Proprietary Software Costs

posted by Roy Schestowitz on Dec 07, 2022

• Hertz will pay $168 million to customers it falsely accused of stealing its cars

  Many of the Hertz cases involved customers who had called to extend their rental agreement, but the extensions were not properly reflected in Hertz's computer systems. Other cases involved Hertz re-renting cars that had previously been reported as stolen without rescinding the police reports, causing unsuspecting customers to be pulled over by police. At other times, stolen cars were accidentally associated with the wrong customer, resulting in an arrest warrant for someone who was out of state entirely.

• Ransomware attack knocks Rackspace’s Exchange servers offline [iophk: Windows TCO]

  Cloud services and hosting provider Rackspace Technology acknowledged Tuesday that a recent incident that took most of its Hosted Exchange email server business offline was the product of a ransomware attack. The company shut the service down last Friday.

• Cyberthreat cases increased by 275% in Australia during Black Friday week: Surfshark

  “Two of the most common cyberthreat categories are malware and riskware. Riskware is a program made without malicious intent but has security vulnerabilities that give it the potential to become malware. Malware is any software, product, or program created or installed onto a computer to cause harm,” notes Surfshark.

• Mandiant identifies Chinese threat group malware infecting USB drives [iophk: Windows TCO]

  Guest research Google cybersecurity subsidiary Mandiant has published new research on a China-based threat group using three new malware families affecting USB drives to target the Philippines and greater Southeast Asia region, which have been a focus for Chinese espionage for many years.

  Mandiant discovered an espionage campaign of a China-based threat group dating back to April 2022.

  This group, which Mandiant tracks as UNC4191, uses three types of malware families that continue replicating by infecting new removable USB drives that are plugged into a compromised system.

• Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia [iophk: Windows TCO]

  Following initial infection via USB devices, the threat actor leveraged legitimately signed binaries to side-load malware, including three new families we refer to as MISTCLOAK, DARKDEW, and BLUEHAZE. Successful compromise led to the deployment of a renamed NCAT binary and execution of a reverse shell on the victim’s system, providing backdoor access to the threat actor. The malware self-replicates by infecting new removable drives that are plugged into a compromised system, allowing the malicious payloads to propagate to additional systems and potentially collect data from air-gapped systems.

• Ransomware Attack in New Zealand Has Cascading Effects

  Government health services are running normally but clinicians in some areas of the country cannot access a registry of inherited cardiac diseases or bereavement care services. Approximately 8,500 bereavement records and 5,500 records on the cardiac disease register are unavailable.

  Six other health regulatory authorities whose services are hosted by Mercury IT have also been impacted. They include the Optometrists and Dispensing Opticians Board of New Zealand; the Chiropractic Board; the Podiatrists Board; the New Zealand Psychologists Board; the Dietitians Board; and the Physiotherapy Board of New Zealand.