Proprietary/Microsoft Blunders, Windows TCO
-
Heise ☛ Microsoft lays hands on login data: Beware of the new Outlook | heise online
The free new Outlook replaces Mail in Windows, and later also the classic Outlook. It sends secret credentials to Microsoft servers.
-
India Times ☛ Microsoft 365 services hit by outage for some users, now fixed
Over 1,500 people in the UK reported issues with Microsoft Teams, according to outage tracker website Downdetector. A similar number of people said there were problems with gaming service Xbox Live.
-
Daniel Miessler ☛ OpenAI's November 23' Releases Are a Watershed Moment for Human Creativity—and Prompt Injection
Let me say that again–they can call any API.
I’ve been saying for a long time that the #1 threat AI security, from a cyber security standpoint, is AI agents having the ability to call APIs.
What they did yesterday was open that up to the entire world.
-
Krebs On Security ☛ It’s Still Easy for Anyone to Become You at Experian
In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account.
-
Windows TCO
-
Tech Central (South Africa) ☛ China’s biggest, ICBC, bank hit by ransomware attack
Several ransomware experts and analysts said an aggressive cybercrime gang named Lockbit was believed to be behind the hack, although the gang’s dark web site where it typically posts names of its victims did not mention ICBC as a victim as of Thursday evening. Lockbit did not respond to a request for comment sent via a contact address posted on its site.
“We don’t often see a bank this large get hit with this disruptive of a ransomware attack,” said Allan Liska, a ransomware expert at the cybersecurity firm Recorded Future.
-
The Register UK ☛ Impatient LockBit says it's leaked 50GB of stolen Boeing files after ransom fails to land
The full release comes after the extortionists uploaded some files said to be related to company finances and marketing activities as well as supplier details.
-
Futurism ☛ Professor Warns That the Sun Is Angry and It Could Knock Out the Internet
"The [Internet] was simply not designed to handle this level of communication interference, and, consequently, is considered a very ‘soft’ type of infrastructure," Becker said in an August statement announcing the federal grant. "Hence, the period from 2024 to 2028 is a time when the entire [Internet] could conceivably be knocked out for a period of weeks to months in the event of a really extreme solar flare."
-
The Hill ☛ Republican congressman says labor crunch biggest threat to US cybersecurity
It’s not only the shortage of workers that concerns Garbarino, but the pressure building across sectors to hire highly skilled workers equipped to fight against ransomware and other attacks.
-
The Hill ☛ Maine says 1.3M people affected by data breach
More than 50 percent of the data exposed in the breach came from Maine’s Department of Health and Human Services, while between 10 percent and 30 percent came from the state’s Department of Education. Several other departments were also impacted in the breach.
-
AAG ☛ The Latest 2023 Cyber Crime Statistics (updated October 2023)
Around 236.1 million ransomware attacks occurred globally in the first half of 2022.
-
[Old] Cyber Security Hub ☛ The biggest data breaches and leaks of 2022
More than 4,100 publicly disclosed data breaches occurred in 2022 equating to approximately 22 billion records being exposed. Cyber security publication Security Magazine reported that the figures for 2022 are expected to exceed this figure by as much as five percent.
-
Security Week ☛ Ransomware Attack on China’s Biggest Bank Disrupts Treasury Market Trades, Reports Say
The company gave no further details but reports said the attack was by LockBit, a Russian-speaking ransomware syndicate that does not target former Soviet countries. It is one of the most efficient ransomware variants around, according to the cybersecurity firm Emsisoft. Active since September 2019, it has attacked thousands of organizations.
-
Engadget ☛ Basically all of Maine had data stolen by a ransomware gang
While the nature of stolen data varies per person based on their interaction with a particular agency, the notice says that the bad actors had stolen names, Social Security numbers, birthdates, driver's license and state identification numbers, as well as taxpayer identification numbers. In some cases, they were also able to get away with people's medical and health insurance information. Over 50 percent of the stolen data came from the Maine Department of Health and Human Services, followed by the Maine Department of Education.
-
Greece ☛ Cybercrime exposure high, report shows
Greece is among the top 10 countries in the world that are most exposed to cybercrime, according to Proxyrack’s new report.
-