai-hangover-is-here-end-of-beginning.html
- Major artificial intelligence (AI) companies like Nvidia and Google are recalibrating as initial hype fades, entering a “trough of disillusionment” with more realistic expectations related to the development of AI.
- AI is expected to evolve from disillusionment to broader, effective adoption, with companies like Apple and Google demonstrating practical uses.
- Generative AI presents challenges such as high costs, inconsistent performance, and complex integration, requiring careful management to avoid cybersecurity risks.
- From a business perspective, AI has the potential to impact customer service and code development positively but introduces new cybersecurity vulnerabilities. Successful use requires strong governance and integration strategies.
DoD Proposes CMMC 2.0 Rule to Enhance Cybersecurity in Defense Industrial Base, Seeks Comment
- The Department of Defense (DoD) has introduced new regulations under the Cybersecurity Maturity Model Certification (CMMC 2.0) program to enforce stricter cybersecurity standards on contractors and subcontractors.
- The DoD is moving forward with rule finalization by proposing a new Defense Federal Acquisition Regulation (DFARS) rule, which incorporates the CMMC 2.0 program rule. The new rule is open for comment until October 19, 2024.
- CMMC 2.0 will be phased in over three years, requiring all DoD contractors and subcontractors to meet specific cybersecurity criteria before qualifying for contracts, ensuring they can protect data.
- As the article notes, the DoD looks to secure Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). Likewise, it was noted that the plan is for organizations to easily and efficiently update their CMMC attestations within the DoD’s Supplier Performance Risk System (SPRS).
- Proposed Rule: https://www.federalregister.gov/documents/2024/08/15/2024-18110/defense-federal-acquisition-regulation-supplement-assessing-contractor-implementation-of
Why OT Cybersecurity Should Be Every CISO’s Concern
Article Link: https://www.csoonline.com/article/3485728/why-ot-cybersecurity-should-be-every-cisos-concern.html
- Critical operational technology (OT) security is often assumed to be irrelevant. However, OT includes essential systems like elevators and HVAC units, which are crucial for daily operations and vulnerable to cyber threats.
- The rise of smart buildings and internet of things (IoT) devices has intensified OT risks. Notable breaches highlight these vulnerabilities such as accessing a casino’s database via a smart thermometer or disrupting power grids through HVAC systems.
- CISOs should integrate OT into their security strategies including threat modeling, risk assessments, and governance. This approach is key for limiting disruptions and protecting organizational reputation.
- Insecure OT can impact broader cybersecurity, as seen with the Mirai Botnet’s attack on major websites. Securing OT is essential for protecting both individual organizations and the overall cybersecurity landscape.
The Role of Employee Awareness in Preventing Supply Chain Attacks
Article Link: https://www.techradar.com/pro/the-role-of-employee-awareness-in-preventing-supply-chain-attacks
- Employee awareness is fundamental for preventing supply chain attacks, which target vulnerabilities in a network of vendors; 98% of organizations work with third parties that have faced data breaches.
- These types of attacks include malware embedded in software updates, compromised internet of things (IoT) devices and networks, and social engineering tactics that exploit human vulnerabilities.
- Effective training programs should consist of real-world scenarios and interactive exercises to help employees recognize and respond to threats such as phishing and social engineering.
- Strong defenses require rigorous third-party security standards, regular security assessments, and continuous feedback to refine awareness programs and enhance overall security.