Full width home advertisement

Post Page Advertisement [Top]

Below are some of the stories we’ve been reporting this week on Cyber Security Headlines.

If you’d like to watch and participate in a discussion about them, the CISO Series does a live 20-minute show every Friday at 12:30pm PT/3:30pm ET. Each week we welcome a different cyber practitioner to offer some color to the week's stories. Our guest this week is Mike Lockhart, CISO, EagleView.

To get involved you can watch live and participate in the discussion on YouTube Live
https://youtube.com/live/MOtO_JTmStQ or you can subscribe to the Cyber Security Headlines podcast and get it into your feed.

Here are the stories we plan to cover, time permitting:

Company that provides admin services to health care insurers discloses 2023 breach
Texas-based WebTPA posted an undated announcement on its website that says it was the victim of a data security incident in 2023. Over 2.4 million people were notified, being told that information exposed varies per individual but could include Social Security numbers and insurance information along with standard PII. Financial information such as credit card numbers, as well as treatment or diagnostic information were not affected. The breach occurred between April 18 and 23, 2023, and WebTPA notified benefit plans and insurance companies of the breach on March 25 of this year.
(The Record)

Military cyber service proposal picks up steam
A group of bipartisan lawmakers on the House Armed Services Committee plan to push an amendment into the fiscal 2025 defense authorization bill calling on the Pentagon to study the establishment of a dedicated military cyber service. This will come in the markup stage of the bill, where all sorts of amendments get added. A similar amendment in a Senate bill was dropped late last year. This amendment would task the National Academy to study the issue. The 2023 National Defense Authorization Act mandated Cyber Command to look at “the prospect of a new force generation model,” but in the past has rejected the idea of creating a wholly new service for cyber defense. Even if this amendment passes, any report conclusions likely wouldn’t influence policy until 2027.
(The Record)

Brits to propose mandatory ransomware reporting
Recorded Future News’ sources say UK officials will publish proposals calling for mandatory ransomware reporting as well as a complete ban on ransom payments by critical national infrastructure providers. After publication, these proposals would be up for public comment and this legislation remains in its earliest stages. Even if passed, these new requirements could see a delay until the UK replaces its aging fraud and cybercrime reporting platform called Action Fraud. The National Cyber Security Centre hopes mandatory reporting will help give the government full visibility into the scale of the ransomware problem.
(The Record)

Rockwell Automation issues ICS warning
The company warned customers to immediately disconnect all industrial control systems not specifically designed to operate online, citing heightened geopolitical tension and adversarial cyber activity. Rockwell also reiterated that customers take available mitigation measures against known security issues with ICS devices. CISA also boosted this warning in an official alert. None of these alerts list specific threat actors targeting them. But the coordinated nature of the warnings means it wouldn’t be surprising to learn details about specific attacks at some point.
(Bleeping Computer)

Chinese hackers hide on military and government networks for 6 years
This threat actor, previously unknown and now dubbed "Unfading Sea Haze" has been targeting military and government entities in the South China Sea region since 2018 while remaining undetected, according to researchers at BitDefender. Its TTP and toolset appears to overlap with other activity clusters, especially APT41. Its attacks involve spearphishing emails that carry malicious ZIP archives containing LNK files disguised as documents that exploit Microsoft’s MSbuild.exe complier. The interesting twist is that the PowerShell script built into the LNK file builds a working directory on a remote SMB server, so that MSbuild will execute the code it contains entirely in memory, leaving no traces on the victim's machine.
(BleepingComputer)

NY Stock Exchange owner fined $10 million by SEC
The SEC is putting its foot down that nobody or company is above the law. The Intercontinental Exchange (ICE), which owns nine of the world’s largest financial exchanges including the NY Stock Exchange, failed to report a 2021 cyber incident. The SEC claims the financial giant knew a hacker had inserted malicious code into the corporate network but did not notify any of the subsidiary companies for days. This lack of reporting violated federal regulations and the company's own procedures, resulting in this $10 million fine. It should be noted that ICE reported a net revenue of $2.3 billion in the first quarter of 2024. ICE told The Record that the settlement “involves an unsuccessful attempt to access our network more than three years ago and had zero impact on market operations.”
(The Record), (Bleeping Computer)

Google AI has a bad week
The CEO of AI search tool Perplexity had some fun pointing out some of the inaccuracies of Google’s AI feature, such as its recommendation to put glue on pizza, or its recognition of Batman as a police officer. Google has replied, stating that these responses “are extremely rare queries and aren't representative of most people's experiences," but the company may delay a wider rollout if it continues to produce such errant responses.
(MSN)

US agency pledges $50 Million to automate hospital security
Hospitals may be getting some relief in the form of funding to better protect against an attack. The US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged over $50 million to boost hospital cybersecurity through a new program called Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE). This initiative aims to automate the process of securing hospital IT environments by developing software tools that scan for vulnerabilities and automatically deploy patches, all with minimal disruption to patient services. The agency is inviting teams to apply for funding by submitting proposals on four technical areas: creating a vulnerability mitigation software platform, developing high-fidelity digital twins of hospital equipment, auto-detecting vulnerabilities, and auto-developing custom defenses. Learn More: UPGRADE | ARPA-H submitted by /u/CISO_Series_Producer
[link] [comments]


http://dlvr.it/T7LqBk

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
'; (function() { var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js'; (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); })();

Bottom Ad [Post Page]

Copyright 2017, " Vpentest ". All rights Reserved.
| Designed by Colorlib