Tux Machines
Posted by Roy Schestowitz on Aug 13, 2023
=> Openwashing, Microsoft, and Calamity | Gemini Articles of Interest
=> ↺ Five arrested in Poland for running bulletproof hosting service for cybercrime gangs — Europol
This week, the Polish Central Cybercrime Bureau (Centralne Biuro Zwalczania Cyberprzestępczości) under the supervision of the Regional Prosecutor’s Office in Katowice (Prokuratura Regionalna w Katowicach) took action against LolekHosted.net, a bulletproof hosting service used by criminals to launch cyber-attacks across the world.
=> ↺ Ransomware attack continues to disrupt two Connecticut hospital systems
A ransomware attack continued to disrupt some services Friday at two Connecticut health care systems owned by Prospect Medical Holdings.
Eastern Connecticut Health Network, which operates Manchester Memorial Hospital and Rockville General Hospital in Vernon, and Waterbury Health, which operates Waterbury Hospital, reported on their websites Friday that some services and locations continued to be temporarily closed nearly a week after their parent company reported being hit by a ransomware attack.
=> ↺ Cumbria Police admits huge data breach as names and salaries of staff published online
Another police force has admitted a data breach after the names and salaries of all its staff were accidentally published online.
Cumbria Police said that on March 6 it found out information about pay and allowances had been uploaded on its website following a “human error”. The force’s admission comes after an “industrial scale breach of data” in Northern Ireland this week which saw some details of around 10,000 officers and staff published online for a number of hours.
=> ↺ Florida Healthy Kids notified by Maximus of MOVEit breach
Florida Healthy Kids is a state-created entity that provides health and dental insurance for Florida children aged 5-18. On Friday, they joined the unhappy ranks of those affected by the MOVEit breach that has affected more than 600 organizations already. In this case, it was their vendor, Maximus, who issued the notification.
=> ↺ Inside the Black Hat network operations center, volunteers work in geek heaven
With more than 20,000 conference attendees spending the best part of a week attending classes to hone security skills, and talks about the latest exploits, you'd expect the network to be under constant assault. Attacks do happen, but as one of the NOC crew explained to The Register, not as often as you might think.
"It's very different than most environments, because when you look at the environments that you have, there's something to protect," said Dave Glover, who works by day on the RSA Netwitness Platform. "You need to protect your cloud assets, maybe text databases, files, blah, blah, blah.
"Here, there's nothing. There's nothing to really protect outside of the registration network."
=> ↺ Black Hat USA 2023 – Announcements Summary
Hundreds of companies and organizations showcased their cybersecurity products and services this week at the 2023 edition of the Black Hat conference in Las Vegas.
To help cut through the clutter, the SecurityWeek team is publishing a digest summarizing some of the announcements made by vendors at Black Hat USA 2023, including new products and services, updates to existing offerings, reports, and other initiatives.
=> ↺ Report from Black Hat: Many questions, few answers as cybersecurity world confronts AI threats
Experienced whitewater rafting practitioners know that when they reach a bend in the river and hear the sound of crashing water but can’t see what’s ahead, it’s a good time to pull to the nearest bank and scout the course. Amid the current explosion of generative artificial intelligence use cases, the cybersecurity industry is having its whitewater moment.
That moment was on full display during the Black Hat 2023 gathering of cybersecurity researchers in Las Vegas this week. Multiple presenters spoke about the rapidly changing AI landscape in terms characterized more by questions than answers.
A growing number of businesses, universities and government agencies have been [compromised] in a global cyberattack by Russian cybercriminals and are now working to understand how much data was compromised.
While the scope of the attack is not yet fully known, officials at the US Cybersecurity and Infrastructure Security Agency (CISA) said Thursday that “several federal agencies… have experienced intrusions” and suggested a number of businesses could be impacted as well.
Separately, state agencies said late Thursday that millions of people in Louisiana and Oregon had their data compromised in a security breach. The states did not blame anyone in particular for the hack but federal officials have attributed a broader hacking campaign using the same software vulnerability to a Russian ransomware gang that calls itself Clop.
=> ↺ At Black Hat, getting past enterprise cybersecurity ‘Oh sh*t!’ moments
On the one hand, cybersecurity’s popularity is understandable. Bad actors continue to innovate, and threats continue to proliferate. The cybersecurity needs of organizations continue to multiply as a result.
On the other hand, why haven’t the vendors gotten a handle on cybersecurity by now? After all, they’ve been working on the problem for years. Given the expanding exhibit floor at Black Hat, there appears to be no shortage of cybersecurity vendors ready to address the problem.
=> gemini.tuxmachines.org This content has been proxied by September (3851b).Proxy Information
text/gemini;lang=en-GB