CyberSecurity Updates

13 Feb

Pepsi Bottling Ventures Suffers Data Breach

Attacks, Malware

The company has added more network security measures in reaction to this event, including changing all company passwords and notifying law enforcement. The organization’s routine activities have been paused for all affected systems while an assessment of potentially impacted documents and procedures is ongoing. The recipients of the breach notices are being offered a one-year free-of-charge identity monitoring service through Kroll to help them prevent identity theft that may occur as a result of the…

Read More
13 Feb

The Lessons From Cyberwar, Cyber-in-War and Ukraine

Information, News

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question the nature of modern warfare and the role of cyber in its operation. Here we will look at the use of cyber in the years leading to the kinetic war, and the use of cyber technology on the modern kinetic battlefield. We need to understand the meaning of cyber and the…

Read More
13 Feb

Hackers attack Israel’s Technion university, demand over $1.7 million in ransom

Data Breaches, Malware, Social Engineering

Israel’s Technion university on Sunday suffered a ransomware attack, which has forced the university to proactively block all communication networks. A new group calling itself DarkBit has claimed responsibility for the attack.   “The Technion is under cyberattack. The scope and nature of the attack are under investigation,” Technion, one of Israel’s top universities, wrote in a Tweet.   Established in 1912, Haifa-based Technion — otherwise known as the Israel Institute of Technology — has become a global pioneer…

Read More
13 Feb

Plan now to avoid a communications failure after a cyberattack

Data Breaches, Malware, Social Engineering

Responses to recent cyber breaches suggest organizations can struggle to get the message right in the midst of an incident. While managing the communications around an incident is outside the direct purview of the CISO, having an existing communications plan in place is an essential element of cyber preparedness. “Communications are a critical component of a good cyber strategy, and it should be prepared and practiced in organizations before an incident occurs,” says Eden Winokur,…

Read More
11 Feb

Key findings from the latest ESET Threat Report – Week in security with Tony Anscombe

Information

What is behind the drop in ransomware and what should still be done for containing the ransomware scourge? Ransomware detections fell by 20% between 2021 and 2022, according to ESET’s latest Threat Report. What is behind the drop, why is ransomware still a huge problem, and what has yet to be done before the ransomware scourge is contained? Watch the video to learn not just about the latest trends in ransomware, but also about, for…

Read More
11 Feb

US Blacklists 6 Chinese Entities Over Balloon Program

Information, News

The United States on Friday blacklisted six Chinese entities it said were linked to Beijing’s aerospace programs as part of its retaliation over an alleged Chinese spy balloon that traversed U.S. airspace. The economic restrictions followed the Biden administration’s pledge to consider broader efforts to address Chinese surveillance activities and will make it more difficult for the five companies and one research institute to obtain American technology exports. The move is likely to further escalate…

Read More
10 Feb

Alexa, who else is listening?

Information

Your smart speaker is designed to listen, but could it be eavesdropping too? Ever since Amazon came under fire for being able to potentially listen in on people through its Echo smart speakers, and even transcribe what they were saying, I have been intrigued by the idea of how IoT could be used to snoop on us, unbeknown to the victims. Big tech companies behind Alexa-enabled and other similar devices have since taken steps towards…

Read More
10 Feb

Reddit admits it was hacked and data stolen, says “Don’t panic”

Information

by Paul Ducklin Popular social media site Reddit – “orange Usenet with ads”, as we’ve somewhat ungraciously heard it described – is the latest well-known web property to suffer a data breach in which its own source code was stolen. In recent weeks, LastPass and GitHub have confessed to similar experiences, with cyercriminals apparently breaking and entering in much the same way: by figuring out a live access code or password for an individual staff…

Read More
10 Feb

Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks

Data Breaches, Malware, Social Engineering

It’s common for operational technology (OT) teams to connect industrial control systems (ICS) to remote control and monitoring centers via wireless and cellular solutions that sometimes come with vendor-run, cloud-based management interfaces. These connectivity solutions, also referred to as industrial wireless IoT devices, increase the attack surface of OT networks and can provide remote attackers with a shortcut into previously segmented network segments that contain critical controllers. Industrial cybersecurity firm Otorio released a report this…

Read More
10 Feb

Indigo Bookstore Website Shuts Down After Cyberattack

Attacks, Malware

It is possible that this attack was the result of Info-stealing malware. According to cybersecurity firm Kela, a large amount of data being shared on the Darknet was advertised as login credentials for Indigo that were stolen by info-stealing malware. Such malware looks for sensitive information on the infected system and also collects details about the machine. Threat actors behind the malware can then use stolen information such as credentials to carry out cyberattacks. It…

Read More