Cybersecurity

Why Is China Cracking Down on Ride-Hailing Giant Didi?

Communication Tech, Cybersecurity, Informational Technology, Theft/Steal

Just days after Didi Global Inc., China’s version of Uber, pulled off a $4.4 billion initial public offering in New York, the Chinese cyberspace regulator effectively ordered it removed from app stores in its home market, citing security risks. The ruling doesn’t stop the company from operating -– its half-billion or so existing users will still be able to order rides for now. But it adds to the uncertainty surrounding all Chinese internet companies as regulators increasingly assert control over Big Tech.

1. What’s Didi?

It’s China’s biggest ride-hailing company. Didi squeezed Uber out of China five years ago, buying out the American company’s operations after an expensive price war. Its blockbuster IPO on June 30 was the second-biggest in the U.S. by a company based in China, after Alibaba Group Holding Ltd, giving Didi a market value of about $68 billion.

Accounting for stock options and restricted stock units, the company’s diluted value exceeds $71 billion — well below estimates of up to $100 billion as recently as a few months ago. The relatively modest showing reflects both investors’ increasing caution over pricey growth stocks, and China’s recent crackdown on its biggest tech players.

2. What is this investigation about?

The specifics are still very unclear. Two days after the IPO, the Cyberspace Administration of China said it’s starting a cybersecurity review of the company to prevent data security risks, safeguard national security and protect the public interest. Two days after that it said Didi had committed serious violations in the collection and usage of personal information and ordered the app pulled. There are no details on what precisely the investigation centers on, when or where the alleged violations occurred or whether there will be more penalties to come.

3. Are there any hints?

The Global Times, a Communist Party-backed newspaper, wrote in an editorial that Didi undoubtedly has the most detailed travel information on individuals among large internet firms and appears to have the ability to conduct “big data analysis” of individual behaviors and habits. To protect personal data as well as national security, China must be even stricter in its oversight of Didi’s data security, given that it’s listed in the U.S. and its two largest shareholders are foreign companies, it added.

4. Is it just Didi?

No. The Chinese internet regulator has widened its probe to two more U.S.-listed companies, targeting Full Truck Alliance Co. and Kanzhun Ltd. soon after launching the review into Didi.

5. Was this out of the blue?

No. In May, China’s antitrust regulator ordered Didi and nine other leaders in on-demand transport to overhaul practices from arbitrary price hikes to unfair treatment of drivers. More broadly, Beijing is in the process of a sweeping crackdown on the nation’s Big Tech firms designed to curb their growing influence.

In November 2020 the authorities derailed the planned IPO of fintech giant Ant Group Co. and in April hit Alibaba with a record $2.8 billion fine after an antitrust probe found it had abused its market dominance. Didi, however, said on Monday it was unaware of China’s decision to halt registrations and remove the app from app stores before its listing.

6. Why does Didi matter?

You can’t really overstate just how dominant Didi is in ride hailing in China, accounting for 88% of total trips in the fourth quarter of 2020. When Didi bought Uber’s Chinese operations in 2016, Uber took a stake in the company that currently stands at 12%. Didi’s U.S. IPO was shepherded by a who’s who of Wall Street banks. Its largest shareholder is Japan’s SoftBank Group Corp. with more than 20%, and others include Chinese social networking colossus Tencent Holdings Ltd. However, due to Didi’s ownership structure, Chief Executive Officer Cheng Wei and President Jean Liu control more than 50% of the voting power.

7. How’s the company doing?

While Didi had a net loss of $1.6 billion on revenue of $21.6 billion last year, according to its filings with the U.S. Securities and Exchange Commission, its diversity cushioned it against the worst of the pandemic downturn. The company reported net income of $837 million in the first quarter of 2021. With growth in its core market beginning to slow, it has expanded rapidly into fields from car repairs to grocery delivery and has pumped hundreds of millions into researching autonomous driving technology. It’s also said to be planning to expand services into Western Europe.

8. What happens now?

On Didi specifically the critical question is what the review regarding user data finds. But analysts are already looking at the likely wider impact. Key issues are whether the action is likely to discourage other Chinese tech firms from embarking on an overseas listing, and whether the action marks a new direction for the regulatory crackdown. Didi itself said in a statement in would fully cooperate with the review. It warned though that the removal of the app for new users may have an adverse affect on revenue.

Based on the laws cited by the regulators, Didi is probably being investigated over its purchase of certain products and services from other suppliers, which may threaten national data security, according to analysts from Shenzhen-based Ping An Securities. “Didi will inevitably have to check its core network equipment, high-performance computers and servers, large-capacity storage equipment, large databases and application software, network security equipment, and cloud computing services, sort them out and make necessary rectifications to meet regulatory requirements,” the analysts wrote in a note on Monday.

Yang Sirui, chief analyst for the computer industry at Bank of China International, said that Didi went for its public listing in the US hastily, probably due to investor pressure. “Listing Didi as soon as possible meets the demands of the capital,” he said. “But if [Didi] had arbitrarily collected user privacy data, abused it, or monetized it illicitly, it will inevitably be punished by Chinese regulators.” Since its founding in 2012, Didi has undergone a number of private fundraising rounds, raising tens of billions of dollars from venture capital or major tech firms. According to its IPO prospectus, SoftBank Vision Fund is currently the largest shareholder of Didi, with a 21.5% stake. Uber (UBER) and Tencent (TCEHY) followed with a 12.8% and 6.8% stake respectively.

The Reference Shelf

QuickTakes on China’s crackdown on tech giants, and why it changed the rules on Ant.
Bloomberg Opinion’s Shuli Ren explains how Didi’s foreign investors are on the hook.
Businessweek examines how China crushed Jack Ma and who’s next.
A preview of the clouds that marred Didi’s IPO ambition.
The company’s IPO prospectus.

— With assistance by Coco Liu, Molly Schuetz, Abhishek Vishnoi, and Colum Murphy

By: Emily Cadman

Source: Why China is Citing Security Risks in Crack Down on $UBER rival $DIDI – Bloomberg

Critics:

Didi is a Chinese vehicle for hire company headquartered in Beijing with over 550 million users and tens of millions of drivers. The company provides app-based transportation services, including taxi hailing, private car hailing, social ride-sharing, and bike sharing; on-demand delivery services; and automobile services, including sales, leasing, financing, maintenance, fleet operation, electric vehicle charging, and co-development of vehicles with automakers.

In March 2017, the Wall Street Journal reported that SoftBank Group Corporation approached DiDi with an offer to invest $6 billion in the company to fund the ride-hailing firm’s expansion in self-driving car technologies, with a significant portion of the money to come from SoftBank’s then-planned $100 billion Vision Fund.

DiDi claims that it provides over tens of millions of flexible job opportunities for people, including a considerable number of women, laid-off workers and veteran soldiers. Based on a survey released by DiDi in March 2019, women rideshare drivers in Brazil, China and Mexico account for 16.7%, 7.4% and 5.6% of total rideshare drivers on its platforms, respectively. DiDi supports more than 4,000 innovative SMEs, which provides more than 20,000 jobs additionally.

40% of DiDi’s employees are women. In 2017, DiDi launched a female career development plan and established the “DiDi Women’s Network”. It is reportedly the first female-oriented career development plan in a major Chinese Internet company.

References

“China’s Didi Chuxing launches ride service in Mexico”. Reuters. Archived from the original on 14 May 2018. Retrieved 14 May 2018.
Kaye, Byron. “Chinese ride-sharing giant Didi picks Australia for first Western…” Reuters. Archived from the original on 15 June 2018. Retrieved 15 June 2018.
Jourdan, Adam. “China’s Didi, SoftBank target Japan in taxi-hailing push”. Reuters. Archived from the original on 15 June 2018. Retrieved 15 June 2018.
“Didi Kuaidi (滴滴快的)”. Tech in Asia. Archived from the original on 8 September 2015. Retrieved 8 September 2015.
“DiDi Chuxing Company Profile”. Craft. Archived from the original on 9 December 2019. Retrieved 9 December 2019.
“China’s Didi to invest $1 billion in its auto services platform”. Reuters. 6 August 2018. Archived from the original on 12 November 2019. Retrieved 9 June 2019.
104483. “China’s Didi gets $500 million funding from Booking.com parent”. Archived from the original on 6 August 2018. Retrieved 6 August 2018.
“Didi Chuxing suspends carpool service after woman killed”. BBC News. 26 August 2018. Archived from the original on 27 August 2018. Retrieved 27 August 2018.
“about us”. crunchbase.com. Archived from the original on 21 July 2018. Retrieved 21 July 2018.
Bernard Marr (26 November 2018). “AI in China: How Uber Rival Didi Chuxing Uses Machine Learning To Revolutionize Transportation”. Forbes. Archived from the original on 28 November 2018. Retrieved 9 June 2019.
“Didi Kuaidi”. Tech in Asia. 8 September 2015. Archived from the original on 8 September 2015. Retrieved 21 October 2015.
Chandran, Eunice Yoon,Nyshka (19 May 2016). “Didi Chuxing boss discusses Apple deal, China’s market and growth strategies”. CNBC. Retrieved 3 July 2020.
“Didi’s Cheng Wei: Chinese patriot who tamed Uber”. Reuters. 11 August 2016. Archived from the original on 9 October 2016. Retrieved 8 October 2016.
“Company Overview of Beijing Xiaoju Keji Co., Ltd”. Bloomberg L.P. Archived from the original on 22 July 2018. Retrieved 15 February 2019.
“Tech in Asia – Connecting Asia’s startup ecosystem”. techinasia.com. Archived from the original on 24 March 2019. Retrieved 15 February 2019.
“Dididache 嘀嘀打车 – Hailing the Future, One Cab at a Time”. Channels. Archived from the original on 24 March 2019. Retrieved 15 February 2019.
Rick Carew (1 April 2015). “Chinese Taxi-Hailing App’s Valuation Soars to $8.75 Billion”. The Wall Street Journal. Archived from the original on 14 November 2017. Retrieved 15 December 2017.
Gerry Shih (13 February 2015). “China taxi apps Didi Dache and Kuaidi Dache announce $6 billion tie-up”. Reuters. Archived from the original on 7 May 2019. Retrieved 16 May 2019.
Paul Mozur and Mike Isaac (8 June 2015). “Uber Spends Heavily to Establish Itself in China”. The New York Times. Archived from the original on 16 May 2019. Retrieved 16 May 2019.
Paul Carsten (7 July 2015). “China car hailing app Didi Kuaidi raises $2 billion as Uber rivalry intensifies”. Reuters. Archived from the original on 10 May 2017. Retrieved 1 July 2017.
C. Custer (17 September 2015). “Didi Kuaidi partners with Lyft and invests $100M to take on Uber”. Tech in Asia. Archived from the original on 11 October 2015. Retrieved 21 October 2015.
He Huifeng (23 January 2018). “China’s top car-hailing app Didi Kuaidi rebrands itself with new logo, name in bid to shake off ‘illegal taxi service’ stigma amid crackdown”. South China Morning Post. Archived from the original on 27 August 2018. Retrieved 27 August 2018.
“Following protests, Didi Dache and Kuaidi Dache offices shut down in Luoyang”. Tech in Asia – Connecting Asia’s startup ecosystem. Sina Tech. 13 May 2015. Archived from the original on 27 August 2018. Retrieved 27 August 2018.
“Didi Chuxing invests in Brazil rival”. CNBC. 4 January 2017. Archived from the original on 7 November 2017. Retrieved 1 November 2017.
Hawkins, Andrew J. (1 August 2016). “Lyft’s partnership with Didi is on the skids after Chinese app merges with Uber”. The Verge. Archived from the original on 30 September 2016. Retrieved 28 September 2016.
“Apple invests $1 billion in Chinese ride-hailing service Didi Chuxing”. Reuters. 13 May 2016. Archived from the original on 3 April 2019. Retrieved 13 May 2016.
Isaac, Mike; Goel, Vindu (12 May 2016). “Apple Puts $1 Billion in Didi, a Rival to Uber in China”. The New York Times. ISSN 0362-4331. Archived from the original on 1 April 2019. Retrieved 13 May 2016.
“Apple Invests $1 Billion in Didi, Uber’s Rival in China”. The Wall Street Journal. 13 May 2016. Archived from the original on 6 April 2019. Retrieved 13 May 2016.
Osawa, Juro; Carew, Rick (16 June 2016). “Didi Chuxing, China’s Rival to Uber, Scores $7 Billion in New Funding”. The Wall Street Journal. ISSN 0099-9660. Archived from the original on 4 October 2016. Retrieved 8 October 2016.
“Uber Is Burning Through $1 Billion a Year in China”. Fortune. Archived from the original on 22 March 2016. Retrieved 2 April 2016.
Ovide, Shira (1 August 2016). “Uber Wins by Losing”. Bloomberg Gadfly. Archived from the original on 9 March 2017. Retrieved 8 March 2017.
“China taxi apps Didi Dache and Kuaidi Dache announce $6 billion tie-up”. Reuters. 14 February 2015. Archived from the original on 15 November 2016. Retrieved 15 December 2017.
Kharpal, Arjun (1 August 2016). “Taxi app rival Didi Chuxing to buy Uber’s China business in $35 billion deal”. CNBC. Archived from the original on 7 October 2016. Retrieved 8 October 2016.
“Uber Sells China Operations to Didi Chuxing”. Archived from the original on 15 December 2017. Retrieved 15 December 2017.
Millward, Steven (1 August 2016). “Uber’s China unit acquired by Didi in $35b deal”. Tech in Asia. Archived from the original on 20 August 2016. Retrieved 1 August 2016.
“Business this week”. The Economist. Archived from the original on 12 August 2016. Retrieved 12 August 2016.
TAI, MARIKO (1 August 2016). “Didi Chuxing to acquire Uber’s China operation”. Nikkei. Archived from the original on 6 August 2017.
Wu, Kane; Negishi, Mayumi (28 March 2017). “SoftBank Considers $6 Billion Investment in China Ride-Hailing Firm Didi”. The Wall Street Journal. New York City, United States. Archived from the original on 30 March 2017. Retrieved 30 March 2017.
“China’s Didi Raises Over $5.5 Billion in Record Tech Funding”. Bloomberg L.P. 28 April 2017. Archived from the original on 6 August 2017. Retrieved 18 July 2017. “China ride-sharing firm Didi raises $4 billion for global push”. Reuters. 21 December 2017. Archived from the original on 5 January 2018. Retrieved 5 January 2018.

The 3 Biggest Mistakes the Board Can Make Around Cyber Security

Cybersecurity

The role of the Board in relation to cyber security is a topic we have visited several times since 2015, first in the wake of the TalkTalk data breach in the UK, then in 2019 following the WannaCry and NotPeyta outbreaks and data breaches at BA, Marriott and Equifax amongst others. This is also a topic we have been researching with techUK, and that collaboration resulted in the start of their Cyber People series and the production of the “CISO at the C-Suite” report at the end of 2020.

Overall, although the topic of cyber security is now definitely on the board’s agenda in most organisations, it is rarely a fixed item. More often than not, it makes appearances at the request of the Audit & Risk Committee or after a question from a non-executive director, or – worse – in response to a security incident or a near-miss.

All this hides a pattern of recurrent cultural and governance attitudes which could be hindering cyber security more than enabling it. There are 3 big mistakes the Board needs to avoid to promote cyber security and prevent breaches.

1- Downgrading it

“We have bigger fishes to fry…”

Of course, each organisation is different and the COVID crisis is affecting each differently – from those nearing collapse, to those which are booming. But pretending that the protection of the business from cyber threats is not a relevant board topic now borders on negligence and is certainly a matter of poor governance which non-executive directors have a duty to pick up.

Cyber attacks are in the news every week and have been the direct cause of millions in direct losses and hundreds of millions in lost revenues in many large organisations across almost all industry sectors.

Data privacy regulators have suffered setbacks in 2020: They have been forced to adjust down some of their fines (BA, Marriott), and we have also seen a first successful challenge in Austria leading to a multi-million fine being overturned (EUR 18M for Austrian Post). Nevertheless, fines are now reaching the millions or tens of millions regularly; still very far from the 4% of global turnover allowed under the GDPR, but the upwards trend is clear as DLA Piper highlighted in their 2021 GDPR survey, and those number should register on the radar of most boards.

Finally, the COVID crisis has made most businesses heavily dependent on digital services, the stability of which is built on sound cyber security practices, in-house and across the supply chain.

Cyber security has become as pillar of the “new normal” and even more than before, should be a regular board agenda, clearly visible in the portfolio of one member who should have part of their remuneration linked to it (should remuneration practices allow). As stated above, this is fast becoming a plain matter of good governance.

2- Seeing it as an IT problem

“IT is dealing with this…”

This is a dangerous stance at a number of levels.

First, cyber security has never been a purely technological matter. The protection of the business from cyber threats has always required concerted action at people, process and technology level across the organisation.

Reducing it to a tech matter downgrades the subject, and as a result the calibre of talent it attracts. In large organisations – which are intrinsically territorial and political – it has led for decades to an endemic failure to address cross-silo issues, for example around identity or vendor risk management – in spite of the millions spent on those matters with tech vendors and consultants.

So it should not be left to the CIO to deal with, unless their profile is sufficiently elevated within the organisation.

In the past, we have advocated alternative organisational models to address the challenges of the digital transformation and the necessary reinforcement of practices around data privacy in the wake of the GDPR. They remain current, and of course are not meant to replace “three-lines-of-defence” type of models.

But here again, caution should prevail. It is easy – in particular in large firms – to over-engineer the three lines of defence and to build monstrous and inefficient control models. The three lines of defence can only work on trust, and must bring visible value to each part of the control organisation to avoid creating a culture of suspicion and regulatory window-dressing.

3- Throwing money at it

“How much do we need to spend to get this fixed?”

The protection of the business from cyber threats is something you need to grow, not something you can buy – in spite of what countless tech vendors and consultants would like you to believe.

As a matter of fact, most of the breached organisations of the past few years (BA, Marriott, Equifax, Travelex etc… the list is long…) would have spent collectively tens or hundreds of millions on cyber security products over the last decades…

Where cyber security maturity is low and profound transformation is required, simply throwing money at the problem is rarely the answer.

Of course, investments will be required, but the real silver bullets are to be found in corporate culture and governance, and in the true embedding of business protection values in the corporate purpose: Something which needs to start at the top of the organisation through visible and credible board ownership of those issues, and cascade down through middle management, relayed by incentives and remuneration schemes.

This is more challenging than doing ad-hoc pen tests but it is the only way to lasting long-term success.

By: JC Gaillard

Source: The 3 Biggest Mistakes the Board Can Make Around Cyber Security – Business 2 Community

Critics:

A data breach is the intentional or unintentional release of secure or private/confidential information to an untrusted environment. Other terms for this phenomenon include unintentional information disclosure, data leak, information leakage and also data spill. Incidents range from concerted attacks by black hats, or individuals who hack for some kind of personal gain, associated with organized crime, political activist or national governments to careless disposal of used computer equipment or data storage media and unhackable source.

Definition: “A data breach is a security violation in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.”Data breaches may involve financial information such as credit card & debit card details, bank details, personal health information (PHI), Personally identifiable information (PII), trade secrets of corporations or intellectual property. Most data breaches involve overexposed and vulnerable unstructured data – files, documents, and sensitive information.

Data breaches can be quite costly to organizations with direct costs (remediation, investigation, etc) and indirect costs (reputational damages, providing cyber security to victims of compromised data, etc.)

According to the nonprofit consumer organization Privacy Rights Clearinghouse, a total of 227,052,199 individual records containing sensitive personal information were involved in security breaches in the United States between January 2005 and May 2008, excluding incidents where sensitive data was apparently not actually exposed.

Many jurisdictions have passed data breach notification laws, which requires a company that has been subject to a data breach to inform customers and takes other steps to remediate possible injuries.

A data breach may include incidents such as theft or loss of digital media such as computer tapes, hard drives, or laptop computers containing such media upon which such information is stored unencrypted, posting such information on the world wide web or on a computer otherwise accessible from the Internet without proper information security precautions, transfer of such information to a system which is not completely open but is not appropriately or formally accredited for security at the approved level, such as unencrypted e-mail, or transfer of such information to the information systems of a possibly hostile agency, such as a competing corporation or a foreign nation, where it may be exposed to more intensive decryption techniques.

ISO/IEC 27040 defines a data breach as: compromise of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to protected data transmitted, stored or otherwise processed.

The Colonial Pipeline Hackers Are One Of The Savviest Criminal Startups In A $370 Million Ransomware Game

Cybersecurity, Hacking News/Robbery

US-IT-OIL-CRIME-PIPELINE-HACKER

When Colonial Pipeline took its gasoline lines down following a successful cyberattack last week, it became the most high-profile victim of a hacking group called DarkSide.

But DarkSide isn’t a single entity. It’s a media-savvy, semiprofessional startup and software supplier for an illicit market of hackers looking for a quick easy way to breach and extort large businesses. In a ransomware game that, according to data from cryptocurrency tracker Chainalysis, has seen $370 million 2020 revenue for the criminals in the form of ransom payments, DarkSide and its partners represent a dangerous new breed of underground businesses that are working together to menace legitimate organizations, across public and private sectors.

The security industry calls DarkSide’s business model “ransomware-as-a-service,” as it mimics the software-as-a-service model. First, provide financially motivated cybercriminals with the best software for stealing data and encrypting victims’ files over the internet via an easily accessible dark website. Second, provide the services around that software, such as tools that allow digital extortionists to communicate directly with their victims or get IT support. Third, share the rewards if a target pays the ransom.

DarkSide takes most of the cut. According to FireEye, the security company whose Mandiant division is helping the Colonial Pipeline recover, DarkSide takes 25% of ransom fees less than $500,000 and 10% of ransom fees above $5 million. Though that’s a sizable cut of the proceeds, the DarkSide operators make ransomware attacks so simple, customers keep coming. “It’s a great way of making quick money,” says Peter Kruse, founder and CEO of CSIS Security Group, which says it has seen various cybercrime actors using the DarkSide ransomware service. In the case of the Colonial Pipeline, DarkSide says a client using its software mounted the attack that shut the pipeline down.

To stand out from the crowd, DarkSide has promised the best encryption speeds to lock up computers faster than anyone else. It also supports attacks on both Microsoft Windows and Linux operating systems. Its marketing is working. Since emerging in August 2020, it’s leaked the data of more than 80 organizations. The identities of those who paid may never be known, notes ransomware tracker Brett Callow. “They’ve hit at least 114 organizations and they’ve published data from 83, so these didn’t pay (the ransom).

Which means at least 31 did,” Callow says. Given DarkSide users’ ransom demands range between $200,000 to $2 million, according to security startup CyberReason, it’s possible they’ve collectively made more than $30 million in just half a year. And, with KrebsOnSecurity reporting that the group negotiated an $11 million ransom with one victim company, it’s likely higher than that estimate. (A message to the DarkSide crew didn’t receive a response.)

Lax security may be helping the hackers. Before DarkSide’s malware can be deployed, its customers first need to have broken into a network, and DarkSide doesn’t provide that service. Kruse says DarkSide’s partners look for vulnerable devices that can be found by scanning the web. Once those systems are found, they can be exploited and leverage gained on a target’s network. They then need to take control of other connected computers and install the DarkSide software, which wraps the victims’ data and locks it with keys targets must pay ransom to use.

Colonial Pipeline hasn’t yet revealed exactly how it was breached, though analyses of the company’s servers from security experts discovered a few avenues hackers could have used to poke holes in its defenses. There were, for instance, a large number of surveillance cameras attached to the company’s IT infrastructure, according to Derek Abdine from security company Censys.

And Bob Maley, a former PayPal security lead and now chief security officer at cyber defense startup Black Kite, says he saw open remote management and file sharing servers, which, if the hackers had somehow acquired logins, could have provided a path onto Colonial’s network.

“If I was going to hack that… I’d simply use a publicly available tool to connect to that port, run a little script and try all the credentials that I have, plus some of the common … default usernames and passwords,” Maley added. That “credential stuffing” attack could then provide enough network access to start finding a way to plant the ransomware.

There’s long been concern that critical infrastructure businesses aren’t well-prepared for the kinds of attack described by Maley, even if they’re far from the most sophisticated attacks the internet sees every day. “Legacy industrial control systems and other similar infrastructures were primarily designed to keep information in and execute their control tasks dependably and consistently. Unfortunately, there were little or no provisions built in to adequately secure the systems and keep people out,” says Chris Piehota, a former FBI technology director.

Personnel is another issue. Kruse and Maley noted that Colonial didn’t appear to have anyone in charge of cybersecurity. Colonial said its chief information officer, hired in 2017, led cybersecurity efforts, undertaking a review of its defenses and increasing total spending on IT, including cybersecurity, by more than 50% in the past four years.

A spokesperson told Forbes it had “robust protocols and software in place to detect and address threats proactively and reactively,” and that its third-party incident response team determined it was following “best practices” before the breach. Any speculation about the root cause of the incident would be premature and not informed by the facts, they added. They declined to comment on whether or not a ransom had been paid, and wouldn’t say how much the hackers had demanded.

The hack itself is just the first part of a modern-day ransomware swindle. DarkSide and similar groups have realized that they need to control the story, play the press and apply as much pressure to victims as possible to extract a ransom.

The added threat on top of all that data loss is public shaming. DarkSide and other groups’ dark websites aren’t just spaces for them to expose victims’ data. They’re places where they can attract media attention to amplify successes and, possibly, increase the ransoms as companies pay up to avoid reputational damage. The first of this new breed of publicity-friendly ransomware extortionist came in late 2019, with the emergence of Maze, which became infamous for attacks on U.S. schools. According to Callow, from security company Emsisoft, there are now about 30 doing much the same.

Another group, Babuk, has shown in the past month how devastating public shaming can be, after it hacked into the Washington, D.C., Metropolitan Police Department. When the police didn’t pay the $4 million ransom, Babuk started releasing the personal information of officers. In a new batch of data on 22 police officers released this week, the leaked information included psychological assessments, social security numbers, financial data and marriage histories. Babuk even posted conversations between itself and the department, in which the latter apparently tried to lowball the crew with a $100,000 ransom offer. Babuk rejected the offer. The police department has previously acknowledged the attack but hadn’t responded to requests for comment at the time of publication.

DarkSide has used a different tactic to try to improve its public image, presenting itself as a kind of Robinhood hacking organization, giving a small portion of stolen funds to charity, offering short-sellers advance information so they can bet on a victim’s stock tanking, and promising not to attack certain industries: hospitals, funeral services, schools, universities, nonprofits and government organizations. It even claims to only permit attacks on companies it knows can afford to pay, saying, “We do not want to kill your business.”

As the group wrote on its dark web “press center” earlier this week: “Our goal is to make money, and not creating [sic] problems for society.” One victim, Dalton, Georgia-based carpet manufacturer Dixie Group Inc., disclosed a ransomware attempt affecting “portions of its information technology systems” earlier this year.

With the Colonial Pipeline, DarkSide apparently realized too late that one of its partners had targeted an industry that served a huge number of consumers with gasoline and subsequently promised to “introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” Now the world has its eyes on the hacking group. In a “flash notice” to the cybersecurity industry and government agencies this week, the FBI said it has been investigating DarkSide since October, just two months after it emerged.

Its investigators and global partners have had increasing success against malware operators in recent months, the most significant in January, in which the U.S. Justice Department said it had participated in a multinational operation to disrupt and take down infrastructure of the malware and botnet known as Emotet. Described by experts as the most dangerous malware in the world, Emotet offered criminals access to personal and company computers. As with DarkSide, many criminals paid Emotet’s operators to install ransomware. Authorities made arrests of alleged administrators, who face charges in Ukraine, though they’ve yet to go on trial.

Despite that case and the blueprint it laid down for future cyber investigations, the only authorities DarkSide appears to fear are Russian-speaking: Its malware won’t work if it detects its victim is Russian. This has led to accusations that the Kremlin either supports or harbors criminals that target Western businesses, something Putin’s government has staunchly denied.

Dmitri Alperovitch, cofounder of cybersecurity company CrowdStrike and now executive chairman at the Silverado Policy Accelerator nonprofit, says there’s no evidence DarkSide has obvious links to Russian intelligence, adding, “Given their long past history of willful harboring of cybercrime, I don’t think it matters.”

Follow me on Twitter. Check out my website. Send me a secure tip.

Thomas Brewster

I’m associate editor for Forbes, covering security, surveillance and privacy. I’m also the editor of The Wiretap newsletter, which has exclusive stories on real-world surveillance and all the biggest cybersecurity stories of the week. It goes out every Monday and you can sign up here: https://www.forbes.com/newsletter/thewiretap

I’ve been breaking news and writing features on these topics for major publications since 2010. As a freelancer, I worked for The Guardian, Vice, Wired and the BBC, amongst many others.

Tip me on Signal / WhatsApp / whatever you like to use at +447782376697. If you use Threema, you can reach me at my ID: S2XY9B9U.

If you want to tip me with something sensitive? Get in contact on Signal or Threema, and we can use OnionShare. It’s a great way to share documents privately. See here: https://onionshare.org/

Source: The Colonial Pipeline Hackers Are One Of The Savviest Criminal Startups In A $370 Million Ransomware Game

References

Jordan Robertson and William Turton (May 8, 2021). “Colonial Hackers Stole Data Thursday Ahead of Shutdown”. Bloomberg News. Archived from the original on May 9, 2021. Retrieved May 9, 2021.
GLORIA GONZALEZ, BEN LEFEBVRE and ERIC GELLER (May 8, 2021). “‘Jugular’ of the U.S. fuel pipeline system shuts down after cyberattack”. Politico. Archived from the original on May 9, 2021. Retrieved May 9, 2021. The infiltration of a major fuel pipeline is “the most significant, successful attack on energy infrastructure we know of.”
Helmore, Edward (May 10, 2021). “FBI confirms DarkSide hacking group behind US pipeline shutdown”. The Guardian. Archived from the original on May 12, 2021. Retrieved May 10, 2021.
Bing, Christopher; Kelly, Stephanie (May 8, 2021). “Cyber attack shuts down top U.S. fuel pipeline network”. Reuters. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
Segers, Grace (May 8, 2021). “Cyberattack prompts major pipeline operator to halt operations”. CBS News. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
Peñaloza, Marisa (May 8, 2021). “Cybersecurity Attack Shuts Down A Top U.S. Gasoline Pipeline”. NPR. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
Sanger, David; Krauss, Clifford; Perlroth, Nicole (May 8, 2021). “Cyberattack Forces a Shutdown of a Top U.S. Pipeline”. New York Times. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
Eaton, Collin; Volz, Dustin (May 8, 2021). “U.S. Pipeline Cyberattack Forces Closure”. Wall Street Journal. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
Stracqualursi, Veronica (May 8, 2021). “Cyberattack forces major US fuel pipeline to shut down”. CNN. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
“Colonial Pipeline blames ransomware for pipeline shutdown”. NBC News. May 8, 2021. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
William Turton, Michael Riley, and Jennifer Jacobs (May 12, 2021). “Colonial Pipeline Paid Hackers nearly $5 Million in Ransom”. Bloomberg.
Suderman, Alan; Tucker, Eric (May 8, 2021). “Major US pipeline halts operations after ransomware attack”. AP News. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
“Top US pipeline operator shuts major fuel line after cyber attack”. The Jerusalem Post. May 8, 2021. Archived from the original on May 8, 2021. Retrieved May 8, 2021.
Javers, Eamon (May 10, 2021). “Here’s the hacking group responsible for the Colonial Pipeline shutdown”. CNBC. Archived from the original on May 10, 2021. Retrieved May 11, 2021.
Perlroth, Nicole (May 13, 2021). “Colonial Pipeline paid 75 Bitcoin, or roughly $5 million, to hackers”. NYTimes.com. The New York Times. Retrieved May 13, 2021.

Bomey, Nathan. “Colonial Pipeline looking to ‘substantially restore operations by end of week”. USA TODAY. Archived from the original on May 10, 2021. Retrieved May 10, 2021.

“American Airlines adds fuel stops to two flights after pipeline outage”. Reuters. Reuters. May 11, 2021. Archived from the original on May 12, 2021. Retrieved May 11, 2021.
Josephs, Leslie (May 11, 2021). “Pipeline outage forces American Airlines to add stops to some long-haul flights”. CNBC. Archived from the original on May 12, 2021. Retrieved May 11, 2021.
“Gas Stations Run Dry as Pipeline Races to Recover From Hacking”. Bloomberg.com. May 9, 2021. Archived from the original on May 10, 2021. Retrieved May 11, 2021.
“Petrol shortages sweep US as Colonial Pipeline remains down”. http://www.aljazeera.com. Archived from the original on May 11, 2021. Retrieved May 11, 2021.
Lee, Ron (May 11, 2021). “GasBuddy reports 71% of gas stations without fuel in Charlotte metro amid Colonial Pipeline shutdown”. WBTV News Channel 3. Charlotte, NC. Archived from the original on May 12, 2021. Retrieved May 12, 2021.
Shah, Jill R. (May 15, 2021). “Gasoline pinch to continue with truck shortage”. The Charlotte Observer. p. A4 – via Bloomberg News.
Englund, Will; Nakashima, Ellen (May 12, 2021). “Panic buying strikes Southeastern United States as shuttered pipeline resumes operations”. WashingtonPost.com. The Washington Post. Retrieved May 13, 2021.
“US fuel pipeline hackers ‘didn’t mean to create problems‘“. BBC News. May 10, 2021. Archived from the original on May 10, 2021. Retrieved May 10, 2021.
“Biden Says Russia Has ‘Some Responsibility’ In Pipeline Ransomware Attack”. Radio Free Europe. May 10, 2021. Archived from the original on May 12, 2021. Retrieved May 11, 2021.
“US fuel pipeline hackers ‘didn’t mean to create problems‘“. BBC News. May 10, 2021. Archived from the original on May 10, 2021. Retrieved May 12, 2021.
Rivero, Nicolás. “Hacking collective DarkSide are state-sanctioned pirates”. Quartz. Archived from the original on May 12, 2021. Retrieved May 12, 2021.
“DarkSide hackers behind Colonial Pipeline attack say they wanted cash, not chaos”. http://www.abc.net.au. May 10, 2021. Archived from the original on May 12, 2021. Retrieved May 10, 2021.
Mahtani, Melissa; Macaya, Melissa; Hayes, Mike; Rocha, Veronica (May 11, 2021). “Latest on the US gas demand spikes”. CNN. Archived from the original on May 12, 2021. Retrieved May 12, 2021.
Wagner, Meg; Macay, Melissa; Hayes, Mike; Mahtani, Melissa; Rocha, Veronica. “Gas shortages at some US stations: Live updates”. CNN. Archived from the original on May 12, 2021. Retrieved May 12, 2021.
Brito, Christopher (May 12, 2021). “Officials warn people not to fill plastic bags with gasoline amid panic over gas shortage”. CBS News. Retrieved May 13, 2021.
Egan, Matt; Duffy, Clare. “Colonial Pipeline launches restart after six-day shutdown”. CNN Business. Archived from the original on May 12, 2021. Retrieved May 12, 2021.
Krauss, Clifford. “Colonial Pipeline Begins to Restart Flow of Fuel”. The New York Times. Archived from the original on May 12, 2021. Retrieved May 12, 2021.

European Banking Authority (EBA) Microsoft Exchange Servers Hacked

Banking News, Banking Tools, Cybersecurity, Security Apps, Web Security Tools

Paris Looks to Charm London's Brexiles

The European Banking Authority (EBA) has confirmed it has fallen victim to the ongoing Microsoft Exchange attacks.

With a total of four highly valuable zero-day exploits, previously unreported vulnerabilities that give cybercriminals a head start in any attack campaign, the attacks against on-premises Microsoft Exchange servers were always going to be a big deal. Those initial attacks, which prompted Microsoft to publish an emergency out-of-band security update, were attributed to a nation state-sponsored group identified as HAFNIUM. The nation in question is China. However, Microsoft has now confirmed that it “continues to see increased use of these vulnerabilities in attacks targeting unpatched systems by multiple malicious actors beyond HAFNIUM.”

As I reported on March 6, credible sources were suggesting that the attacks against vulnerable Microsoft Exchange servers were thought to have compromised ‘hundreds of thousands’ of servers, more than 30,000 in the U.S. alone.

One of those attacked outside of the U.S. was the European Union’s banking regulator, the European Banking Authority. On March 7, the EBA issued a statement confirming that it had “been the subject of a cyber-attack against its Microsoft Exchange Servers.”

While stating that a full investigation was underway, the EBA went on to add: “As the vulnerability is related to the EBA’s email servers, access to personal data through emails held on that servers may have been obtained by the attacker. The EBA is working to identify what, if any, data was accessed. Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. As a precautionary measure, the EBA has decided to take its email systems offline. Further information will be made available in due course.”

Further information was, indeed, made available by way of an update on March 8. “The EBA investigation is still ongoing and we are deploying additional security measures and close monitoring in view of restoring the full functionality of the email servers,” it read. “At this stage, the EBA email infrastructure has been secured and our analyses suggest that no data extraction has been performed and we have no indication to think that the breach has gone beyond our email servers.”

“The exploitation of the 0days in question required some specific conditions and thus raises questions what exactly happened at the EBA,” Ilia Kolochenko, chief architect at ImmuniWeb, said. “Another key question is when exactly the EBA was compromised?” Kolochenko points out that if the intrusion happened after the disclosure but prior to the emergency patch, the vulnerable systems should have been immediately disconnected to prevent exploitation in the wild. “The EBA is likely not the last victim of this hacking campaign,” he warns, “and more public authorities may disclosure incidents stemming from exploitation of the same vulnerabilities.”

I have approached the EBA for further comment.

Meanwhile, Mark Bower, a senior vice-president at comforte AG, said that “the capacity for attackers to extract sensitive data from emails, spreadsheets in mailboxes, insecure credentials in messages, as well as attached servers presents an advanced and persistent threat with multiple dimensions.”

Although it should be reiterated that, at this point in the investigation, the EBA is saying that “no data extraction has been performed and we have no indication to think that the breach has gone beyond our email servers.” Bower, like Kolochenko, warns that more incidents will be reported. “Affected entities and their supply chain partners will see a persistent secondary impact as a result over a long period of time,” he said.

I’ll leave the final word to John Hultquist, vice-president of analysis with Mandiant Threat Intelligence. “Though broad exploitation of the Microsoft Exchange vulnerabilities has already begun, many targeted organizations may have more to lose as this capability spreads to the hands of criminal actors who are willing to extort organizations and disrupt systems.

The cyber espionage operators who have had access to this exploit for some time, aren’t likely to be interested in the vast majority of the small and medium organizations. Though they appear to be exploiting organizations in masses, this effort could allow them to select targets of the greatest intelligence value.”

Update March 9

The EBA has now published a third update, which I reprint here in full:

“The European Banking Authority (EBA) has established that the scope of the event caused by the recently widely notified vulnerabilities was limited and that the confidentiality of the EBA systems and data has not been compromised.

Thanks to the precautionary measures taken, the EBA has managed to remove the existing threat and its email communication services have, therefore, been restored.

Since it became aware of the vulnerabilities, the EBA has taken a proactive approach and carried out a thorough assessment to appropriately and effectively detect any network intrusion that could compromise the confidentiality, integrity and availability of its systems and data.

The analysis was carried out by the EBA in close collaboration with the Computer Emergency Response Team (CERT-EU) for the EU institutions, agencies and bodies, the EBA’s ICT providers, a team of forensic experts and other relevant entities.”

Davey Winder

I’m a three-decade veteran technology journalist and have been a contributing editor at PC Pro magazine since the first issue in 1994. A three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) I was also fortunate enough to be named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro called ‘Threats to the Internet.’ In 2011 I was honored with the Enigma Award for a lifetime contribution to IT security journalism. Contact me in confidence at davey@happygeek.com if you have a story to reveal or research to share.

Source: European Banking Authority (EBA) Microsoft Exchange Servers Hacked

More Contents:

Microsoft Email Server Hacked? Cyber Attack Hits 30,000 US Organizations

technostaan.in – March 6

Microsoft Corporation was hit by a cyberattack that affected 30,000 US organizations. Small businesses and the Government were the victims of this attack.

#1 NOOB Joins Dream’s SMP Server! *HACKED*

http://www.youtube.com – March 5

MINECRAFT HACK FREE DOWNLOAD UNDETECTED 2021

p2pconnects.us – March 3

[…] to download minecraft client, wurst client, hacking, how to install wurst client, how install mod, server, hacked, wurst client download, how to download wurst client, minecraft griefing, griefing, tutorial […]

Bnd Krdo push krna – mazaak chalra – Server Hacked – Memes – PUBG Mobile – WANTED GaminG

http://www.youtube.com – February 27

TwitLonger — When you talk too much for Twitter

http://www.twitlonger.com – February 17

[…] or dignity when being apart of servers including: Putting racial slurs, and pretend-having your server hacked, and a bunch of other annoying mischievous things (see here: https://i […]

Pune: NCP accuses PCMC officials, BJP of multi-crore fraud in name of setting Covid care centres | Cities News,

indianexpress.com – February 16

[…] Read |Pune-based private company’s server hacked, duped of Rs 1 […]

Vulnerability in SolusVM Debian 10 template – “debianuser” backdoor/default user —

http://www.lowendtalk.com – February 8

[…] com/posts/server-hacked-record […]

BASEL UG HACKED BY SAYTHE AFF + LIL BERRIES SERVER HACKED BY SAYTHE AFF

youtu.be – December 18, 2020

Quick tutorial CSS tip: How to show source code the easy way – DEV

dev.to – November 24, 2020

[…] I did use this in HTML slidedecks in the past with the result of getting my server hacked […]

N/A

The downfall of firewalls. Leveraging Crowd Power to recreate… | by philippe humeau | Nov, 2020

crowdsecurity.medium.com – November 17, 2020

[…] An IP that was behaving aggressively yesterday was probably used by a server hacked by someone recently […]

N/A

It: Gaiba municipality central server hacked

http://www.databreaches.net – November 11, 2020

The following is a Google translation: The Municipality of Gaiba informs all interested parties (residents and non-residents) that on the night of 6.11.2020 it…

N/A

Trump Campaign Site Hacked – What We Know & Lessons Learned

http://www.wordfence.com – October 28, 2020

[…] IV: Origin server hacked via FTP or SSH – Low Probability This is the least likely scenario since the attackers would nee […]

N/A

U.S. Center for SafeSport server hacked, sensitive documents potentially exposed –

theathletic.com – October 7, 2020

U.S. Center for SafeSport server hacked, sensitive documents potentially exposed

UL Foundation server hacked

http://www.katc.com – September 30, 2020

A server containing UL Foundation data has been hacked, officials said in an email sent to members today. The hack, which was of Blackbaud, a data management software vendor, may have compromised “names, addresses and other contact information” of alumni members, the letter states. The email was sent by John Blohm, vice president of university advancement and CEO of the UL Foundation. “Blackbaud has confirmed that your credit card information, bank account information and Social Security numbers were not compromised, since this database does not store such details,” the letter states. “Further, Blackbaud does not believe the information that was possibly exposed in the breach can be used for identity theft or financial fraud.” The email states that “Blackbaud, in conjunction with the FBI and other law enforcement agencies, conducted a full inquiry and found no evidence that the cybercriminals who gained access to the data shared it in any way. Your information was not made public or otherwise disseminated and was not misused.” It does not say when the hack occurred. The email states that “Blackbaud has already implemented several changes to strengthen its data protection and reduce the risk of future incidents.” Anyone affected doesn’t have to do anything, but it’s always a good idea to “remain vigilant,” the email says.

Michigan government server hacked #GSH – Pastebin.com

pastebin.com – August 14, 2020

Michigan government server hacked, over 20+ city/town websites hacked […]

Ghost Squad Hackers take over Michigan government websites

http://www.onyxmodsllc.com – August 13, 2020

[…] “Michigan government server hacked, over 20+ city/town websites hacked […]

Three Idaho State Websites Are Vandalized by Hackers

http://www.govtech.com – July 28, 2020

[…] “Idaho government server hacked with #FreeAssange message,” the tweet said […]

‘Free Julian Assange’: Trio of Idaho state websites taken over by hackers

http://www.eastidahonews.com – July 27, 2020

[…] “Idaho government server hacked with #FreeAssange message,” the tweet said. Idaho government server hacked with #FreeAssange message […]

State of Idaho server hacked by ‘ghost squad’

idahonews.com – July 27, 2020

A group calling itself Hacked by Ghost Squad Hackers has apparently hacked a State of Idaho server. There’s a message on the screen that reads, “Free Julian Assange. Journalism is not a crime. ” So far, CBS2 News has confirmed the state’s Parks and Recreation page and the Stem Idaho page have been…

272

Nepal Telecom Server Hacker arrested by CIB

http://www.nepalitelecom.com – July 17, 2020

[…] How was the Nepal Telecom server hacked? According to CIB, Deuja used untraceable internet technology to illegally access the company’ […]

‘It was as though we were sitting at the table’ – cartel server hacked – Herald.ie

http://www.herald.ie – July 9, 2020

An encrypted communications server that was hacked by European police forces and led to millions of messages between criminals being intercepted was also used by the Kinahan cartel.

Alexandre BLANC Cyber Security posted on LinkedIn

http://www.linkedin.com – June 3, 2020

[…] in/eWq6jZe “THE VOLLGAR CAMPAIGN: MS-SQL SERVERS UNDER ATTACK” Is your server hacked? Check this out, another years old attacks, active since May 2018, uncovered only recently […]

NTT Com internal cloud server hacked, information on 621 customers stolen – DCD

http://www.datacenterdynamics.com – June 1, 2020

And they knew since mid May…

Cisco server hacked by exploiting SaltStack Vulnerabilities.

vednam.com – May 31, 2020

Cisco Server Hacked is mainly exploited by the two vulnerabilities and that was mainly fixed.The point of how this fall happens on cisco devices.Read…

MSP US SERVER HACKED! *2020* (Gender Switch Tool, Pumpchkin Hacked, & MSP Responds!)

youtu.be – May 30, 2020

6 tips on how to secure your email server

hostio.solutions – May 30, 2020

[…] Therefore, having your email server hacked has a lot of risks, each having a different impact: When spam lands in your subscribers’ inboxes it […]

Mitigating and securing hacked WordPress sites | Alkanyx Software Marketplace

alkanyx.com – April 13, 2020

[…] The reason I’m writing this article is because a couple weeks ago, I got a staging server hacked, that was hosting some old, un-updated wordpress installations […]

AMD’s Big Navi and Xbox Series X GPU ‘Arden’ Source Code Stolen and Leaked

http://www.tomshardware.com – March 26, 2020

[…] ” The hacker claims she found the unencrypted information in a computer/server hacked via exploits […]

Charlatans, Conspiracists And The Trump Boys Seize On Iowa Debacle

talkingpointsmemo.com – February 4, 2020

[…] A Short History Of @DNC: – Openly rigged elections/delegates against Bernie in ‘16 – Server hacked, *proving* that DNC rigged elections against Bernie – Paid for foreign interference in 2016 wit […]

Rolandsmartin: “1.17 TSU names acting prez; GA election server hacked; Poll: Blacks say #45 is racist; Women’s March”

http://www.pscp.tv – January 18, 2020

1.17 TSU names acting prez; GA election server hacked; Poll: Blacks say #45 is racist; Women’s March…

It’s Friday, the weekend has landed… and Microsoft warns of an Internet Explorer zero day exploited in the wild • The Register

http://www.theregister.co.uk – January 18, 2020

[…] ” Georgia election server hacked in 2014 A new revelation has emerged in the battle over paperless voting systems in the US state of […]

It’s Friday, the weekend has landed… and Microsoft warns of an Internet Explorer zero day exploited in the wild • The Register

http://www.theregister.com – January 18, 2020

[…] ” Georgia election server hacked in 2014 A new revelation has emerged in the battle over paperless voting systems in the US state of […]

N/A

Special Olympics Hacked for Phishing Emails | | IT Security News

http://www.itsecuritynews.info – December 31, 2019

Special Olympics of New York, a nonprofit organization that provides sports training and competition to more than 67,000 children and adults with intellectual disabilities, had its email server hacked and later used to launch a phishing campaign against previous donors. The malicious email was camouflaged as an alert of an impending transaction that purported to […] Advertise on IT Security News. Read the complete article: Special Olympics Hacked for Phishing Emails

Special Olympics New York Hacked to Send Phishing Emails

http://www.bleepingcomputer.com – December 31, 2019

[…] organization focused on competitive athletes with intellectual disabilities, had its email server hacked around this year’s Christmas holiday and later used to launch a phishing campaign against previou […]

Hunter Biden Counterfeiting Involved Burisma, Crowdstrike, Filing Claims

pjmedia.com – December 30, 2019

[…] by mainstream media outlets as a conspiracy theory — that when CrowdStrike investigated the DNC server hacked in 2016, the company took them to Ukraine to hide them […]

821

Hunter Biden Accused of $156M Counterfeiting Scheme With Burisma, CrowdStrike, Legal Filing Claims

pjmedia.com – December 30, 2019

[…] by mainstream media outlets as a conspiracy theory — that when CrowdStrike investigated the DNC server hacked in 2016, the company took them to Ukraine to hide them […]

Internet Gov Weekly Brief (W1Y20): UN to draft treaty on cybercrime; California’s new data privacy law; Brazil fines Facebook; Microsoft takes down 50 domains; 18 central banks on digital currencies; ECB announces EUROchain | Internet Governance News

internetgov.news – December 27, 2019

Remember when MSM tried to claim that Trump being spied on was a “conspiracy theory” – Investment Watch

http://www.investmentwatchblog.com – December 21, 2019

[…] Paid $972,000 To Law Firm That Secretly Paid Fusion GPS In 2016 FBI docs: Study found Clinton email server hacked IG report – www […]

Virus Bulletin :: Newsletter

http://www.virusbulletin.com – December 19, 2019

[…] 2019: Stalkerware, VB2019 programme, Ryuk and LockerGoga, Emotet and Trickbot, Ocean Lotus, spam server, hacked home routers, etc […]

How to Manually Delete a WordPress Plugin Using FTP

seo-gold.com – December 8, 2019

[…] and someone manages to acquire your Filezilla XML file they have all your login details! I had a server hacked a while ago and reasonably confident they got the login details (they logged directly into site […]

Cybercrime Joker Retires With A Reported $2.1 Billion In Bitcoin

Casino/Gambling, Crime/Violation, Cybersecurity, Gambling/Gaming

The most popular stolen payment card marketplace on the dark web is no more. The criminal behind the Joker’s Stash site, which trades in stolen credit and debit card data, has announced that all servers and backups will be wiped, and the site will never open again. That criminal, who unsurprisingly goes by the pseudonym of ‘JokerStash’ or Joker for short, has shut up shop and is going into retirement. A rather comfortable retirement, assuming Interpol and the FBI don’t catch up with them, with a reported $2.1 billion (£1.5 billion) in Bitcoin.

Joker’s Stash was the biggest of the carding sites on the dark web. Carding being the process of not just selling that stolen card data, but also enabling criminals to launder their illicit cryptocurrency balances. The stolen card data is used to buy gift cards or other easily traded items which are then sold on for cash. In 2019, I reported how a single payment card database, of more than a million market fresh cards in total, was being offered for sale at $130 million (£93 million.)

PROMOTED Jumio BrandVoice | Paid Program Why Enterprises Must Adopt Stronger Identity Verification Methods To Combat Rising Fraud In 2021 UNICEF USA BrandVoice | Paid Program UNICEF Reports: Over 39 Billion Meals Missed Since Schools Shut Down Grads of Life BrandVoice | Paid Program How Reimagining Employment Practices Can Advance Racial Justice

In a January dark web blog posting, the Joker warned customers of the infamous carding site that it would shut up shop for good on February 15. However, according to financial crime compliance blockchain analysis specialists Elliptic, the site went down on February 3.

As you might imagine, this will not have pleased those customers who thought they had 12 more days to cash out their crypto balances. Although it hasn’t been possible to determine exactly how much money these cyber-criminals may have lost, the reverse is not true: Elliptic analysts have calculated the size of the Joker’s retirement pot based on incoming crypto payments to the Joker’s Stash wallet. MORE FOR YOU

Why Huawei’s New Update Is Seriously Bad News For Android Users WhatsApp Users Suddenly Get This Surprise New Boost From Facebook Huawei’s Striking New Billion-Dollar Gamble Targets Apple, Google (And Tesla)

How big a pension has Joker built up through this criminal enterprise since it started operating in 2014? Elliptic said that, in 2018 alone, $139 million (£100 million) in sales went through Joker’s Stash, by way of example. More recently, revenues dropped significantly as payment card fraud detection technology improved. However, more than $400 million (£288 million) flowed through the site between 2015 and 2021.

Joker’s Stash made its money by charging deposit fees for converting Bitcoin to a dollar balance and also through taking a commission on all trading in stolen cards. Although that commission rate cannot be pinned down precisely, Elliptic analysts based their calculations on an average of 20% as seen at other carding operations.

“If we assume an average total commission of 20% on sales,” Elliptic wrote, “then considering bitcoin alone they would have taken a total of at least 60,000 bitcoins.”

Or, to put it another way, around $2.1 billion (£1.5 billion) currently.

Which leaves the departing statement from the Joker with the irony volume turned up to eleven. After telling cyber-gangsters not to “lose themselves in the pursuit of money,” the Joker went on to declare that “all the money in the world will never make you happy and the “most truly valuable things in this life are free.”

That’s easy to say when you have so much cash, regardless of how you came by it.

Maybe the pandemic played a role in both the site closure decision and that display of sentiment. In October 2020, Joker disclosed to customers that he, or she, had been in hospital for a week after contracting Covid-19.

Whatever, Joker’s Stash is no more and that’s a good thing for the law-abiding majority. Unfortunately, the way of the dark web world is that another carding site will soon rise to take over as the crypto kingpin of this illicit trade. Although this particular cybercrime genre has dipped in terms of profitability over the last couple of years, there is still, sadly, plenty of money to be made. Maybe not as much as the Joker’s Stash, but more than enough to make a mockery of the old saying that crime doesn’t pay. Especially as it would seem, based on current intelligence at least, that the site wasn’t busted by law enforcement but closed of its own volition. The last laugh would seem to be with the Joker.

Follow me on Twitter or LinkedIn. Check out my website.

Davey Winder

Texas Hold Em Poker Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] about: Texas Hold Em Poker In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Kid Friendly Hotels In Las Vegas Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Hotels In Las Vegas In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]0

Who Played In The Movie Casino Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Played In The Movie Casino In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Industry Voice: ESG&D – Why digital ethics matter for the tech sector http://www.investmentweek.co.uk – Today[…] Online welfare cuts across so many industries, from online gambling to social media and video gaming, that it is one of the most crucial issues companies face i […]0

Online Casinos New 2020 Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Online Casinos New 2020 In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

New 2021 Jun Casinos Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] New 2021 Jun Casinos In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Net Worth Of Magic Johnson Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Net Worth Of Magic Johnson In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

ASA Reports Drop in Number of Gambling Ads Breaking Age Restrictions igamingradio.com – Today[…] Standards Authority (ASA) has reported a fall in the number of breaches of age restriction by online gambling ads […]0

Casino Rewards Members+ Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Casino Rewards Members+ In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Lotto Corp Most Reputable Online Casinos Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Reputable Online Casinos In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Online Casinos That Accept Mastercard Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] That Accept Mastercard In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Canadian Casino Bonus Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Canadian Casino Bonus In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Online Gambling Casinos That Are Giving Out Good Promos Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Information about: Online Gambling Casinos That Are Giving Out Good Promos In Canada, there is currently no law that makes it illega […] Are Giving Out Good Promos In Canada, there is currently no law that makes it illegal to operate an online gambling site […]0

Top Best Casino Online Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Top Best Casino Online In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

No-risk Matched Betting Canada Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Matched Betting Canada In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

How To Play Slots Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] about: How To Play Slots In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Casino App Real Money Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Casino App Real Money In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

What Can I Get Eith Caesars Good Casino Card Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Caesars Good Casino Card In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Casino Canada Fast Payout Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Casino Canada Fast Payout In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Real Money Casino Games Bufflalo Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Casino Games Bufflalo In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Free Slot Games Free Spins Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Free Slot Games Free Spins In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Big Fish Casino How To Win Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Big Fish Casino How To Win In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

New Casino Online Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] about: New Casino Online In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Roulette Strategy That Works Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Strategy That Works In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Good Fortune Casino Game Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Good Fortune Casino Game In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Is 888 Poker Legit Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] about: Is 888 Poker Legit In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Best Casinos Canada List Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Best Casinos Canada List In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Casino In Moncton Is Opening When Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] In Moncton Is Opening When In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]0

Popular Casino Sites Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Popular Casino Sites In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

How To Get Out Of Jury Duty Canada Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Out Of Jury Duty Canada In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Casino Paypal Canada Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Casino Paypal Canada In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Baccarat Casino Online Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Baccarat Casino Online In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Top Payout Casinos Online Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] Top Payout Casinos Online In Canada, there is currently no law that makes it illegal to operate an online gambling site […] to this, there is no current federal law prohibiting Canadian residents from taking part in online gambling at any Canada casino […]N/A

Help For Gambling Addiction Canada – Best Online Casinos Canada http://www.webandluxe.com – Today[…] If a player is willing to put in the time and research the best online gambling sites, then they could find a ton of information on websites such as Unlucky for Some and CaVemate […] For Gambling Addiction In Canada….

Take These Small Steps to Stop Cyber Attacks From Creating Big Problems for You

Cybersecurity

At a time when remote work and its increased security risks have become the norm, ongoing difficulty in safeguarding corporate networks suggests that the status quo isn’t working. That’s why IT security teams are moving from a passive to an active approach. The MITRE Corporation (a nonprofit that manages federally funded research and development centers) recently introduced its Shield framework, in which it clearly states that active defense is critical in overcoming today’s threats. Business leaders who know the latest strategies and recommendations place their companies in a strong position to remain secure.

The concept of active defense

Shield is an active defense knowledge base developed from over a decade of enemy engagement. With it, MITRE is trying to gather and organize what it has been learning with respect to active defense and adversary engagement. This information ranges from high-level, CISO-ready considerations of opportunities and objectives to more practitioner-focused conversations of the tactics, techniques and procedures defenders can use. This latest framework is aimed at encouraging discussion about active defense, how it can be used, and what security teams need to know.

Defining active defense

Active defense covers a swathe of activities, including engaging the adversary, basic cyber defensive capabilities and cyber deception. This entails the use of limited offensive action and counterattacks to prevent an adversary from taking digital territory or assets. Taken together, these activities enable IT teams to stop current attacks as well as get more insight into the perpertrator. Then they can prepare more fully for future attacks.

As MITRE notes, the modern security stack must include deception capabilities to truly deter and manage adversaries. In Shield’s new tactic and technique mapping, deception is prominent across eight active defense tactics—channel, collect, contain, detect, disrupt, facilitate, legitimize and test—along with 33 defensive techniques.

The truth about deception

Threat actors are targeting enterprise networks nonstop, anyone from nation-state attackers seeing proprietary information to more run-of-the-mill criminals looking to cause chaos and obtain some PII they can exploit. Analysts estimate that critical breaches of enterprise networks have increased by a factor of three to six, depending on the targets.

As leaders consider their security strategy, they need to not only understand what active defense means but also what deception actually is. A prevailing misconception is that deception is synonymous with honeypots, which have been around for a long time and are no longer effective. And to make them as realistic as possible requires a lot of management so that if attackers engage with a honeypot, they won’t be able to detect that it is not a real system and therefore know they’re in the middle of getting caught.

So, it’s time to clear up that notion. In truth, deception technology and honeypots are not synonymous. That’s how deception began, but it has evolved significantly since then. Today’s deception takes the breadcrumb/deceptive artifact approach that leads attackers on a false trail, which triggers alerts so that defenders can find and stop the attackers in real time. Only unauthorized users know the deceptions exist, as they don’t have any effect on everyday systems, so false positives are dramatically reduced. These aspects of deception technology add financial value to the IT security organization.

In addition, some organizations wrongly perceive that deception is too complex and yields comparatively little ROI. Security organizations could enjoy the benefit of using deception technology – which is lightweight and has a low cost of maintenance – but some are hesitant because they think it’s an overwhelming, complex approach that they won’t get enough value from. However, using technology assists like automation and AI, deception eliminates the complexity it has been previously known for.

Organizations tend to think of deception from a technology standpoint, but that’s wrong; it should be thought about from a use case standpoint. For instance, detection is a fundamental element of any security program. Everyone needs better detection capabilities – part and parcel of what today’s deception tools do.

A stronger defense

As cybercriminals’ tactics and tools continue to change, so must defenders’. An expanded threat landscape and new attack types make this job tougher than ever. Many organizations around the world were thrust into rapid digital transformation this year, which created security gaps for bad actors to exploit. The events of 2020 highlight the need for a better approach to securing critical assets. Active defense is part of that approach, as outlined in the MITRE Shield framework. Deception technology is an agile solution worthy of incorporation into an organization’s security strategy.

Source: https://www.entrepreneur.com/

Global Business

How To Go Global With Your Business

How a brand can prepare to go global and what they should consider before setting foot across the sea. Chris Porteous | 6 min read YouTube

Buy on YouTube? The platform is testing a sales tool

By clicking on the “super bag”, users will be redirected to a purchase page where the products, related videos and sale options will be located. Entrepreneur en Español | 1 min read Blue Origin

Jeff Bezos wants to send passengers into space in April: report

Blue Origin, the Amazon co-founder’s space exploration company, would take people into space on its New Shepard ship. Entrepreneur en Español | 1 min read How to Become a Millionaire

Survey: The Top 9 Books Recommended by Millionaires

So you want to be a millionaire? Start reading like one. Hayden Field | 1 min read Marketing

4 trends that will mark digital marketing in 2021

One of the biggest challenges advertisers and media will face in 2021 is being able to communicate with consumers and transact effectively in a cookie-free world. Entrepreneur en Español | 5 min read Success Stories

Mike Ling Came to America to Study Medicine. Now He Runs a Successful Fitness-Tech Company. It All Came Down to Passion.

The 43-year-old FitTime founder sheds light on how a plant-based diet, meditation and Jiu-Jitsu helped him become sturdier and more successful. Kenny Au | 6 min read News and Trends

Will I Get a Stimulus Check? What You Need to Know About the Second Round of Payments.

Here’s what you need to know about stimulus check payments. Megan Pratz | 6 min read News and Trends

Taco Bell Is Working With Beyond Meat to Create a New Plant-Based Protein

Another kind of not-meat is coming to Taco Bell this year. Igor Bonifacic | 2 min read News and Trends

Instacart Offers Employees $25 to Get COVID-19 Vaccine

Eligible workers won’t have to choose between earning income and getting vaccinated. Stephanie Mlot | 2 min read

Ben Lovegrove

How to protect yourself against cyber attacks during an age in which we all have to be educated and vigilant at home and at work. Download your copy of Roboform Password Manager for personal and business use: http://ow.ly/o1A530qhvNa In this video I describe some ways in which you can protect yourself and your assets against cyber attacks. It’s not an exaggeration to state that we are in the midst of an epidemic of cyber crime. Even if you take the reported cases at face value it’s bad enough but there are reasons to suspect that the actual situation is much worse because so much is not reported. The police are under resourced, investigations are complex, and consequently the criminals feel empowered to continue and to step up their attacks.

So the onus is on us as individuals and business to strengthen our defences and to mitigate the risks by taking the essential precautions. Some of these tips may seem obvious and yet it’s amazing how many people fail to act on this type of advice. 1: Use strong and unique passwords. Yes, I know, logging in (and clicking away the cookie notice) is a pain but it can be semi automated with a good password manager. I’ve used Roboform for years (see link below) and it includes a tool that will generate cryptic passwords containing a mix of numbers, symbols, and letters in upper and lower case. These are stored in an encrypted file which is synchronised across all my devices; PC, laptops, mobile phones. You should use long, unique, and cryptic passwords of 12 characters or more for everything that requires you to log in – not just your pension account or favourite shopping site, but also the broadband router on your home network – everything. If the log-in process includes the option to send a passcode to your mobile phone then enable it and use it. 2: Be aware of data breaches and react to them. Even with a strong password your details may be compromised if a company fails to protect their network and thieves hack in and steal data. If you see any such reports in the press check to see if you have an account with the company and if you do, change your passwords immediately. This won’t stop you details being sold on the Dark Web but it will prevent anyone from using your now compromised password. Meanwhile, remain vigilant for any calls, mails, or other signs that your identity is being used by a criminal. Continued in the video…

My recommended products on Amazon.com: https://www.amazon.com/shop/benlovegrove My recommended products on Amazon.co.uk: https://www.amazon.co.uk/shop/benlove… My YouTube Channel Information: Subscribe to my channel: https://goo.gl/FhzGmn My most recent upload: https://goo.gl/ujZ7ms My most popular upload: https://goo.gl/ThKf7y My Playlists: Flight Training, Private & Commercial Pilot: https://goo.gl/EuD7wt Learn To Fly, Get Your Pilot’s Licence: https://goo.gl/6Z6h6P General Aviation: https://goo.gl/p8MLZY Aviation Careers: https://goo.gl/bhZWXL Career Training & Business Tools: https://goo.gl/rh9P46 My Social Media Links: Twitter: https://twitter.com/BensBookmarks Instagram: https://www.instagram.com/ben_lovegro… Facebook: https://www.facebook.com/redspansolut… My Secrets Revealed: I create these videos using Vidnami: http://ow.ly/lu1e30qRlhC I optimise these videos using TubeBuddy: http://ow.ly/x7yH30qRlhU Contact me: Go to my channel homepage and click on the About tab to reveal my email address: https://wwww.youtube.com/c/benlovegrove Show your support: Sponsor more videos like this: https://www.patreon.com/redspan Consider leaving a tip: https://paypal.me/redspan Bespoke videos made for you: https://goo.gl/22u4R6 Acknowledgements: This presentation contains images that were used under a Creative Commons License. Click here to see the full list of images & attributions: https://app.contentsamurai.com/cc/734825 This presentation may also include video clips licensed under the Creative Commons Zero (CC0) license and/or video clips of our own.

This Simple WhatsApp Hack Will Hijack Your Account: Here’s What You Must Do Now

Cybersecurity, Security Apps, Telegram/Whatsapp News, Whatsapp Marketing

Our use of messaging applications has soared through isolation and the information overload that has accompanied the coronavirus pandemic. And no platform has seen a greater surge in messaging than market leader WhatsApp—usage is up more than 40% across the world, and in some markets even more than that.

It is now clear that the unprecedented public health emergency we are living through has also seen a surge in cyber crime. Every imaginable scam, from phishing to malware, and from delivery hijacks to counterfeits, has grown exponentially in recent weeks. It’s a trend that shows no signs of abating.

And so it comes as little surprise that an alarming WhatsApp hack that has been going around for a year is now back and experiencing a new surge. The bad news is that this is stupidly simple for a cyber criminal to execute, and it seems people fall for it in their droves. The good news is that the fix is guaranteed and will take you less than two minutes. I set out how that works below—you need to do it now. Recommended For You-

But, first, let’s look at how this hack works. It’s very simple. When you install WhatsApp on a new phone, the platform asks for the phone number of the account, which you enter, and then it sends an SMS one-time code to that number. That proves you have the number in your possession. Once you enter the right code, the phone starts to receive WhatsApp messages for that account.

With this hack, the attacker uses an already hijacked account to contact a victim’s friends. This doesn’t have to be a WhatsApp account—Facebook would do fine. In their message, the attacker tells the victim’s friend they are having issues receiving a six-digit code, and so had it sent to their friend instead—please send it back. That six-digit code is the WhatsApp verification code for the new victim—by sending it to their friend they are really sending it to the attacker.

PROMOTED Jumio BrandVoice | Paid Program Why Digital Onboarding And EKYC Are Key To The Insurance Sector’s Success Teradata BV BrandVoice | Paid Program After Covid, Is The Transport And Logistics Industry An Open Goal For Dominance By Data Giants? Grads of Life BrandVoice | Paid Program Creating A Culture Of Inclusivity: A Spotlight On Atlassian & Genesys Works

Once done, their own WhatsApp is hijacked. It is as simple as that.

The usual intent of the attack is to use a hijacked WhatsApp account to ask for money, to claim an emergency or an account lock-up, and to ask friends to help out. With WhatsApp, there is no risk that backed up messages can be hijacked, but the attacker will see the groups you are in and the new messages you receive. It is a crude attack, but it has proven exceptionally effective. This is social engineering at its best—we are coded to trust and help out our friends.

The most obvious advice is NEVER to send a six-digit SMS to anyone for any reason. There have been other attacks covering other platforms using the same method. When a code is sent to your phone it relates to your phone. But there is a fix here that will protect your WhatsApp, even if the SMS code was sent onward. This fix will ensure you can’t fall victim to this crime.

The code sent by SMS when you set up your WhatsApp account on a new phone comes directly from WhatsApp itself. The platform sets the code and sends it to you. But there is a totally separate setting in your own WhatsApp application that allows you to set your own six-digit PIN number. There is some confusion because these are both six-digit numbers—but they are entirely separate.

Most people have still not set up this PIN number—the “Two-Step Verification” setting can be accessed under the Settings-Account from within the app. It takes less than a minute to set up. The PIN is for you to select, and even has the option of a backup email address. WhatsApp will ask you for the PIN when you change phones and also every so often when you’re using the app, that’s how secure it is.

As WhatsApp explains, “when you have two-step verification enabled, any attempt to verify your phone number on WhatsApp must be accompanied by the six-digit PIN that you created using this feature.” In other words, the hack will not work.

I first covered this hack back in January, and was amazed at how many people did not use this basic security feature—I suggested to WhatsApp that it needs to be better advertised and I retain that view. WhatsApp is secure and encrypted, but there is no way for the platform to protect users who don’t secure their own app.

In the meantime, if you have been the victim of this hack, reinstall WhatsApp and ask for a fresh activation code. That will reset the app on your phone. It may take some time to work. I have received reports of users not being able to easily restore a hijacked account, although it is just a matter of time. Once you do restore your account, set up a PIN right away. That way, you will not be caught twice. Follow me on Twitter or LinkedIn.

Zak Doffman

I am the Founder/CEO of Digital Barriers—developing advanced surveillance solutions for defence, national security and counter-terrorism. I write about the intersection of geopolitics and cybersecurity, and analyze breaking security and surveillance stories. Contact me at zakd@me.com.

ShareIT

How to know if my WhatsApp account has been hacked How To Know If My WhatsApp Is Hacked android iphone ios What To Do If Your Whatsapp Account Gets Hacked How to secure your WhatsApp from getting hacked android iphone ios samsung xiaomi lenovo vivo opposé moto micromax nokia Apple Honor HTC Index LYF ASUS LG LAVA Karbonn Yu Motorola Blackberry XOLO Huawei google Please Subscribe my Channel : https://www.youtube.com/channel/UC2QX… More related Videos https://www.youtube.com/watch?v=AKCb5… How To Read Deleted Whatsapp Messages Without Any Other App 2019 https://www.youtube.com/watch?v=zfVQQ… How to read Whatsapp Deleted Messages 2019 https://www.youtube.com/watch?v=DYAlU…

Entrepreneurs Beware: Remote Work Can be Fertile Ground for Cybercriminals

Covid19, Cybersecurity, Web Security Tools

When the coronavirus wave took over the world and governments imposed lockdown and stay-at-home rules, entrepreneurs wondered how they were going to keep afloat. Everyone was trying to make sense of what was happening. Big tech companies took the lead when they permitted some of their employees to work remotely. Other businesses had no choice but to test this model of working. It was not a matter of choice. It was a necessity. The mantra was to save lives and businesses.

Somewhere in the shadows, I bet hackers were smiling. Christmas had come early for them. And we were only in the first quarter of the year. From my experience, I knew that the “cyber-crime business” was going to score big. Businesses were opening themselves to potential attacks. They still are.

Across the Atlantic, for example, more than half of the American workforce is working from home. This presents a huge opportunity for hackers to hit the jackpot. A recent IBM survey shows that the odds are stacked in favor of cyber-criminals. Eighty-three percent of employees pushed to work-from-home were not provided with a remote work model before the pandemic. More than 50 percent of the respondents said they were not updated on new security policies on how to securely work remotely. More than half are using their own devices and 61 percent pointed out that they have not been equipped with proper tools to secure those devices.

Weak links in the chain.

As an entrepreneur, I know that my fight is not just keeping my business going. But also keeping it secure. Any organization is as strong as its weakest link. Which could be remote workers.

On July 11, Caasha, a U.K.-based crypto-friendly bank, lost 336 bitcoins (BTC) worth $3.1 million at the time in a hack. Caasha founder and CEO Kumar Gaurav told Cointelegraph that hackers exploited the personal computer of an employee. Criminals gained access to the company’s funds through an employee who used a private device. One can argue that this was an inside job. But it could have been prevented had the employee used the designated company computer. Hackers used several techniques such as phishing and viruses in the breach, according to Gaurav.

Social media giant Twitter was embarrassed by a coordinated social engineering attack in which hackers colluded with employees to gain internal controls. The perpetrators hijacked high-profile accounts and used them to engage in a bitcoin scam that netted $120,000 in bitcoins. Employees may have handed over information that enabled hackers to breach security protocols. This hack shows how internal employees can be a threat to a company. Remote workers have a higher risk of giving away the company’s security information, whether voluntarily or otherwise.

Another similar kind of attack involves the impersonation of tools and brands used for online work. Cybercriminals have been targeting Google-branded tools and domains to engineer attacks. Domains such as drive.google.com were targeted by criminals to try and trick remote workers into sharing login credentials. Sites such as onedrive.live.com were also used by criminals in attacking remote workers.

Face-to-face meetings are gone, or at least, kept to a minimum. Digital tools are used for communication, holding meetings, and tracking productivity. They are at the center of remote working. However, they also pose a security threat that criminals can exploit. The cybersecurity firm TrendMicro uncovered a campaign where cybercriminals tricked users into installing RevCode WebMonitor RAT, a software program that remotely controls computers.

Users downloaded Zoom software infected with the malicious code. Users unknowingly installed both Zoom and the remote access tool. The attackers got a back door to monitor all the activities of their victims. For companies, this means that hackers can easily have access to your passwords and sensitive information.

Entrepreneurs need to prioritize security.

There is a need for entrepreneurs and businesses of all sizes to take security seriously. It all starts with companies taking the initiative of teaching their employees to observe security protocols put in place. We all know that prevention is better than a cure.

Businesses should have cybersecurity experts to teach employees how to safeguard company data. The security teams can also check regularly to see if the company data and systems are not compromised. With a lot of incoming and outgoing emails, remote workers need to avoid phishing emails. Another issue to take note of is the management of incoming and outgoing employees.

When an employee leaves your company, change their login details so that they don’t have access to your systems. They might give the login credentials to nefarious people who will harm your business. Or the former employees may hurt your company by stealing your information. The security of your business matters. Know the risks and take the necessary steps to mitigate them.

By: Michael Jurgen Garbade Entrepreneur Leadership Network VIP

Kroll, a Division of Duff & Phelps

This 30-min webinar covers: • The most common and overlooked cyber risks associated with working remotely • Key steps to protect your organization and raise employees’ cyber awareness • Legal ramifications associated with working from home cyber risk • Insurance – am I covered? • How to plan for the return to the office environment For more tips, visit: https://www.kroll.com/en/insights/pub… For more information about our Cyber Risk Services, visit: https://www.kroll.com/en/services/cyb…

Windows 10 Users Beware New Hacker Attack Confirmed By Google, Microsoft

Computer Tech, Crypto Hack/Files, Cybersecurity, Hacking Sollutions, Security Apps, Web Security Tools, Windows/Program

As Microsoft confirms a Google-disclosed and unpatched zero-day vulnerability is being targeted by attackers right now, here’s what you need to know.

Microsoft has confirmed that an unpatched ‘zero-day’ vulnerability in the Windows operating system, affecting every version from Windows 7 through to Windows 10, is being actively targeted. Microsoft was first informed of the vulnerability by Google’s Project Zero team, a dedicated unit comprised of leading vulnerability hunters, which tracks down these so-called zero-day security bugs.

Because Project Zero had identified that the security problem was being actively exploited in the wild by attackers, it gave Microsoft a deadline of just seven days to fix it before disclosure. Microsoft failed to issue a security patch within that hugely restrictive timeframe, and Google went ahead and published details of the zero-day vulnerability, which is tracked as CVE-2020-17087.

The bug itself sits within the Windows Kernel Cryptography Driver, known as cng.sys, and could allow an attacker to escalate the privileges they have when accessing a Windows machine. The full technical detail can be found within the Google Project Zero disclosure, but slightly more simply put, it’s a memory buffer-overflow problem that could give an attacker admin-level control of the targeted Windows computer. Recommended For You

While attackers are known to be actively targeting Windows systems right now, that doesn’t mean your system is going down. Firstly, I should point out that, according to a confirmation from Shane Huntley, director of Google’s Threat Analysis Group, the attackers spotted exploiting the vulnerability are not targeting any U.S. election-related systems at this point. That’s good news, and there’s more.

While Microsoft has confirmed that the reported attack is real, it also suggests that it is limited in scope being targeted in nature. This is not, at least as of yet, a widespread broad-sweep exploit. Microsoft says that it has no evidence of any indication of widespread exploits.

PROMOTED Civic Nation BrandVoice | Paid Program Election Day On College Campuses: Not A Day Off, A Day On MORE FROM FORBESNew Windows 10 Remote Hacking Threat Confirmed-Homeland Security Says Update NowBy Davey Winder

Then there’s the attack itself which requires two vulnerabilities to be chained together for a successful exploit to happen. One of them has already been patched. That was a browser-based vulnerability, CVE-2020-15999, in Chrome browsers, including Microsoft Edge. As long as your browser is up to date, you are protected. Microsoft Edge was updated on October 22 while Google Chrome was updated on October 20.

There are no known other attack chains for the Windows vulnerability at this point. Which doesn’t mean your machine is 100% safe, as an attacker with access to an already compromised system could still exploit it. However, it does mean there’s no need to hit the panic button, truth be told. Microsoft has also confirmed that the vulnerability cannot be exploited to affect cryptographic functionality.

I reached out to Microsoft, and a spokesperson told me that “Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers.”

As for that seven-day disclosure deadline from the Google Project Zero team, the Microsoft spokesperson said that “while we work to meet all researchers’ deadlines for disclosures, including short-term deadlines like in this scenario, developing a security update is a balance between timeliness and quality, and our ultimate goal is to help ensure maximum customer protection with minimal customer disruption.”

Although Microsoft has not commented on the likely timing of a security patch to prevent exploitation of this Windows vulnerability, the Project Zero technical lead, Ben Hawkes, has tweeted that it is expected as part of the Patch Tuesday updates on November 10.

How big a threat is this to your average Windows user? That remains to be seen, but currently I’d classify it as a be aware but don’t panic situation. Hang-fire, ensure your web browsers are bang up to date, and you should be fine. There are far more significant risks to your data than this zero-day attack, in my never humble opinion. Risks such as phishing in all forms, password reuse, lack of two-factor authentication and software that isn’t kept up to date with security patches.

Davey Winder

Business News

As Microsoft confirms a Google-disclosed and unpatched zero-day vulnerability is being targeted by attackers right now, here’s what you need to know. Microsoft has confirmed that an unpatched ‘zero-day’ vulnerability in the Windows operating system, affecting every version from Windows 7 through to Windows 10, is being actively targeted. Microsoft was first informed of the vulnerability by Google’s Project Zero team, a dedicated unit comprised of leading vulnerability hunters, which tracks down these so-called zero-day security bugs. Because Project Zero had identified that the security problem was being actively exploited in the wild by attackers, it gave Microsoft a deadline of just seven days to fix it before disclosure.

Connect with CNBC News Online Get the latest news: http://www.cnbc.com/ Find CNBC News on Facebook: http://cnb.cx/LikeCNBC Follow CNBC News on Twitter: http://cnb.cx/FollowCNBC Follow CNBC News on Google+: http://cnb.cx/PlusCNBC Follow CNBC News on Instagram: http://cnb.cx/InstagramCNBC

#vulnerability #newsupdate #newstodayheadlines #newsworldnow #newstodaybbc #newstodayoncnn #newstodayusa

A Business Leader’s beginner Guide to Cybersecurity

Cybersecurity, Security Apps, Web Security Tools

According to Statista, there are about 4.57 billion active internet users globally as of July 2020. This number is great for businesses, especially those that are powered by the digital economy.

As businesses continue to embrace the tech age as well as the opportunities that come with it, the presence of cybercriminals is increasing, too. The activities of these criminals cannot be ignored, as they are capable of crashing any business. Business leaders who wish to remain in business must pay better attention to cybersecurity.

Whilst there is no definitive solution to what is seen as the biggest threat to modern businesses – cybercrime — business owners like you can take advantage of available cybersecurity solutions and knowledge to protect your business and its digital assets. Below are three things to help you get started:

1. Get everyone involved

The days when cybersecurity was seen as just the job for the IT team are over. Business leaders all over the world are realizing this and you need to do the same.

In a Harvard Business Review, cybersecurity experts Thomas J. Parenty and Jack J. Domet insist that no amount of technology, resources, or policies will reverse the trend that has seen cybercrimes rise. “Only sound governance, originating with the board, can turn the tide. Protection against cyberattacks can’t be treated as a problem solely belonging to an IT or cybersecurity department. It needs to cast a wide and impenetrable net that covers everything an organization does–from its business operations, models, and strategies to its products and intellectual property.”

A cyberattack can occur when an innocent employee clicks a malicious link from a device belonging to the business. The drill has to affect the least person associated with the business. There is a real threat out there, your business and her assets are at stake. Everyone in your business needs to understand this as much as you do.

2. Develop a policy on cybersecurity

Preaching about the importance of cybersecurity alone may not get the job done, a policy that spells out your business’ protocols with regards to cybersecurity is necessary. A cybersecurity policy sets the standards of behavior for activities such as the encryption of email attachments and restrictions on the use of social media.

Non-IT employees are usually the weakest links in cybersecurity efforts. These employees typically share passwords, click on links, download attachments, with little knowledge about encrypting data. All of these open the door to cyberattacks and can comprise the security of your business.

Setting up a policy on cybersecurity would help your employees and third parties with access to your digital assets understand how to keep your data secured and safe from the prying eyes of cybercriminals. You must take responsibility for creating a culture that prioritizes security; this would enhance the credibility status of your business.

According to FCC, adhering to the following tips would help to ensure the security of your business and her digital assets:

Protect information, computers, and networks from cyber attacks
Create a mobile device action plan
Make backup copies of essential business data and information.
Control physical access to your computers and create user accounts for each employee
Secure your Wi-Fi networks
Employ best practices on payment cards
Limit employee access to data and information, limit authority to install software
Passwords and authentication

Setting up a policy on cybersecurity for your business might seem like another tedious task or process to execute, but the benefits outweigh the cost: do it now!

3. Get a trusted Virtual Private Network (VPN)

The risks of going online are enormous. The reality is this: if you are not online then cybercriminals stand no chance with you. A Virtual Private Network (VPN) is a tool that allows you to interact with the internet anonymously, thereby drastically reducing your exposure to cybercrimes.

With leading VPN providers like Express VPN, Nord VPN, and Switcherry offering unlimited speed, unlimited Bandwith, and free servers in the US help individuals and businesses tackle the prevalent cyber threats and keep their digital assets free from prying eyes by providing a secure connection from all types of tracking.

Cybersecurity is necessary for the survival of your business in the world of today. Get started on your journey to cybersecurity with the vital tips shared in this post.

By: James Jorner / Entrepreneur Leadership Network Contributor

Join our community and stay up to date with computer science ******************** Join our FB Group: https://www.facebook.com/groups/cslesson Like our FB Page: https://www.facebook.com/cslesson/ Website: https://cslesson.org Table of Contents: Why cyber Security (0:00) Cyber Security Terminology (6:33) Demystifying Computers (19:40) Demystifying Internet (40:00) Passwords and Hash Function (01:15:40) Common Password Threat (01:30:30) Creating strong password How email works (02:14:22) Email Security Types of Malware (02:40:00) Functions of Malware Sources of Malware Layers of defense against malware How web browsing works Safely navigating the web Online Shopping Wireless Network basics Wireless internet security threats Public wireless network administering wireless network Social media and privacy Reading URLs

1. What’s Didi?

2. What is this investigation about?

3. Are there any hints?

4. Is it just Didi?

5. Was this out of the blue?

6. Why does Didi matter?

7. How’s the company doing?

8. What happens now?

The Reference Shelf

References

Share this:

Like this:

1- Downgrading it

“We have bigger fishes to fry…”

2- Seeing it as an IT problem

“IT is dealing with this…”

3- Throwing money at it

“How much do we need to spend to get this fixed?”

See also

Share this:

Like this:

References

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

The concept of active defense

Defining active defense

The truth about deception

A stronger defense

Share this:

Like this:

Share this:

Like this:

Weak links in the chain.

Entrepreneurs need to prioritize security.

Share this:

Like this:

Share this:

Like this:

1. Get everyone involved

2. Develop a policy on cybersecurity

3. Get a trusted Virtual Private Network (VPN)

Share this:

Like this: