Jeff Stone – Page 2 – WindowsTechs.com

Burnout adds to cyber talent crisis, forcing bosses to get creative with hiring

Posted on October 19, 2021 by Jeff Stone

Outdated hiring practices in the cybersecurity sector aren’t as easy to ignore as they once were. While organizations have sought to fill security-related roles — there are nearly 900,000 open positions in the U.S. alone, by one 2020 count — existing professionals have spent nearly two years adjusting to widespread remote work, fending off hackers while balancing family responsibilities amid a pandemic that killed more than 700,000 Americans. Meanwhile, attackers have tightened their focus on critical infrastructure in the U.S., extorting hospitals and schools at a rate that leads to feelings of exhaustion more often than hope. The situation is forcing organizations to re-examine their recruiting strategies in a way that aims to expand the talent pool and support existing employees, according to Mari Galloway, CEO and founding board member of Women’s Society of CyberJutsu, a nonprofit dedicated to building awareness about career opportunities “I have burnout moments probably every […]

The post Burnout adds to cyber talent crisis, forcing bosses to get creative with hiring appeared first on CyberScoop.

Continue reading Burnout adds to cyber talent crisis, forcing bosses to get creative with hiring→

Announcing the 2021 CyberScoop 50 awards winners

Posted on October 18, 2021 by Jeff Stone

Scoop News Group is thrilled to announce the winners of the 2021 CyberScoop 50 awards. Voters nominated and selected the most impactful leaders in government and the private sector who spend their time detecting foreign espionage, stopping ransomware attacks and safeguarded data. Scoop News Group received more than 700,000 votes across the eight categories in 2021. The past year saw a flurry of malicious activity, innovation and changes that highlighted the way technology undergirds Americans’ daily lives. From changes throughout the federal government to an apparent increase in hacks against medical facilities during the COVID-19 pandemic, security personnel have played a stabilizing role during uncertain times. The CyberScoop 50 award winners represent a group of brilliant leaders, innovative decision-makers and tireless workers dedicated to public service, workforce equity and boosting digital resilience. The winners, alphabetically by each category, are: Big Thinker of the Year • Jen Easterly, Director, Cybersecurity and […]

The post Announcing the 2021 CyberScoop 50 awards winners appeared first on CyberScoop.

Continue reading Announcing the 2021 CyberScoop 50 awards winners→

Ransomware demands are up more than 500%, the latest concern for insurers

Posted on October 15, 2021 by Jeff Stone

Ransomware attacks aren’t just becoming more frequent, they’re getting more expensive. Scammers demanded an average payment of $5.3 million from hacking victims through the first six months of 2021, though extortion victims paid a median fee in the hundreds of thousands of dollars, according to a new report from the insurer Allianz. The $5.3 million average represents a 518% increase from the 2020 figure, driven in part by demands to pay up to $50 million after a data breach. The highest demand last year was for $30 million, according to the latest report, which did not identify affected organizations by name. Victims paid an average of $570,000 during the first six months, compared to $312,000 in 2020, Palo Alto Networks said. The figures, published Thursday by Allianz, represent the latest glimpse into how ransomware attacks are becoming exponentially more expensive as victim organizations look to insurance providers to cover the […]

The post Ransomware demands are up more than 500%, the latest concern for insurers appeared first on CyberScoop.

Continue reading Ransomware demands are up more than 500%, the latest concern for insurers→

State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials

Posted on October 14, 2021 by Jeff Stone

Suspected government-backed hackers from Iran have used an array of techniques, from password theft to uploading a fake app to a prominent app marketplace, to try gathering intelligence from targets over the past year, Google said in a bulletin published Thursday. The espionage group APT35, also known as Charming Kitten, last year successfully uploaded to Google’s Play Store an app that masqueraded as a virtual private network service, claiming the tool would safeguard user data. In fact, the apparent VPN program functioned as spyware, collecting call logs, text messages, contacts and location data from affected devices. Google said in an Oct. 14 update that it detected the program “quickly” and removed it before any downloads occurred. The surveillance app marks an update to existing APT 35 tactics. The group is best known for reportedly targeting email accounts associated with former President Donald Trump’s election campaign in 2020 and espionage around […]

The post State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials appeared first on CyberScoop.

Continue reading State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials→

Peanut butter and ProtonMail: US charges underscore evolution of espionage in digital age

Posted on October 11, 2021 by Jeff Stone

It’s an espionage case so outlandish that the renowned espionage writer John le Carré would have rejected the idea as too difficult to believe. The U.S. Department of Justice on Saturday unsealed charges against a Navy engineer who allegedly tried passing classified information about nuclear submarines in exchange for a payment. The engineer is accused of working with his wife to transmit military secrets to a removable memory card, hiding the device in a peanut butter sandwich and then passing it to an individual they believed was an agent for an unnamed foreign government. In fact, the agent worked for the FBI. The complaint against the couple, Jonathan and Diana Toebbe, reads like a modern day spy thriller, complete with details about protected national secrets, cryptocurrency and the use of encrypted email in an attempt to secure sensitive communications. Like the Russian government’s weaponization of social media to influence American […]

The post Peanut butter and ProtonMail: US charges underscore evolution of espionage in digital age appeared first on CyberScoop.

Continue reading Peanut butter and ProtonMail: US charges underscore evolution of espionage in digital age→

Former TD Bank, Bank of America employee allegedly helped email scammers launder money

Posted on October 8, 2021 by Jeff Stone

An accused money launderer allegedly used his position as an employee at Bank of America and TD Bank to aid an email fraud scheme that scammed five businesses out of more than $1 million. The U.S. Department of Justice announced Thursday that a grand jury had returned an indictment against three men — Onyewuchi Ibeh, Jason Joyner and Mouaaz Elkhebri — charging them with money laundering and aggravated identity theft. The defendants allegedly operated a business email compromise scheme, in which thieves pose as a business or associate in an email then ask a victim to wire up to hundreds of thousands of dollars at a time. Elkhebri, a 30-year-old resident of Alexandria, Va., used inside access at Bank of America (where he worked as a personal banker and relationship manager from 2015 through 2017) and then TD Bank (where he worked from 2017 through 2018) to open multiple accounts […]

The post Former TD Bank, Bank of America employee allegedly helped email scammers launder money appeared first on CyberScoop.

Continue reading Former TD Bank, Bank of America employee allegedly helped email scammers launder money→

A rising tide lifts all boats in maritime cybersecurity

Posted on October 8, 2021 by Jeff Stone

This past March, the world watched as the container ship Ever Given clumsily blocked a major artery in the global supply chain – leading to a six-day blockage of the world’s most important shipping corridor, the Suez Canal. The disruption held up an estimated $9 billion of trade per day. Today, the Port of Los Angeles and the Port of Long Beach are experiencing disruptions leading to a record number of ships waiting off the coast of California. These disruptions have permeated throughout the supply chains for goods that Americans rely on from computers and chips to cars and clothing. The lesson is clear: The maritime industry is full of chokepoints which, if manipulated, can cause cascading economic impacts that affect Americans. While these recent disruptions were not caused by hacks or bad actors in cyberspace, they demonstrate the vulnerable chokepoints in the global marketplace. We aren’t dealing in hypotheticals, either – […]

The post A rising tide lifts all boats in maritime cybersecurity appeared first on CyberScoop.

Continue reading A rising tide lifts all boats in maritime cybersecurity→

Stolen Twitch source code, creator payment data revealed in apparent data leak

Posted on October 6, 2021 by Jeff Stone

Source code underpinning the live streaming service Twitch has reportedly leaked, exposing information about some company plans and payment data from popular accounts on the service. Twitch, a subsidiary of Amazon, is a popular service that broadcasts esports, live music and other events to audiences that have numbered millions at a time. An anonymous user of the message board 4chan — home to hackers and trolls alike — posted a 125-gigabyte torrent file that they allege includes all of Twitch’s code, including information about internal security tools, three years of payment history to Twitch “creators” and data related to proprietary software. The poster hinted that more details would be forthcoming, with the stated goal of “foster[ing] more user disruption and competition in the online video streaming space,” as the Video Game Chronicle first reported on Wednesday. Twitch did not immediately respond to a request for comment. Twitch streamers earn revenue […]

The post Stolen Twitch source code, creator payment data revealed in apparent data leak appeared first on CyberScoop.

Continue reading Stolen Twitch source code, creator payment data revealed in apparent data leak→

Facebook blames networking issues, not a cyberattack, for long downtime

Posted on October 5, 2021 by Jeff Stone

Facebook, Instagram and WhatsApp largely returned to the internet late Monday following a six hour-long outage that outsiders suggested, without evidence, was the result of a cyberattack. In an Oct. 4 statement, the company apologized for the long downtime, blaming the matter on networking issues. Configuration changes “on the backbone routers that coordinate network traffic between our data centers” interrupted communication, Facebook said, causing a “cascading effect” that disrupted the flow of communication. The same issue also halted Facebook’s internal systems, further delaying the recovery process. Independent security experts suggested from the beginning that the company’s Domain Name System, the technological protocol by which connected devices locate one another on the internet, was somehow to blame. “We want to make clear at this time we believe the root cause of this outage was a faulty configuration change,” Santosh Janarhan, vice president of Facebook Infrastructure, said in a statement. “We also […]

The post Facebook blames networking issues, not a cyberattack, for long downtime appeared first on CyberScoop.

Continue reading Facebook blames networking issues, not a cyberattack, for long downtime→

Neiman Marcus alerts 4.6 million customers about May 2020 data breach

Posted on October 1, 2021 by Jeff Stone

Retailer Neiman Marcus is notifying some 4.6 million customers that their information was compromised in a May 2020 data breach, the company said. The Dallas-based chain announced Thursday that hackers accessed user names and passwords, as well as security questions and answers associated with consumer accounts. The luxury fashion chain, one of the largest in the U.S., forced password changes for customers who did not reset their credentials following the incident, and is working with the security firm Mandiant to investigate the matter. Unidentified intruders accessed roughly 3.1 million payment cards and virtual gift cards, the company said, adding that 85% of those numbers are invalid or have expired. There is no evidence that accounts at Neiman Marcus-owned Bergdorf Goodman or Horchow were affected in the matter, the company said in a statement. Word of the breach arrives as Neiman Marcus, like other brick-and-mortar retailers, tries to recover from a […]

The post Neiman Marcus alerts 4.6 million customers about May 2020 data breach appeared first on CyberScoop.

Continue reading Neiman Marcus alerts 4.6 million customers about May 2020 data breach→