Security Leftovers and Windows TCO
-
Open Source Security (Audio Show) ☛ Episode 402 – The EU’s eIDAS regulation is a terrible idea
Josh and Kurt talk about the new EU eIDAS regulation. This is a bill that will force web browsers to add root certificates based on law instead of technical merits, which is how it’s currently done. This is concerning for a number of reasons that we discuss on the show. This proposal is not a good idea.
-
Data Breaches ☛ Canadian Government Announces Data Breach, Urges Public Service Employees to Take Action
The federal government has issued a warning to current and former public service employees, as well as members of the RCMP and Canadian Armed Forces, regarding a recent data breach that took place on October 19th. Officials have identified two companies, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, as the sources of the breach. These companies provide relocation support for employees within the federal government.
It is believed that personal and financial information provided by employees to these companies since 1999 may have been compromised. The Treasury Board of Canada Secretariat has stated that due to the large amount of data involved, specific individuals impacted cannot be identified at this time. However, the government is taking steps to mitigate the situation. [...] Although there is no mention of Brookfield on their leak site, on October 6, LockBit3.0 added SIRVA to their leak site, and subsequently leaked data, stating, “Sirva.com says that all their information worth only $1m. We have over 1.5TB of documents leaked + 3 full backups of CRM for branches (eu, na and au).”
The breach occurred weeks before the October 19 date mentioned in the news report, and DataBreaches suspects some Canadian media have confused the date of a government notice or update with the date of the breach itself. The BGRS website has been offline since September 29 and BGRS notified the government of the breach on September 29.
-
Poloniex confirms hackers identity, offers $10M white hat reward to return stolen funds
Poloniex has officially identified the hacker responsible for stealing $120 million from the exchange on Nov. 10 and offered a $10 million white reward if the funds are returned by Nov. 25, according to on-chain data shared by blockchain security firm PeckShield.
Justin Sun, Poloniex’s majority shareholder, sent blockchain messages on the Ethereum network to addresses involved in the hack. Sun’s wallets initiated sixteen transactions, each worth $0.10 in Ethereum, containing the same message in multiple languages.
The purpose of the transaction barrage was to inform the hacker that Poloniex had successfully confirmed their identity and to offer a white hat reward of $10 million.
According to the on-chain message, Poloniex has engaged law enforcement agencies from China, Russia, and the U.S. to take legal action against the hacker if the funds are not returned.
-
Data Breaches ☛ K-12 schools improve protection against online attacks, but many are vulnerable to ransomware gangs
Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations.
-
K-12 schools improve protection against online attacks, but many are vulnerable to ransomware gangs
lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations.
Since a White House conference in August on ransomware threats, dozens of school districts have signed up for free cybersecurity services, and federal officials have hosted exercises with schools to help them learn how to better secure their networks, said Anne Neuberger, the Biden’s administration’s deputy national security advisor for cyber and emerging technology.
Neuberger said more districts need to take advantage of programs available that would better guard against online attackers who are increasingly targeting schools. Their aim is to lock up computer systems, and in some cases, steal and publish sensitive personal information if a ransom is not paid.
-
Kansas Reflector ☛ To keep our trust, officials must be forthcoming about ‘incident’ that paralyzed Kansas courts
An unwillingness by public officials to provide details is part of the playbook for cybersecurity threats, so I can’t really be too hard on Taylor. She responded promptly to my calls and seemed to understand the reason for the questions. A similar clamp on information was employed recently by the city of Pittsburg, in southeast Kansas, when their systems came under attack.
-
BW Businessworld Media Pvt Ltd ☛ CEO of Australian Telecom Optus Resigns After Mass Outage
Optus said the nationwide outage was caused when its routers automatically disconnected after becoming overloaded during a scheduled software upgrade. Unable to pinpoint the exact cause more than six hours after the outage began, Optus had to perform a hard reset of its systems.
-
Bleeping Computer ☛ FCC adopts new rules to protect consumers from SIM-swapping attacks
The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud.
FCC’s Privacy and Data Protection Task Force introduced the new regulations in July. They are geared toward thwarting scammers who seek to access personal data and information by swapping SIM cards or transferring phone numbers to different carriers without obtaining physical control of their targets’ devices.
In SIM swapping attacks, criminals trick a victim’s wireless carrier into redirecting their service to a device controlled by the fraudster. Conversely, in port-out fraud or mobile number porting fraud, scammers transfer the victim’s phone number from one service provider to another without the owner’s authorization.