Cisco Data Breach and UK Government’s Free Cybersecurity Initiative for Schools

Cisco Data Breach by IntelBroker

A prominent threat actor known as IntelBroker has claimed responsibility for breaching Cisco’s computer network and is preparing to release stolen data on a well-known hacker forum.

Reports indicate that a cyberattack occurred on Cisco’s servers in June, and following what appears to be a lack of response from the company, the attackers—who formed a trio including Zjj, Energy Weapon Users, and IntelBroker—are now looking to sell the compromised information on the dark web.

The stolen data is particularly concerning, as it reportedly includes sensitive research and development information. The hackers are attempting to sell this data at a high price, labeling it with tags that denote its sensitivity. Sources from Cybersecurity Insiders reveal that the compromised information encompasses Jira tickets, API tokens, AWS cloud data stored in private buckets, Cisco Tech SRCs, Docker builds, Azure storage metadata, private and public keys, SSL certificates, SonarQube project data, and login credentials for GitLab and GitHub.

Cisco has acknowledged the situation, stating it is actively investigating IntelBroker’s claims and is aware of sample data being circulated on the dark web.

UK Government Offering Free Cybersecurity to Schools

In light of increasing cyber threats, particularly against educational institutions, the UK government is launching a free cybersecurity initiative aimed at safeguarding school websites and IT infrastructure.

Cybercriminals are increasingly targeting schools, as student data is highly lucrative on the dark web. Ransom demands can put educational institutions in difficult positions, leading to a rise in cyberattacks.

To combat this trend, the National Cyber Security Center (NCSC), in collaboration with the UK government, has announced a new initiative under the Protective Domain Name System (PDNS) program, which will provide free cybersecurity services to schools and educational institutions.

This program, announced on October 15, will soon extend to a variety of educational establishments, including academies, private schools, and internet service providers serving these institutions. The initiative aims to enhance defenses against spyware, malware, and ransomware attacks.

The urgency of this program follows a report from the Office of Qualifications and Examinations Regulation (Ofqual), which revealed that over a quarter of schools and colleges in England were targeted by cyberattacks in 2023, with threats expected to escalate further this year.

We hope the PDNS achieves its intended goals effectively!

The post Cisco Data Breach and UK Government’s Free Cybersecurity Initiative for Schools appeared first on Cybersecurity Insiders.

October 15, 2024 at 08:37PM

Read More

How to Protect Yourself from Deceitful Identity Theft Trends

Identity theft is a growing concern in our digital age, with scammers constantly evolving their tactics to deceive unsuspecting victims. Protecting yourself from these deceitful identity theft trends requires vigilance and proactive measures. Here’s how you can safeguard your personal information and reduce your risk of falling victim to identity theft.

1. Stay Informed About Common Tactics

Understanding the latest trends in identity theft is your first line of defense. Scammers often use methods such as phishing emails, social engineering, and data breaches to obtain personal information. Familiarize yourself with these tactics and be cautious about unsolicited communications that ask for sensitive data.

2. Use Strong, Unique Passwords

Creating strong passwords is essential for protecting your online accounts. Use a combination of upper and lowercase letters, numbers, and symbols. Avoid using easily guessable information like birthdays or common words. Additionally, use a unique password for each account to prevent a single breach from compromising multiple accounts.

3. Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security to your accounts. Even if a hacker manages to obtain your password, they will need a second form of verification—such as a code sent to your phone—to access your account. Always enable 2FA where available.

4. Monitor Your Financial Statements

Regularly review your bank and credit card statements for any suspicious transactions. Set up alerts for transactions over a certain amount to catch potential fraud quickly. Additionally, consider using a credit monitoring service to keep an eye on your credit report for any unauthorized accounts.

5. Be Cautious with Personal Information

Limit the personal information you share online, particularly on social media. Scammers often use details like your birthdate, hometown, or pet’s name to guess your passwords or security questions. Adjust privacy settings on social platforms to restrict who can view your information.

6. Shred Personal Documents

Before disposing of documents containing personal information, such as bank statements or tax returns, be sure to shred them. This prevents identity thieves from retrieving sensitive information from your trash.

7. Secure Your Devices

Keep your devices secure by regularly updating your operating system and software. Use reputable antivirus and anti-malware programs to protect against malicious software. Additionally, avoid using public Wi-Fi for sensitive transactions, as these networks can be insecure.

8. Be Wary of Scams and Offers That Seem Too Good to Be True

If you receive unsolicited offers or requests for personal information, be skeptical. Scammers often use enticing offers to lure victims into providing their information. Research the source and confirm its legitimacy before responding.

9. Report Suspicious Activity Immediately

If you suspect that your identity has been compromised, act quickly. Report the incident to your bank, credit card company, and local authorities. You may also want to place a fraud alert on your credit report or freeze your credit to prevent further misuse.

10. Educate Yourself and Others

Knowledge is power. Stay informed about the latest identity theft trends and educate friends and family on how to protect themselves. Sharing information can create a more informed community that is less susceptible to deceitful tactics.

Conclusion

As identity theft continues to evolve, so must our defenses. By staying informed, taking proactive steps, and being cautious with personal information, you can significantly reduce your risk of falling victim to deceitful identity theft trends. Remember, protecting your identity is an ongoing process that requires vigilance and awareness.

The post How to Protect Yourself from Deceitful Identity Theft Trends appeared first on Cybersecurity Insiders.

October 15, 2024 at 11:10AM

Read More

Ransomware news headlines trending on Google

Sophos Survey Reveals Alarming Trends in Ransomware Attacks

Recent findings from a Sophos report titled “Turning the Screws: The Pressure Tactics of Ransomware Gangs” highlight a troubling evolution in ransomware tactics. Cybercriminals are no longer merely stealing data and encrypting it until a ransom is paid; they are now employing more aggressive strategies to maximize pressure on victims.

The report reveals that sensitive information stolen from databases is being weaponized against victims who refuse to comply with ransom demands. For instance, hackers are engaging in doxing, targeting the family members of CEOs and company leaders. They threaten to expose personal details, such as mental health struggles, unless the ransom is paid.

Moreover, attackers are analyzing stolen data to identify and contact employees of the affected companies, employing intimidation tactics to coerce these individuals into pressuring their employers to meet the hackers’ demands.

In a more alarming twist, Sophos researchers discovered that some attackers are leveraging professional data auditing services to uncover discrepancies, such as irregularities in tax filings. Victims are threatened with exposure to governmental authorities if they do not comply with ransom demands.

One can only hope that law enforcement can put an end to these heinous tactics.

Live Nation Faces Lawsuit Following Ransomware Attack

In another significant case, Live Nation is set to face legal action after a cyberattack on its subsidiary, Ticketmaster, by the hacking group Shiny Hunters. This breach exposed the personal details of nearly 560 million customers, including names, addresses, emails, phone numbers, and financial information. The hackers demanded $500,000 to refrain from leaking this sensitive data on the dark web.

Due to Ticketmaster’s failure to detect the breach for two months and the subsequent 14 weeks taken to notify affected customers, Live Nation now faces a lawsuit. A federal court in California has received a petition related to this data breach, and the company could be liable for up to $5 million in penalties for its inadequate protection of user information.

While users are justifiably frustrated with Ticketmaster, it’s crucial to note that the company itself was a victim of a cyberattack that initially targeted a third-party cloud services provider, Snowflake. This raises an important question: who should bear the blame in such complex scenarios?

Vox Pop, invited!

The post Ransomware news headlines trending on Google appeared first on Cybersecurity Insiders.

October 15, 2024 at 11:00AM

Read More

Lack of Cyber Talent is creating new opportunities to Cyber Threat Actors

It is evident that in the absence of vigilant oversight and corrective measures, situations can deteriorate rapidly, often leading to negative outcomes. This phenomenon is increasingly pertinent in the realm of cybersecurity, where the stakes are higher than ever.

A recent report by Sophos highlights a significant talent shortage within the cybersecurity sector, which has left many small and medium-sized businesses (SMBs) vulnerable to increasingly sophisticated cyberattacks. The lack of professional security expertise creates a vacuum that malicious actors exploit, providing them with opportunities to orchestrate attacks that can yield substantial financial rewards.

The findings of a comprehensive survey involving over 5,000 IT security professionals across 14 countries—focusing on organizations with a workforce ranging from 150 to 500 employees—reveal that the scarcity of cybersecurity skills has emerged as a pressing challenge. This issue now ranks as a major concern for SMBs, second only to the threats posed by zero-day vulnerabilities.

Titled “Addressing the Cybersecurity Skills Shortage in SMBs,” the Sophos report underscores the urgent need for business leaders to prioritize the fortification of their cybersecurity defenses. It advocates for strategic hiring practices aimed at acquiring talent capable of effectively managing and mitigating the risks associated with cyber threats. Achieving this requires a dedicated budget allocation to cybersecurity initiatives, enabling human resources departments to recruit the necessary expertise.

According to ISC2, organizations are increasingly turning to professionals from related fields—such as data scientists and storage engineers—to fill the cybersecurity talent gap. These individuals possess foundational knowledge and skills that can contribute to securing the infrastructure, despite not being traditional cybersecurity experts.

As we approach the holiday season, the threat landscape is poised to expand dramatically. During this period, many employees, including those in IT, will take time off, compelling organizations to operate with a leaner staff. This reduced workforce may struggle to meet the complex demands of cybersecurity, further exacerbating vulnerabilities.

To navigate this precarious situation effectively, businesses must enhance their defensive measures and allocate adequate resources to information technology. By doing so, they can significantly mitigate the risks associated with cyberattacks and safeguard their operations against the escalating threat landscape.

The post Lack of Cyber Talent is creating new opportunities to Cyber Threat Actors appeared first on Cybersecurity Insiders.

October 14, 2024 at 08:55PM

Read More

Gmail Users Targeted by AI-Driven Cyber Attacks and OpenAI-Generated Malware

In recent days, numerous Gmail users around the globe have reported receiving deceptive phone calls from individuals posing as Google Support. These calls, powered by AI technology, aim to trick users into disclosing their account credentials, putting their personal data at risk.

The calls, which mimic legitimate Google Support communications, are part of an AI-driven scam designed to gain control of Gmail accounts. Sam Mitrovic, a Microsoft Solutions consultant, was one of the tech-savvy individuals who encountered this scam. Fortunately, he recognized the phishing attempt in time and did not share his account information, resulting in minimal loss.

Given the scale of this threat, with over 2.5 billion Gmail users worldwide, it’s crucial for all users to remain vigilant against this account recovery scam, which seeks to capture sensitive credentials and potentially lock users out of their accounts permanently.

In related news, concerns have arisen regarding Microsoft’s recent acquisition of ChatGPT, developed by OpenAI. Reports suggest that cybercriminals are increasingly using AI tools to create malware, spread misinformation, and execute spear phishing attacks. Proofpoint reported in April that a threat actor known as TA547 utilized AI-generated PowerShell loaders to deploy malware, including the Rhadamanthys info stealer.

Additionally, security researchers from Cisco Talos revealed in November 2023 that a Chinese advanced persistent threat (APT) group, SweetSpecter, has been targeting Asian government organizations to distribute malware and collect intelligence for the benefit of Beijing.

Recently, a hacker group believed to be based in Israel attempted to leverage AI tools, including those developed by ChatGPT, to identify vulnerabilities in Programmable Logic Controllers used in nuclear facilities. This information was allegedly used to infiltrate Iranian nuclear sites.

It’s important for readers of Cybersecurity Insiders to understand that these attacks are not being launched directly through the OpenAI platform. Instead, the software is being exploited by criminals to achieve their malicious goals. The focus should be on the individuals misusing these technologies, as any innovation can be weaponized if it falls into the wrong hands.

The post Gmail Users Targeted by AI-Driven Cyber Attacks and OpenAI-Generated Malware appeared first on Cybersecurity Insiders.

October 14, 2024 at 11:55AM

Read More

Protecting Privacy in a Data-Driven World: What should you look for in a DLP Solution?

The latest data loss involving MC2 Data, a background check company, saw sensitive information of more than 100 million people in the US leaked which has put the lives of millions on the line for computer-related crimes such as identity theft amongst others. A popular cybersecurity news website has recently established an unprotected 2.2TB database that contains personal information like employment history, criminal records, phone numbers, or addresses. This incident has raised many questions about data management and issues in big corporates. 

Having a measure in place for Data Loss Prevention (DLP), is not just a choice anymore but a need for enterprises. 

Understanding of Data Loss Prevention (DLP)

Data Loss Prevention solutions offer solutions to threats involving communication, storage, or modification of sensitive data. Due to highly strict rules, requirements and constant rise in numbers and effectiveness of cyber threats, DLP tools have become critical for any organization, no matter how large it is. This blog explains why DLP is crucial given today’s environment. 

Due to the large quantities of data being produced in due time, the exposure has hence widened allowing hackers to easily access a company’s most vital data. An effective DLP solution avoids this by identifying important data assets within an organization and protecting them before any breach occurs. 

What Should You look for in a DLP Solution? 

1. Automated Response to Threats 

Preventive or proactive cybersecurity offers constant monitoring, immediate threat detection, and a fast reaction. Having this proactive approach helps organizations to avoid threats from entering a network and therefore minimize the occurrence of breaches. 

2. PPC integration with Other Channels 

A Strong DLP solution ought to protect data at each touch point including messaging, network, cloud, and endpoints.   

3. Response of Policy with Respect to Flexibility and Customization 

Since regulations concerning data protection differ across industries and geographic locations it’s important for the DLP solution to be able to provide policies that can be customized. This allows organizations to integrate with the current multiple protection standards to set up specific permissions to further secure data. 

4. The numbering and planning of data access and management also influences data classification. 

A good DLP solution must work with information as per the risk associated with it and the permission options made available for the handling and sharing of this information. Look for platforms that use machine learning and response analysis built in, offering complete visibility. 

5. Easy-to-Use GUI, and Live Information Processing 

Easy-to-use GUI improves business performance, and therefore, using real-time data enables fast and correct decisions during the operation. Opt for a solution with decision automation tool which works with some kind of analytics dashboard to provide an intelligent perspective of active threats making it easier to respond to alerts timely. 

6. Scalability and Adaptability 

As organizations evolve, the DLP solutions they employ have to incorporate scalability as a key feature.  

7. Incident Reporting, and Forensics 

The primary incident reporting feature of a good DLP solution addresses the source and consequences of an information breach. It should allow organizations to capture and identify every aspect of an attack and provide remediation. 

8. Companies Manage Advanced Encryption and Data Masking 

Encryption and data masking play an important role in securing information when it is stored or transmitted. DLP solutions should therefore ensure that it uses high levels of encryption to avoid being breached.  

9. Anomaly detection using Behavioral Analytics 

In order, DLP solutions today should incorporate behavioral analysis features since users who behave anomalously may be up to no good. 

10. Being a part of the Regulatory Compliance and Audit Capability Team. 

It is crucial to remain compliant with data privacy laws; The DLP solution should help to achieve that. 

Conclusion 

When selecting the DLP solution, one should strive to find an excellent all-inclusive, customizable, and easy to operate platform. Fidelis Network ® comes with all the features which define today’s cybersecurity protection, making it an industry leader. Fidelis Security’s Patented Deep Session Inspection® technology gives you the ability to investigate threats and stop sessions that violate policies with details about who is sending and receiving data and what type of data is being sent.  Don’t wait anymore, it’s time for you to protect your organization data from cyber attackers.

The post Protecting Privacy in a Data-Driven World: What should you look for in a DLP Solution? appeared first on Cybersecurity Insiders.

October 11, 2024 at 10:33AM

Read More

One Year Later: The Israeli Tradition of Resilience

One year after Hamas attacked Israel on October 7, geopolitical tensions continue to undoubtedly impact various aspects of life in Israel. Yet, as they have so many times before, the people of Israel continue to show their resilience. In a very similar way, the Israeli technology has proven that it too has a level of resilience unmatched in the world, and that challenges are opportunities for success, rather than barriers. Israel is known for breeding world-class cybersecurity technology and startups, and while some might expect Israeli innovation to diminish amidst adversity, the Israeli tech-sector is unwavering, and the seeds are being planted for the next big wave of innovation coming out of Israel in 2025. 

Turning Conflict into Opportunity 

Since its inception over 70 years ago, Israel has faced constant threats, and despite this has remained innovative and adaptable. A large reason Israel generates so many cutting-edge cybersecurity startups is in fact because of these threats and the hands-on experience defending against them that Israelis in military units like Unit 8200 experience. This unit, part of the Israel Defense Forces, is charged with Israel’s cyber defense, and is among the best in the world at it. Having battled against some of the most advanced cyber threat actors in the world while serving in Unit 8200 and wanting to create commercial solutions to defend against them, many alumni often transition into the private sector to found successful startups. An early security pioneer, Check Point Software Technologies, which created the game-changing Firewall-1 software, was born out of technologies developed for national defense. This has been followed by many other success stories, including Palo Alto Networks, Wiz and SentinelOne. Born out of conflict, Israeli tech thrives because of its ability to adapt and find success through adversity. 

Driving Innovation and Investment Amidst Challenges 

Historically, Israeli companies founded in times of threat and turmoil have proven to dominate and outperform those companies that were founded during less challenging times. Research from Startup Nation Central shows that the success rate (as measured by their ability to go public, be acquired, or reach valuations of over $1B) of companies that raised funds during previous conflicts in 2006 and 2014 were higher than those of companies raising funds in conflict-free periods. Today, despite the challenges the nation is enduring, Israel has had an unceasing flow of investments and acquisitions. Since October 7, 2023, the Israeli tech ecosystem has seen 577 private investment rounds and raised a total of $7.8 billion in funding, with 18 companies each raising over $100m. These achievements indicate investor confidence in the long-term potential of Israel’s innovation landscape. 

For example, Dig and Talon were both acquired by Palo Alto Networks for a combined value of $1 Billion just days after October 7. Both Israeli companies were founded less than four years before their acquisition. Google, meanwhile, recently attempted to acquire Wiz, the Israeli cybersecurity startup focused on protecting organizations from cloud threats, for a whopping $23 billion. Dig, Talon, and Wiz prove that the Israeli cybersecurity market continues to earn the confidence of technology powerhouses around the world, and thus we can expect the exits and investments to continue uninterrupted. 

Israeli Collaboration

Israel’s reputation as a leading cyber nation is bolstered by strong collaboration within its cybersecurity ecosystem. Partnerships between startups, established companies, and government entities illustrate the strength and cohesiveness of the Israeli cyber community. Israeli cybersecurity innovations have a significant global impact, protecting critical infrastructure and enterprises worldwide.

Government support has played a crucial role in nurturing the growth of the Israeli tech ecosystem The Israeli government invests heavily in cybersecurity through research and development grants, startup acceleration programs, and public-private partnerships. In fact, the Israel tech sector accounts for 20% of the country’s economy, with 400,000 Israelis in the tech workforce. These partnerships have been crucial in maintaining the Israeli tech sector’s momentum throughout times of hardship, and enabling it to maintain its role as Israel’s main growth driver.

Forging Ahead 

The country’s ability to innovate in response to challenges is the cornerstone of Israel’s success. Real-world experiences like the current war, while challenging, has managed to strengthen the resolve of Israeli entrepreneurs and Israel continues to produce the most revolutionary cybersecurity technology in the world. The resilience and strength demonstrated over the past year since October 7, 2023 is telling, and will inspire future generations, ensuring that Israel remains at the vanguard of technological advancement. The next wave of innovation is being molded by the lessons learned during these hard times, leading to even more robust and effective cybersecurity solutions.

 

The post One Year Later: The Israeli Tradition of Resilience appeared first on Cybersecurity Insiders.

October 11, 2024 at 08:17AM

Read More