Biden Opposes Conditional Handover of Cyber-criminals – Security news

Biden Opposes Conditional Handover of Cyber-criminals The possibility of a deal allowing for the conditional handover of cyber-criminals between the United States and Russia has been extinguished by American president Joseph Biden. Russian president Vladimir Putin said on June 13 that he would be willing to make an arrangement with the United States whereby the two countries would exchange cyber-criminals in accordance with agreed-upon  conditions. Putin, who is due to meet with B

VW Vendor Leaves Data UnsecuredA data breach at a Volkswagen vendor has impacted millions of customers and prospective car purchasers across North America. The breach occurred after information gathered by the vendor between 2014 and 2019 for sales and marketing purposes was stored electronically in an unsecured file for years. The majority of the individuals whose data was compromised were potential buyers or current customers of luxury car brand Audi. The Volkswag

REvil Claims Responsibility for Invenergy HackRansomware group REvil has claimed responsibility for a recent cyber-attack on a multinational renewable energy company based in the United States.Invenergy LLC, which is headquartered in Chicago, launched an investigation after unauthorized activity was detected on some of its systems.In a statement issued on Friday, the company said: “At no time were Invenergy’s operations impacted and no data was encrypted.” Invenergy added that it

54% of Senior Executives Struggling to Keep up with Threat LandscapeAccording to a new report by Fujitsu, more than half (54%) of senior executives have struggled to adapt security policies to changes in the threat landscape and working practices.The survey, which Fujitsu carried out in September 2020, provides further evidence that many organizations are at higher risk of cyber-attacks due to the shift to remote working during COVID-19, with cyber-criminals taking advantage

Government Wants Startups to Build a More Secure NationThe government has issued a call-to-arms to the UK’s burgeoning cybersecurity startups to help it defend the country from malicious online activity.GCHQ’s National Cyber Security Centre (NCSC) used the Cheltenham Science Festival on Friday to launch NCSC for Startups.The new program will invite applications from UK startups to develop products designed to defend critical areas of the economy and society.It’s the successor t

Government Wants Start-Ups to Build a More Secure NationThe government has issued a call-to-arms to the UK’s burgeoning cybersecurity startups to help it defend the country from malicious online activity.GCHQ’s National Cyber Security Centre (NCSC) used the Cheltenham Science Festival on Friday to launch NCSC for Startups.The new program will invite applications from UK startups to develop products designed to defend critical areas of the economy and society.It’s the successor

G7 Turns Up the Heat on Putin Over Ransomware AttacksG7 leaders confirmed their commitment to urgently tackling ransomware on Sunday, as a senior British security chief will warn today that cyber-criminals represent a more significant threat than state-sponsored espionage.The Carbis Bay communique, published after a three-day summit of world leaders in Cornwall, singled Russia out by name — urging Vladimir Putin to “identify, disrupt and hold to account” cyber-criminals operati

Global Police Close Record Number of Fake Pharma SitesA global policing operation has led to the closure of over 110,000 websites and online marketplaces selling fake pharmaceuticals, according to the international organization Interpol.The organization said that Operation Pangea XIV involved law enforcement, customs and regulatory officers from 92 countries.As well as the removal of 113,020 fake sites — the largest number since the long-running operation began in 2008 — counter

GCHQ cybersecurity boss sounds alarm over extortion by hackers who are mostly based in former Soviet statesRansomware represents the biggest threat to online security for most people and businesses in the UK, the head of GCHQ’s cybersecurity arm is to warn.Lindy Cameron, chief executive of the National Cyber Security Centre, will say in a speech that the phenomenon, where hackers encrypt data and demand payment for it to be restored, is escalating and becoming increasingly professionalised

COO Charged in Georgia Hospital Cyber-attack The chief operating officer of an IoT security company has been indicted by a federal grand jury over a cyber-attack carried out on a hospital in Georgia. Vikas Singla, of Marietta, Georgia, was arraigned on Thursday for his alleged role in the 2018 attack on Gwinnett Medical Center that exposed patients’ personal data. The center, which is now known as Northside Hospital, was a not-for-profit health care network that pro

US Launches National AI Task ForceThe Biden administration has launched a new national artificial intelligence task force to make more government data available to AI researchers.News of the National Artificial Intelligence (AI) Research Resource Task Force was announced on Thursday by the White House Office of Science and Technology Policy (OSTP) and the National Science Foundation (NSF).A key role of the task force will be to serve as a federal advisory committee, assisting the creat

McDonald’s Suffers Data BreachA data breach at fast food restaurant McDonald’s has impacted customers and employees in South Korea and Taiwan and company operations in the United States.The breach, which was first reported Friday by the Wall Street Journal, was the result of a cyber-attack. Hackers who broke into the computer system of McDonald’s Corp. accessed only a small number of files before their intrusion was detected.During their period of unauthorized access, the cy

While studying politics at Aberystwyth University, Andrew Dymock promoted a group aiming to ‘stir up a race war’, trial heardA neo-Nazi student who promoted an extremist organisation that was later banned as a terrorist group has been found guilty of terrorism and hate offences.Andrew Dymock used online platforms to raise money for System Resistance Network (SRN), one of a number of groups that sought to take over after the far-right group National Action (NA) was proscribed in 2016.

While studying politics at Aberystwyth University, Andrew Dymock promoted a group aiming to ‘stir up a race war’A neo-Nazi student who promoted an extremist organisation that was later banned as a terror group has been found guilty of terror and hate offences.Andrew Dymock used online platforms to raise money for System Resistance Network (SRN), one of a number of groups that sought to fill a gap after the far-right group National Action (NA) was proscribed in 2016. Continue reading.

Gaming Giant EA Suffers Major Data BreachHackers have stolen a wealth data from gaming giant Electronic Arts (EA), including game source code and tools for a number of popular games, it has been reported.Cyber-criminals made the claim in blog posts published on underground hacking forums, where they advertised a total 780gb of data for sale. These posts were viewed and detailed by Motherboard, who were informed by EA that it had indeed suffered a data breach.Among the data stolen was the source

#G7UK: UK and US Strike New Agreements on CybersecurityThe UK and US governments have agreed to work together more closely to tackle cybercrime as well as enhance the security of supply chains and emerging technologies. The announcement has come amid US President Joe Biden’s visit to the UK for the G7 summit, which has started today.The partnership will be built within the framework of the revitalized Atlantic Charter, first introduced in 1941, and will cover a range of areas in science an

Unknown Attacker Chains Chrome and Windows Zero-DaysSecurity researchers warn of a series of highly targeted attacks designed to compromise victim networks via Google Chrome and Microsoft Windows zero-day exploits.The attackers are thought to have first exploited the now-patched CVE-2021-21224 remote code execution bug in Chrome.“This vulnerability was related to a Type Mismatch bug in the V8 — a JavaScript engine used by Chrome and Chromium web-browsers,” explained Kasper

China’s New “Anti-Sanctions” Law Means Headache for Foreign FirmsWestern tech firms and other multinationals with a big presence in China could soon find themselves in a difficult position after Beijing passed new retaliatory sanctions laws.The move is widely seen as a reaction to a string of sanctions put in place by the US and allies in recent months over human rights abuses in Xinjiang and the muzzling of democracy protests in Hong Kong.The new law passed on Thursday will reportedly enable th

Quantum Breakthrough in Britain Creates 600km Secure LinkLong-distance quantum-secured data transfer took a step closer this week after Toshiba announced that scientists in the UK have managed to produce a stable prototype that works over 600 kilometers.Quantum computing is often described as a potential security challenge in that, once states can engineer working machines, they could theoretically crack any public-key cryptography system.However, the technology could also be used to mitiga

IT Administrator Sentenced for Sabotaging EmployerLockdown hasn’t ended for one vengeful IT professional who carried out a cyber-attack against his former employer. Levi Delgado, of Middletown, Delaware, was sentenced on Wednesday to home confinement after hacking into a company’s computer network, deleting its data and disabling user accounts.The 36-year-old cyber-criminal had been employed as an information technology administrator at a medical center that provides care to under

Arrest Made Over Multi-million-dollar BEC Scam Texas law enforcement officers have made an arrest in connection with a multi-million-dollar wire fraud and money laundering scheme involving Business Email Compromise (BEC).Guillermo Perez was taken into custody Wednesday morning for allegedly defrauding businesses and individuals of more than $2m through cyber-scams and bank fraud schemes.An indictment unsealed on June 9 accuses 26-year-old Houston resident Perez of participating in

Texas to Publish Data Breach Notifications Lawmakers in Texas have passed a bill requiring notices to be published online of any data breaches involving the personal information of 250 or more Lone Star State residents.The unanimously passed House Bill 3746, which amends the Texas Business and Commerce Code §521.053, requires the Texas Attorney General’s Office to post the breach notifications to its public-facing website.Notifications must be uploaded to the website within 3

#Infosec21: Lack of Vision Explains Cyber Skills ShortageThe cybersecurity skills gap is caused by a lack of vision in the industry rather than a pipeline problem, argued Wendy Nather, head of advisory CISOs at Cisco, during her keynote address on day three of the Infosecurity Europe virtual conference.Nather, who was recently inducted into the Infosecurity Hall of Fame, believes it is a complete misnomer that there is a lack of talent available to fill the expanding number of security

Schools Forced to Shut Following Critical Ransomware AttackTwo schools in the south of England have been forced to temporarily close their doors after a ransomware attack that encrypted and stole sensitive data.The Skinners’ Kent Academy and Skinners’ Kent Primary School were attacked on June 2, according to a statement on the trust’s website which said it is currently working with third-party security experts, the police and the National Cyber Security Centre (NCSC).It revealed

High Street Banks Exposing Customers to Phishing Attacks A consumer rights group is calling on all high street banks to improve their anti-phishing capabilities after spotting that a key protocol is sometimes not configured to offer maximum protection.  Domain-based message authentication, reporting and conformance (DMARC) is a tried-and-tested way to help brands block phishing emails to customers.It helps to verify that the domain of the sender hasn’t been impersonated, although

JBS Admits Paying REvil Ransomware Group $11 Million A meat processing giant recently hit by ransomware has confirmed it paid its extorters $11 million, reigniting the debate over the ethics of doing so.A statement published by Sao Paolo-headquartered JBS, whose US and Australia businesses were hit in the incident last week, claimed that at the time of payment, the “vast majority” of its facilities were operational.“In consultation with internal IT professionals and third-party

Probe into Leak of Cuomo Accuser’s Personnel FileAn investigation has been launched to determine whether New York governor Andrew Cuomo broke the law by allegedly leaking the personnel file of the first of eleven women to accuse him of sexual harassment. Cuomo’s former aide Lindsey Boylan first accused him of sexual harassment in December on Twitter. In February, Boylan shared details of the alleged harassment, claiming that Cuomo had compared her to one of his former g

Nebraska Medicine Data Breach Settlement ApprovedA preliminary settlement has been reached in a lawsuit brought against Nebraska Medicine over a 2020 data security incident. Omaha-based Nebraska Medicine suffered a cyber-attack in September 2020. The attack disrupted the healthcare provider’s information technology system, leading to the postponement of patient appointments. Staff in the system’s hospitals and clinics had to chart by hand, and access to Nebras