Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for 5 TED Talks by Ethic ...

 Firewall Daily

TED Talks offer a powerful platform for experts and enthusiasts to deliver in-depth discussions on topics of great significance. Among the many subjects TED Talks have explored, technology and its global expansion, including cybersecurity, stand out. In this article, we highlight TED Talks that delve into the often   show more ...

debated and controversial realm of ethical hacking. These talks provide compelling arguments for viewing ethical hacking positively, showcasing how it has played a crucial role in societal advancement and organizational self-awareness.  Despite the often negative connotations associated with the term "hacking," these speakers reveal how ethical hacking has contributed to the greater good, demonstrating its positive impact on our world. Explore these talks to see how ethical hacking can be a force for positive change. Top 5 Ted Talks by Ethical Hackers These talks highlight the positive impact of ethical hacking, demonstrating how these experts use their skills to enhance security, protect data, and drive technological progress. Dive into these engaging presentations to discover how ethical hackers are shaping the future of cybersecurity. 1. “Why you need to think like a hacker”  https://www.youtube.com/watch?v=iMwHFBebLYY In this TED talk, Ted Harrington, an Executive Partner at Independent Security Evaluators (ISE), a company of ethical hackers, argues that viewing cybersecurity as an advantage, rather than a mere cost or a means to avoid negative events, can lead to stronger security measures. By thinking like a hacker, companies can proactively identify and address vulnerabilities before malicious actors exploit them.   This approach not only improves security but also fosters innovation and resilience in the face of evolving cyber threats. Harrington also underscores the value of ethical hacking and the need for continuous learning and adaptation in the cybersecurity landscape. He believes that by understanding how hackers think and operate, organizations can better protect themselves and build more secure systems, ultimately contributing to a safer digital world.  2. “Hire the Hackers”  https://www.ted.com/talks/misha_glenny_hire_the_hackers/transcript?subtitle=en In this TED Talk, Misha Glenny, a journalist who focuses on cybersecurity and organized crime, asserts that there are two types of companies: those aware they've been hacked and those unaware.  Glenny brings up Anonymous, a hacking group, that exposes companies through their weak data protection and fights against perceived governmental internet control. Anonymous doesn't profit from its hacks, unlike real cybercriminals, who industrialized cybercrime over a decade ago. The site CarderPlanet allowed cybercriminals to trade stolen credit card details via an escrow system, revolutionizing cybercrime.   Glenny outlines how hackers often displayed advanced technical skills developed in their youth and argue against imprisoning hackers. He suggests instead their recruitment, as practiced by countries like China and Russia. Engaging and guiding these skilled individuals could prevent them from becoming untameable threats. By offering hackers legitimate opportunities, they’re benefitting themselves and the hackers as many express a desire to contribute positively but lack pathways into the legitimate industry. 3. “Hackers: The Internet’s immune system”  https://www.ted.com/talks/keren_elazari_hackers_the_internet_s_immune_system?language=en In this TED talk, Keren Elazari, a cybersecurity analyst and researcher, argues that hackers are necessary for our society, serving as an immune system for the information age. Hackers, often seen as a mix of terrifying and fascinating, have a significant influence on society through their choices and actions. Hackers can cause harm, as seen in billions of dollars lost to fraud and identity theft, but they also expose vulnerabilities, prompting necessary fixes. Examples include Kyle Lovett, who revealed a major flaw in wireless routers, and Khalil, who found a privacy issue on Facebook.    Elezari highlights the complex relationship between hackers and companies, noting that even those founded by hackers struggle to embrace hacker culture. She believes hackers play a crucial role in challenging overreaching authorities and fostering innovation and argues for a nuanced view of hackers, recognizing their potential to be both heroes and villains in the quest for a better world.   4. “Why good hackers make good citizens”  https://www.ted.com/talks/catherine_bracy_why_good_hackers_make_good_citizens?subtitle=en In this TED talk, Catherine Bracy, CEO and co-founder of TechEquity, highlights how the mainstream image of hackers often portrays them as dangerous or criminal, but hacking can be equally a force for good. Hacking, essentially amateur innovation on existing systems, has historically contributed to progress, from the Underground Railroad to modern democracy. This Is referred to as ‘civic hacking’ which doesn’t require programming skills, just a willingness to apply modern tools to solve governmental problems. For example, in Honolulu, civic hackers rebuilt a city website to be user-friendly, engaging citizens in content creation.   Code for America, a non-profit organization, promotes this civic hacking ethos through its brigades across the U.S. and, now internationally, supporting local groups in innovating and solving community issues. By fostering a network of civic hackers, Bracy explains how this organization aims to create tools that address deep-rooted problems, support local governance, and empower citizens.  5. "Can Ethical Hackers Save the World?"   https://www.ted.com/talks/rayyan_khan_can_ethical_hackers_save_the_world In this TEDx talk, Rayyan Khan, a 12-year-old student, highlights the indispensable role of ethical hackers in our increasingly digital world. Khan, a young cybersecurity enthusiast, explains that ethical hackers, also known as white-hat hackers, use their skills to identify and rectify security vulnerabilities before malicious hackers, or black-hats, can exploit them. By doing so, they act as the digital guardians of our era, protecting individuals, corporations, and governments from potentially devastating cyberattacks.  Khan highlighted the growing threat of cybercrime, noting that as technology advances, so too do the tactics of cybercriminals. This makes the work of ethical hackers even more critical. They are at the forefront of developing new methods to secure systems, ensuring that data breaches, financial theft, and other cybercrimes are mitigated. Ethical hackers must navigate complex moral landscapes, making decisions that can have significant impacts on privacy and security. Khan advocates for greater recognition and support for ethical hackers, and calls for the integration of cybersecurity education in school curriculums, arguing that empowering the next generation with these skills is crucial for maintaining global cybersecurity.   Conclusion  We hope one of these TED Talks has captured your interest. The speakers range from seasoned cybersecurity professionals to young innovators, each sharing their unique perspectives on the significance of ethical hacking. While the concept of hacking might initially seem daunting due to its association with cybercrime, the rise of notable groups like Anonymous has demonstrated the potential of ethical hacking. These TED Talks offer compelling arguments for how ethical hacking not only challenges traditional notions but also drives societal progress and development.

image for Role of the CISO in ...

 Firewall Daily

By Ankur Ahuja, Senior Vice President (SVP) and CISO, Billtrust The Chief Information Security Officer (CISO) in private equity portfolio companies plays a vital role in safeguarding assets, ensuring compliance, and supporting growth. Their responsibilities span strategic, operational, and compliance aspects of   show more ...

information security, which are critical in today’s complex digital landscape.  Strategic Responsibilities and Security Measures Security Strategy: The CISO develops adaptable security strategies aligned with business goals. This involves understanding the company’s objectives and designing security frameworks that support these goals without hindering operational efficiency. A well-crafted security strategy ensures that the organization can achieve its business objectives while maintaining a robust security posture.  Risk Management: Identifying and mitigating security risks is a core responsibility of the CISO. They must continuously assess the threat landscape, identify vulnerabilities, and implement measures to mitigate potential risks. Effective risk management ensures that the company can preemptively address security threats before they can impact operations. Leadership Collaboration: Communicating risks and strategies to executives and stakeholders is crucial. The CISO must ensure that the leadership team is aware of the security risks and the strategies in place to address them. This involves regular reporting and collaboration with other executives to integrate security into the overall business strategy. Operational Responsibilities  Policy Enforcement: Implementing security policies to protect data is a key operational responsibility. The CISO ensures that all employees and systems adhere to established security protocols to safeguard sensitive information. This includes the creation and enforcement of policies related to data access, usage, and storage.  Security Operations: Overseeing daily security tasks and incident response is another critical function. The CISO manages the security operations center (SOC), which monitors for threats and coordinates responses to security incidents. Ensuring that security operations run smoothly is essential for protecting the company’s assets.  Incident Management: Developing and leading incident response plans is a core duty. The CISO must prepare the organization to respond effectively to security breaches. This involves creating incident response protocols, training staff on these procedures, and conducting regular drills to ensure readiness.  Compliance and Governance  Regulatory Compliance: Ensuring adherence to regulations like GDPR and CCPA is a major aspect of the CISO’s role. They must keep abreast of relevant laws and regulations, ensuring that the company’s security practices comply with legal requirements. This helps avoid legal penalties and builds trust with customers and partners. Third-Party Management: Monitoring the security of vendors and partners is crucial. The CISO must evaluate the security practices of third parties and ensure that they meet the company’s standards. This includes conducting regular audits and requiring third parties to adhere to specific security protocols. Governance Reporting: Reporting security status to the board and stakeholders is essential for transparency and accountability. The CISO provides regular updates on the security landscape, current risks, and the effectiveness of security measures. This ensures that the leadership is informed and can make data-driven decisions regarding security. Awareness and Training  Employee Training: Conducting security awareness programs and training is vital. The CISO must ensure that all employees understand the importance of security and are trained to recognize and respond to potential threats. Regular training sessions help maintain a high level of security awareness across the organization.  Cultural Integration: Promoting a culture of security within the organization is another key responsibility. The CISO works to embed security into the company’s culture, making it a fundamental part of everyday operations. This cultural shift helps ensure that security is a priority for all employees, not just the IT department.  Technology and Innovation  Security Architecture: Designing secure IT infrastructures is a crucial task. The CISO ensures that the company’s IT systems are designed with security in mind, incorporating the latest technologies and best practices to protect against threats.  Data Protection: Implementing robust data protection measures is essential for safeguarding sensitive information. The CISO deploys technologies and processes to protect data from unauthorized access, ensuring that it remains secure both in transit and at rest.  Key Challenges  Balancing Security and Business Needs: Ensuring security measures support business agility is a significant challenge. The CISO must find a balance between implementing stringent security measures and allowing the business to operate efficiently and adapt to changing market conditions.  Scalability: Developing scalable security solutions for growing companies is essential. The CISO must ensure that security measures can scale with the company’s growth, providing adequate protection as the organization expands.  Change Management: Managing the impact of security changes on business processes is critical. The CISO must ensure that new security measures are integrated smoothly into existing processes, minimizing disruption to operations.  Security Teams in Private Equity Portfolio Companies  Security teams must adapt their strategies to meet each company's unique needs. This involves:  Customized Approach: Tailoring security to specific risks and regulations. Each company in the portfolio has unique security requirements, and the security team must adapt their approach accordingly.  Centralized Oversight: Maintaining consistent security standards across the portfolio. Centralized oversight ensures that all companies adhere to a common set of security practices.  Resource Sharing: Using shared resources to optimize efficiency. Shared resources allow for cost-effective security measures and access to specialized expertise.  Risk-Based Prioritization: Focusing on critical assets and vulnerabilities. Prioritizing the protection of the most critical assets ensures that resources are allocated where they are needed most.  Scalability: Ensuring solutions can grow with the company. Scalable security solutions ensure that companies can maintain robust security as they expand.  By adopting these strategies, security teams can effectively manage diverse security needs across the portfolio, ensuring comprehensive protection for all companies. 

image for Secure Boot ‘PKfai ...

 Cybersecurity News

A critical security flaw dubbed 'PKfail' has exposed vulnerabilities in the Secure Boot process across hundreds of device models, uncovering a major weaknesses in the firmware supply chain. The flaw stems from the misuse of test Platform Keys (PK) in production devices, potentially allowing attackers to bypass   show more ...

Secure Boot protections. Secure Boot, a cornerstone of platform security, relies on cryptographic keys to verify the integrity of boot processes. However, researchers revealed that many manufacturers are using untrusted keys provided by Independent BIOS Vendors (IBVs) instead of generating their own secure keys. Scope and Impact of PKfail The Binarly REsearch Team analysis of firmware images from major device vendors revealed alarming statistics. They discovered that over 10% of firmware images in their dataset use untrusted Platform Keys, and nearly 900 device models are affected with the vulnerability, which has existed in devices for 12 years, starting from May 2012 to June 2024. They implications of the vulnerability can be severe, as attackers who gain access to compromised private keys could potentially bypass Secure Boot, allowing them to run malicious code during the boot process. This vulnerability affects both x86 and ARM devices, making it a cross-silicon issue. In 2023, the research team had discovered a significant supply chain security incident when leaked private keys from Intel Boot Guard distributed by Intel in their reference code were used in production. The team also found that the private key from American Megatrends International (AMI) related to the Secure Boot "master key," called Platform Key (PK), was publicly exposed in a data leak. The devices corresponding to this key are still deployed in the field, and the key is also being used in recently released enterprise devices. This vulnerability allows attackers to bypass Secure Boot and run malicious code during the boot process, compromising the entire security chain from firmware to the operating system. Mitigating Threat and Addressing Supply Chain The PKfail issue highlights multiple security problems related to device supply chain security, including poor cryptographic materials management, the use of non-production cryptographic keys, and the lack of rotation of platform security cryptographic keys per product line. To mitigate these risks, device vendors must implement stronger cryptographic practices, including secure key generation and management. Users should stay vigilant for firmware updates and apply security patches promptly. The researchers have provided a free website API to check if devices are affected by PKfail.

image for Second-hand Security ...

 Firewall Daily

As technology evolves rapidly, high-end devices often come with hefty price tags, making second-hand options an attractive alternative. Buying pre-owned gadgets can save you money and allow you to access devices that might otherwise be out of reach. Additionally, some devices may no longer be produced, making   show more ...

second-hand purchases the only option for acquiring specific models or versions. However, purchasing used electronics comes with its own set of risks. Issues like outdated software, lack of security updates, or potential tampering by previous owners can compromise your security. The Best Guide to Buy Second-hand Device In this article, we’ll guide you through key considerations for buying used electronics, highlighting essential steps to ensure your security while making a cost-effective choice. 1. Checking if it’s in acceptable condition  When buying a second-hand technology device, the physical condition is a crucial factor to consider. Start by closely inspecting the exterior of the device for any signs of wear and tear. Look for scratches, dents, or cracks on the body and screen, as these can indicate how well the previous owner took care of the device. Pay special attention to areas around ports and buttons, as heavy wear in these regions can signal extensive use or potential internal damage.  Check for any signs of repair or tampering, such as mismatched screws or parts that don’t fit quite right. These can be indicators that the device was previously opened, possibly for repairs. Additionally, consider the device's cleanliness. Dust and grime, especially around ports and vents, can affect the device's performance by causing overheating or connectivity issues. Additionally, questioning the device's history and how it was used, stored, and maintained can give you insight into its overall condition. Check the screen for dead pixels or discoloration, and test the speakers, camera, and any other integral parts.   2. Check the device compatibility  Ensuring compatibility is crucial when integrating a second-hand device into an already existing setup. Compatibility issues can lead to functionality problems, additional costs, or the inability to use the device as intended. The operating system (OS) requirements should be supported by the operating system you use or if not then it can be upgraded to a compatible version. Consider compatibility with cloud services and accounts as well. Some devices, especially those from different manufacturers, may have limitations on integrating with specific cloud storage solutions, email services, etc.  Next, ensure the device has the necessary inputs and outputs for connecting, such as USB ports, HDMI, or Ethernet. For wireless connectivity, verify that it supports the necessary Wi-Fi standards and Bluetooth versions for your other devices. Of course, software and application compatibility should be assessed. Ensure that the device can run the software you need, both in terms of performance and OS support. Check for any proprietary software requirements or specific hardware dependencies. Some devices may even be designed to work best within a particular brand’s ecosystem. Check out online forums or reviews which can provide insights into any common problems faced when integrating a specific model into different setups.  3. Check whether its battery life hasn’t depleted too much Battery health is a significant concern for portable second-hand devices like laptops, smartphones, and tablets. Over time, batteries degrade and lose their ability to hold a charge, which can drastically affect the device's usability. Ensure you inquire about the battery's age and usage patterns. Frequent charging, extensive use, and exposure to extreme temperatures can accelerate battery degradation. Sellers should provide an estimate of how long the battery lasts on a full charge and any issues they've noticed, such as rapid draining or failure to hold a charge. Additionally, laptops often have built-in software tools or third-party apps that provide detailed information about the battery’s condition, such as charge cycles and capacity. If you can, try to test the battery yourself by charging the device to full and using it for a while to see how quickly the battery depletes. Pay attention to how the battery behaves under different usage conditions, such as while streaming video, browsing the web, or running apps. If the battery life isn’t looking too good, consider how much it would cost to replace it on top of the price of the device. Some devices have easily replaceable batteries, while others might require professional service, which can be costly. 4. Understand the specifications of the device Specifications determine the device's performance and capability, so you should be clear about what you require from the device and whether the second-hand option can deliver. This would mean identifying core components that affect performance like the CPU, RAM, storage type, capacity, etc. The CPU's speed and number of cores influence how quickly the device can process tasks. More RAM allows for better multitasking and smoother performance in memory-intensive applications. The type of storage (SSD vs. HDD) affects read/write speeds, while the storage capacity determines how much data the device can hold.  Research the specific model’s original specifications and compare them to the device you are considering. Make sure there haven't been any downgrades or alterations. For instance, sometimes second-hand devices might have had parts replaced with lower-quality alternatives, which can affect overall performance. Additionally, check the software compatibility of the device. Ensure it can run the latest operating systems and applications you need. Older devices might not support the latest updates, which can lead to security vulnerabilities and limited functionality.   5. Ensure it’s been factory reset  A factory reset is a critical step to ensure a second-hand device is free from the previous owner's data and settings. It restores the device to its original state, removing all personal information, accounts, and applications, which is essential for both privacy and performance. Ask the seller to demonstrate the reset process or provide evidence that it has been completed. This ensures that any personal data, accounts, and configurations from the previous owner are erased.  Check for any potential issues that might arise after a factory reset. Some devices might require activation or linking to the original owner’s account before they can be used again.  Additionally, consider the software version after a factory reset. Devices might revert to an older operating system version, requiring updates. Ensure the device can still receive updates to the latest version of its operating system, as this is crucial for security and compatibility with newer applications. A factory reset can also help identify any hidden issues with the device. During the reset and initial setup process, you might encounter hardware or software problems that were not apparent before.  6. Check the original accessories that come with the device  Original accessories like chargers, cables, and manuals are designed to work optimally with the device, and their absence can lead to compatibility issues, additional costs, or reduced performance. If they are given to you, check the condition of the accessories. Worn or damaged cables can be a safety hazard and may not function correctly. Inspect them for any signs of fraying, bending, or other damage. Test them to ensure they work as expected and provide the necessary power or data transfer speeds. Also, make sure to look for official branding and certifications that indicate the accessories are genuine.   Manuals, if provided, display important information on device setup, troubleshooting, and maintenance, which can be useful if the device is unfamiliar to you. Original packaging often includes additional components like adapters or protective covers, which might not be available separately. Consider the availability and cost of replacements if original accessories aren’t given in the purchase.   7. Warranty and Return Policy  Checking for a warranty and understanding the return policy provide a safety net in case the device has issues after purchase, offering protection for your investment. Start by inquiring about any remaining manufacturer warranty. Many technology devices come with warranties that last one or more years from the date of purchase. If the device is still under warranty, ask for proof of the original purchase date and warranty terms. This can cover repairs or replacements for defects and provide peace of mind. Clarify what is and isn’t covered to understand what can be repaired.  If purchasing from an individual rather than a business, discuss a return agreement. Private sellers might be less likely to offer formal return policies, but a mutually agreed-upon period for returns can still provide some protection. Ensure all agreements are documented in writing to avoid disputes. However, even with a return policy or warranty, consider the practicalities of repair or replacement. Some devices might require shipping to the manufacturer or authorized service centers, which can be time-consuming and costly.  Conclusion  We hope these have been helpful and have convinced you to understand why such an in-depth examination is necessary. Not only are your details at risk but so is the money you’ve spent.   There is nothing wrong or dangerous with buying second-hand devices if done right. Ensure communication with the seller to get as many details as possible, and if possible, try to check the physical condition of the device yourself. Look out for small issues that may go unnoticed as listed above and make sure you are staying safe while saving!

image for Crypto Exchange Gemi ...

 Cybersecurity News

Cryptocurrency exchange Gemini has disclosed a data breach incident that occurred due to a cyberattack on its Automated Clearing House (ACH) service provider. The American crypto exchange began notifying about the Gemini data breach impacting individuals on June 26, 2024 and recently submitted a sample of these   show more ...

letters to the Attorney General's Office in California. According to the notification, the Gemini data breach happened between June 3 and June 7, 2024, when an unauthorized actor accessed the systems of Gemini's vendor. "We are writing to inform you that one of Gemini’s third-party ACH banking partners recently became aware of a security incident involving one of its service providers," the official notice states. This banking partner is responsible for facilitating the transfer of funds from Gemini wallets to customers' bank accounts, and processing certain Gemini customer data in the process. Gemini Data Breach: What Happened Gemini's banking partner reported that a subset of some Gemini customers' banking information might have been compromised during the incident. The crypto exchange data breach involved unauthorized access to an internal collaboration tool on the bank partner’s system, potentially leading to the exposure of transactional data. Specifically, information such as customers' names, bank account numbers, and routing numbers may have been affected. However, Gemini assures that no other sensitive information, including dates of birth, addresses, social security numbers, email addresses, phone numbers, usernames, or passwords, was compromised. Moreover, Gemini account information and systems remained secure and unaffected by this third-party incident. What Crypto Exchange Gemini is Doing Upon learning about the breach, Gemini's banking partner immediately launched an investigation and implemented measures to contain the incident. The bank engaged outside forensic experts to conduct a thorough investigation, which is still ongoing. Additionally, law enforcement authorities were notified about the incident. What Affected Customers Can Do Gemini advises impacted customers to take the following actions: Contact Your Bank: Inquire about steps to protect your account, including obtaining a new account number. Enable Multi-Factor Authentication: Enable this feature on the bank account you provided to Gemini. Monitor Account Statements: Closely review your account statements and report any unauthorized activity to your financial institution. Stay Vigilant: Be aware of scams that might exploit knowledge of your financial data. Review Your Account Statements and Notify Law Enforcement of Suspicious Activity Gemini recommends that customers remain vigilant by regularly reviewing account statements and credit reports. "If you detect any suspicious activity, promptly notify the relevant financial institution or company. Any fraudulent activity or suspected identity theft should also be reported to law enforcement authorities, including your state attorney general and the Federal Trade Commission (FTC)," inform Gemini. Obtain and Monitor Your Credit Report Customers are advised to obtain a free copy of their credit report from each of the three major credit reporting agencies once every 12 months by visiting annualcreditreport.com, calling toll-free 877-322-8228, or completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. Consider Placing a Security Freeze on Your Credit File In some U.S. states, customers have the right to put a security freeze on their credit files, preventing new credit from being opened without the use of a PIN. This measure can delay the ability to obtain credit but can be crucial in preventing fraud. There may be a fee up to $10 to place, lift, or remove the freeze, although some states have lower fees. To place a security freeze, you may need to provide identifying information, including your full name, Social Security number, date of birth, current and previous addresses, a state-issued ID, a recent utility bill, bank statement, or insurance statement, and, if applicable, a copy of a police report or a complaint filed with law enforcement. Conclusion Gemini's proactive steps in notifying impacted customers and providing comprehensive guidance on protecting their financial information reflect the company's commitment to security and customer care. While the Gemini data breach originated from a third-party service provider, Gemini is working diligently to mitigate any potential damage and safeguard its customers' data.

image for FBCS Data Breach: Nu ...

 Cybersecurity News

Debt collection agency Financial Business and Consumer Solutions (FBCS) has revealed that the number of people impacted by the data breach that occurred in February has risen to 4.2 million. This update on the FBCS data breach comes through a new supplemental notice to the Office of the Maine Attorney General,   show more ...

further escalating the previously reported figures. In its latest notice filed to the Office of the Maine Attorney General, FBCS reported that the data breach now affects 4,253,394 individuals. Initially disclosed in late April, the firm reported that approximately 1.9 million individuals had their sensitive personal information compromised during the FBCS data breach. This number was increased to 3.2 million in May, and now, the company has again raised the total by an additional 1 million. Types of Exposed Information in FBCS Data Breach On July 23, 2024, FBCS began sending out new data breach notifications to the additional affected individuals. The notification highlighted the increased risks and provided guidance on protective measures. The notice explicitly mentions the continuous efforts by FBCS to identify and notify more impacted individuals. Specifically, two more residents in Maine were notified, bringing the total number of potentially impacted residents in Maine to 7,841. The FBCS data breach has resulted in the exposure of varying types of personal information for different individuals, including: Full name Social Security Number (SSN) Date of birth Account information Driver's license number or ID card Medical information These sensitive details have been potentially accessed, increasing the risk of phishing and fraud for those affected. Details of Data Breach at FBCS FBCS first discovered unauthorized access to its systems on February 26, 2024. The data breach at FBCS was confined to their internal network, and the company took immediate steps to secure the impacted environment. Third-party computer forensic specialists were engaged to conduct a thorough investigation, which revealed that the unauthorized access occurred between February 14 and February 26, 2024. During this period, the unauthorized actor could view or acquire sensitive information on the FBCS network. It remains unclear what type of attack led to the data breach, as no ransomware gangs have claimed responsibility. FBCS has stated only that they detected unauthorized access to their internal network. Company Response and Preventive Measures Upon discovering the breach, FBCS promptly secured the environment and initiated a comprehensive investigation. They undertook a thorough review of the data at risk to determine the scope of the breach and identify the individuals potentially affected. In line with their commitment to information security, FBCS has implemented additional safeguards in a newly built environment. As part of their response, FBCS is offering affected individuals access to complimentary credit monitoring and identity restoration services for 24 months through CyEx. The company is providing detailed instructions on how to enroll in these services, urging recipients to take immediate action to protect their personal information. Steps for Affected Individuals Enroll in Credit Monitoring Services: Recipients of the FBCS data breach notification are encouraged to enroll in the free credit monitoring and identity restoration services offered by FBCS. This service, provided through CyEx, is designed to help protect against identity theft and fraud. Monitor Financial Accounts: FBCS advises affected individuals to remain vigilant against incidents of identity theft and fraud. This includes regularly monitoring account statements to detect any errors and reviewing credit reports for suspicious activity. Report Suspicious Activity: Any fraudulent activity or suspected identity theft should be promptly reported to the relevant financial institution and law enforcement authorities. FBCS has included instructions on how to file a complaint with the Federal Trade Commission (FTC) and encourages individuals to take these steps. Consider Placing Fraud Alerts or Security Freezes: Affected individuals may also consider placing a fraud alert or security freeze on their credit reports. Fraud alerts inform creditors of potential fraudulent activity and request that they contact the individual before establishing new accounts. Security freezes can prevent new credit from being opened without the use of a PIN, although it may delay the ability to obtain credit. Conclusion The data breach at FBCS highlights the ongoing challenges organizations face in protecting sensitive personal information. As the situation evolves, those impacted are encouraged to take the necessary steps to safeguard their personal information and stay alert to potential threats.

image for Generative AI: CISO ...

 Features

By Neelesh Kripalani, Chief Technology Officer, Clover Infotech According to Gartner, by 2027, Generative AI (GenAI) will contribute to a 30% reduction in false positive rates for application security testing and threat detection by refining results from other techniques to categorize benign from malicious events.   show more ...

This staggering statistic highlights the transformative potential of Generative AI in the cybersecurity landscape. However, this advanced technology comes with its set of challenges and promises, making it both a CISO’s worst nightmare and a dream come true. For CISOs, the promise of reduced false positives is a significant relief. Currently, security teams are inundated with alerts, many of which turn out to be benign. This overload not only drains resources but also increases the risk of genuine threats slipping through the cracks. Generative AI’s ability to analyze and learn from vast amounts of data allows it to distinguish between harmless and harmful activities more accurately, thereby enhancing the efficiency and effectiveness of security operations. Moreover, Generative AI can proactively identify and mitigate vulnerabilities. By simulating potential attack vectors and generating scenarios that traditional methods might overlook, it helps organizations fortify their defenses against emerging threats. This proactive approach is a dream come true for CISOs striving to stay ahead of cyber adversaries. However, the nightmare aspect cannot be ignored. Generative AI itself can be weaponized by malicious actors. The same technology that helps defend can also be used to create sophisticated, hard-to-detect phishing schemes, deepfakes, and other forms of cyber deception. The dual-use nature of Generative AI necessitates a heightened level of vigilance and the development of robust countermeasures. Additionally, the integration of Generative AI into cybersecurity systems raises concerns about transparency and control. CISOs must ensure that AI-driven decisions are explainable and auditable to maintain trust and accountability. The potential for AI biases also needs to be addressed to avoid unintended security gaps. Strategies for CISOs to Tackle the Challenges Implement Robust AI Governance: Establish clear policies and frameworks for AI usage, ensuring transparency, accountability, and ethical considerations. Invest in Continuous Learning: Stay updated on the latest advancements in AI and cybersecurity to leverage cutting-edge tools and techniques effectively. Collaborate with AI Experts: Work closely with AI specialists to understand the nuances of AI-driven security measures and potential vulnerabilities. Develop Counter-AI Strategies: Create defensive mechanisms to detect and mitigate AI-generated threats such as deepfakes and sophisticated phishing attacks. Promote Cross-Functional Training: Ensure that security teams are well-versed in AI concepts and their applications in cybersecurity to maximize the benefits of Generative AI. In conclusion, while Generative AI offers substantial benefits in enhancing cybersecurity, it also introduces new challenges that CISOs must navigate. Balancing the opportunities and threats posed by this technology will be crucial in determining whether it becomes a nightmare or a dream come true for cybersecurity leaders. Disclaimer: The views and opinions expressed in this guest post are solely those of the author(s) and do not necessarily reflect the official policy or position of The Cyber Express. Any content provided by the author is of their opinion and is not intended to malign any religion, ethnic group, club, organization, company, individual, or anyone or anything. 

image for Google Fixes Chrome ...

 Firewall Daily

Google has successfully resolved a significant issue affecting the Chrome Browser password manager, which left a substantial number of users unable to find or save passwords. The incident began on July 24, 2024, at 15:36 (US/Pacific) and was resolved on July 25, 2024, at 09:27 (US/Pacific), impacting users for 17   show more ...

hours and 51 minutes. The disruption affected the M127 version of Chrome Browser on the Windows platform, specifically targeting the password manager feature. During the incident, approximately 2% of users, out of the 25% of the entire user base where the configuration change was implemented, experienced the issue. Affected users were unable to locate their passwords in Chrome’s password manager, although they could save new passwords, which remained invisible. Chrome Browser Password Manager Disruption: What Happened? Google’s preliminary analysis indicates that the root cause was a change in product behavior without the proper feature guard. Engineers mitigated the issue by deploying a fix, which is now fully rolled out. In response to the incident, Google provided an interim workaround and advised users to restart their Chrome Browser to ensure the fix takes effect. "We apologize for the inconvenience this service disruption may have caused," stated the official release addressing the issue. "Our engineering team identified the cause and worked diligently to deploy a fix for all users." The company announced that a full incident report (IR) will be completed in the coming days to provide a comprehensive root cause analysis. In the meantime, users experiencing ongoing issues are encouraged to contact Google Workspace Support. Google Workspace's status dashboard provided regular updates throughout the incident. On July 25, 2024, at 12:04 pm (UTC), Google summarized the problem, stating, "We are experiencing an issue with Chrome Browser where impacted users may be unable to find or save passwords in Chrome's Password Manager. Our engineering team has identified the cause of the issue and is actively working on deploying a fix for all users." How to Fix Chrome Browser Password Manager Issue The workaround suggested by Google involved launching Chrome with the "--enable-features=SkipUndecryptablePasswords" command line flag, a temporary measure to help users regain access to their passwords until the fix was fully implemented. Users currently impacted by this issue can try the following workaround: Launch Chrome with the "--enable-features=SkipUndecryptablePasswords" command line flag. Locate the Chrome shortcut on your desktop. If you don't have one: Go to "chrome://settings/manageProfile". Enable "Create desktop shortcut" at the bottom. Fully exit Chrome. Right-click the desktop shortcut and select Properties. In the Target field, add " --enable-features=SkipUndecryptablePasswords" at the end of the existing text. Close the dialog with OK and launch Chrome using this modified shortcut. As of July 25, 2024, at 16:27 (UTC), Google confirmed that the issue had been mitigated for all affected users. The company thanked users for their patience and assured them that they were monitoring the situation to ensure a smooth resolution. For more detailed status updates and additional information on Google Workspace services, users can visit the Google Workspace Status Dashboard or reach out to Google Workspace Support through their help article.

 Malware and Vulnerabilities

The malicious Chrome extension campaign in LATAM involves infecting victims through phishing websites and installing rogue extensions to steal sensitive information. The extensions mimic Google Drive, giving them access to a wide range of user data.

 Feed

French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue for "several months." It further said around a hundred victims located in France, Malta, Portugal,

 Feed

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024. "The malware uses a

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Cybercrime , Fraud Management & Cybercrime National Police Probe Botnet Campaign That Infected 3,000 Machines Akshaya Asokan (asokan_akshaya) • July 26, 2024     French police point to downtown Lyon, France in January 2022. (Image: Shutterstock) The French   show more ...

government has launched an investigation into a suspected Chinese espionage campaign that […] La entrada French Government Investigates Suspected Chinese Espionage – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Endpoint Security , Hardware / Chip-level Security UEFI Developer Leaked a Secure Boot Asymmetric Key Prajeet Nair (@prajeetspeaks) • July 26, 2024     PKfail is a Secure Boot failure that affects hundreds of laptop and server models. (Image: Shutterstock)   show more ...

Hundreds of laptop and server models from mainstream manufacturers are […] La entrada PKfail Is a Newly Discovered Pathway for Firmware Malware – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Government , Industry Specific , Security Operations New Analysis Reveals Growing Crisis for the National Vulnerability Database Chris Riotta (@chrisriotta) • July 26, 2024     The National Vulnerability Database currently has a backlog of more than 16,000   show more ...

unanalyzed flaws. An overwhelming backlog of unanalyzed vulnerabilities at the National Institute […] La entrada National Vulnerability Backlog Could Surge to 30,000 by 2025 – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Breach Notification , Fraud Management & Cybercrime , Healthcare Meanwhile, Wait Continues for Change Healthcare’s Breach Report in Massive Attack Marianne Kolbasuk McGee (HealthInfoSec) • July 26, 2024     Ascension has filed a preliminary breach   show more ...

report to federal regulators – and the wait continues for Change Healthcare’s breach report. […] La entrada Ascension Files Placeholder Breach Report for May Hack – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-07
Aggregator history
Saturday, July 27
MON
TUE
WED
THU
FRI
SAT
SUN
JulyAugustSeptember