Michelai Graham – WindowsTechs.com

Companies are stopping more cyberattacks, but have room to improve defenses, survey shows

Posted on April 16, 2018 by Michelai Graham

Big companies might experience more cyberattacks now than they did a year ago, but they are becoming more successful at blocking them, according to a new survey by global consultancy Accenture. The survey found that 87 percent of focused cyberattacks are prevented, compared to 70 percent reported in a similar study a year ago, but the success rate could go even higher, Accenture said. Less than half of the surveyed companies are using technologies like artificial intelligence, machine learning and automation in the fight, the survey found. “Only one in eight focused cyberattacks are getting through versus one in three last year, indicating that organizations are doing a better job of preventing data from being hacked, stolen or leaked,” Kelly Bissell, managing director of Accenture Security, said in a press release Monday. “While the findings of this study demonstrate that organizations are performing better at mitigating the impact of cyberattacks, they still have more work to […]

The post Companies are stopping more cyberattacks, but have room to improve defenses, survey shows appeared first on Cyberscoop.

Continue reading Companies are stopping more cyberattacks, but have room to improve defenses, survey shows→

Democratic lawmakers push Paul Ryan for info on election hacks

Posted on April 10, 2018 by Michelai Graham

Top Democratic lawmakers from six House committees are calling on House Speaker Rep. Paul Ryan to compel the Trump administration to produce all information regarding Russian cyberattacks against the U.S. prior to and during the 2016 presidential election. The highest ranking Democrats on the Committees on Oversight and Government Reform, Judiciary, Intelligence, House Administration, Homeland Security, and Foreign Affairs wrote a letter to Ryan, R-Wisc., asking for documents about the Russian attacks that various lawmakers have been after for months. “We have been trying to work through the committee process, but we have faced two obstacles: the Trump administration is refusing to provide the documents we requested, and Republicans appear to have no interest in compelling the Trump administration to produce them,” the ranking members wrote in the letter. “Our goal is to obtain the documents collected and prepared by our federal agencies about these Russian attacks in order to […]

The post Democratic lawmakers push Paul Ryan for info on election hacks appeared first on Cyberscoop.

Continue reading Democratic lawmakers push Paul Ryan for info on election hacks→

Report: cybercriminals exploited PowerPoint a lot in 2017 to steal money, information

Posted on March 27, 2018 by Michelai Graham

Cybercriminals exploited a well-known Microsoft Office vulnerability (CVE-2017-0199) the most in 2017, according to new research. The hackers usually used this flaw to spread banking trojans and ransomware, experts say. Recorded Future released a report Tuesday detailing the top 10 vulnerabilities used by cybercriminals in 2017. Microsoft products made up seven of the 10 vulnerabilities that were exploited the most. In previous years, Adobe Flash exploits instead topped the list. Private sector cybersecurity researchers originally became aware of the Microsoft Office-related vulnerability around April 2017. The damage was often caused by hackers sending out infected PowerPoint shows though spearphishing emails. PowerPoint is a software program within Microsoft Office. “Attackers are using the PowerPoint Show (PPSX) format — a slide presentation that starts showing automatically — in order to reduce the chances that the victim sees anything amiss with the slides,” Mark Nunnikhoven, vice president of cloud security at Trend Micro, told DarkReading last year. In many […]

The post Report: cybercriminals exploited PowerPoint a lot in 2017 to steal money, information appeared first on Cyberscoop.

Continue reading Report: cybercriminals exploited PowerPoint a lot in 2017 to steal money, information→

GAO dings DHS for failing to share info on cybersecurity workforce efforts

Posted on March 9, 2018 by Michelai Graham

Among the many things the Department of Homeland Security is required to report on from time to time is its cybersecurity workforce challenges. Yet, according to the Government Accountability Office, it has failed to do so in a timely manner. GAO says DHS did not complete efforts to identify and assign codes to all its cybersecurity positions. In August 2017, DHS reported to Congress that it had coded 95 percent of the department’s cybersecurity positions but in fact, it was discovered that the department only coded 79 percent of the cybersecurity positions, the report states. GAO is not denying that DHS has taken some steps to identify the gaps but in a new the report, the office is calling out DHS for falling short on reporting these cybersecurity efforts regularly. These specialized codes help define roles and tasks for specific cybersecurity areas. The codes have not been fully assigned since September […]

The post GAO dings DHS for failing to share info on cybersecurity workforce efforts appeared first on Cyberscoop.

Continue reading GAO dings DHS for failing to share info on cybersecurity workforce efforts→

Nuance Communications says NotPetya attack has cost it $98 million since June

Posted on March 1, 2018 by Michelai Graham

Another U.S. software company has disclosed its losses due to the infamous NotPetya cyberattack. Nuance Communications — a U.S. computer software company that provides applications for speech and imaging to financial and healthcare companies — is claiming that the June 2017 attack cost the company $98 million in lost revenue. Nuance also said that its expecting more losses from the cyberattack this year. The Burlington, Massachusetts-based company disclosed information about its losses in a 10-Q filing with the Securities and Exchange Commission (SEC). In the filing, the company says the attack mainly affected healthcare companies using its software for transcription services and order processing. The company expects to lose more revenue this year when it enhances and upgrades its cybersecurity software, while still providing additional resources to its health companies. “For fiscal year 2017, we estimate that we lost approximately $68.0 million in revenues, primarily in our Healthcare segment, due to the service disruption […]

The post Nuance Communications says NotPetya attack has cost it $98 million since June appeared first on Cyberscoop.

Continue reading Nuance Communications says NotPetya attack has cost it $98 million since June→

Nuance Communications says NotPetya attack has cost it $98 million since June

Posted on March 1, 2018 by Michelai Graham

The post Nuance Communications says NotPetya attack has cost it $98 million since June appeared first on Cyberscoop.

Continue reading Nuance Communications says NotPetya attack has cost it $98 million since June→

Case against alleged hoarder of NSA documents gets tougher for federal prosecutors

Posted on February 26, 2018 by Michelai Graham

Prosecutors may be facing an uphill battle in their case against a former NSA contractor who was hoarding classified information in his Maryland home. A federal judge questioned the prosecution and defense in an ongoing case regarding Harold Martin, a former Navy officer turned defense contractor who was indicted for stealing and hoarding secret documents that outline U.S. hacking operations. Martin worked in a supporting role for multiple intelligence agencies — including the NSA and the Office of the Director of National Intelligence — during his employment at several different federal consulting firms. Marvin Garbis, a U.S. District Court judge based in Baltimore, is openly challenging the degree of proof that the prosecution must obtain to prove Martin’s guilt. A key question is whether the government must prove that Martin knew he had possession of specific classified federal documents or if he could be prosecuted using the Espionage Act of […]

The post Case against alleged hoarder of NSA documents gets tougher for federal prosecutors appeared first on Cyberscoop.

Continue reading Case against alleged hoarder of NSA documents gets tougher for federal prosecutors→

There’s a new ‘text bomb’ that will crash iPhones with a single symbol

Posted on February 16, 2018 by Michelai Graham

An Apple bug in its latest software update is crashing applications that display a single letter from the south India language Telugu. The symbol could crash Mac, iOS and iPhone applications just by a person viewing it. People have been reporting that their devices were affected by the bug when they accessed the symbol via apps such as Twitter, Uber, Gmail, Whatsapp, Instagram and even through WiFi networks when the symbol is included in the name. The bug can affect any major app running on the iOS platform. After the symbol is accessed in an app, the app can’t be reopened and must be reinstalled to temporarily repair the issue, though it will eventually crash again, researchers say. Though the Unicode foreign language symbol doesn’t damage the phone, it can be quite frustrating to deal with since you can’t fix it on your own. Mobile World was the first to […]

The post There’s a new ‘text bomb’ that will crash iPhones with a single symbol appeared first on Cyberscoop.

Continue reading There’s a new ‘text bomb’ that will crash iPhones with a single symbol→

UK government blames Russian military for infamous ‘NotPetya’ cyberattacks

Posted on February 15, 2018 by Michelai Graham

The United Kingdom’s government is blaming the Russian military for a famous cyberattack that took place last June. This is now the second country to publicly recognize that NotPetya was carried out by Russia— Ukraine being the first. The National Cyber Security Centre (NCSC) conducted an assessment, saying that the purpose of the cyberattack was to disrupt Ukraine’s financial systems. The sophistication and planning of the attack required considerable resources and time, according to the NCSC. “The Kremlin has positioned Russia in direct opposition to the West: it doesn’t have to be that way. We call upon Russia to be the responsible member of the international community it claims to be rather then secretly trying to undermine it,” Foreign Office Minister of State with responsibility for Cyber, Lord (Tariq) Ahmad of Wimbledon said in a NCSC statement. NotPetya, a destructive ransomware virus, infected thousands of computers used in financial, energy […]

The post UK government blames Russian military for infamous ‘NotPetya’ cyberattacks appeared first on Cyberscoop.

Continue reading UK government blames Russian military for infamous ‘NotPetya’ cyberattacks→

New gaming and hospitality cybersecurity alliance formed by Retail ISAC

Posted on February 15, 2018 by Michelai Graham

A new cybersecurity alliance has been assembled to provide better protection in the gaming and hospitality business sectors as cyberthreats increase. The Retail Cyber Intelligence Sharing Center (R-CISC) announced the formation of the Gaming and Hospitality Cybersecurity Alliance (GHCA) on Tuesday in a press release. This new alliance will live within R-CISC, as a sharing group dedicated to information and intelligence for gaming and hospitality businesses. Hospitality and casino businesses are worried about all kinds of breaches. In the past, Russian casino hackers were indicted for fraud after manipulating slot machines in Illinois, Missouri and California. Additionally, Sands Las Vegas and Marriott have dealt with breaches in the past few years. Scott Howitt, senior vice president and chief information security officer at MGM Resorts International and Board Member of the R-CISC, is a co-chair for the cybersecurity alliance. “GHCA members offer a vast array of services and experiences in entertainment, gaming, sporting […]

The post New gaming and hospitality cybersecurity alliance formed by Retail ISAC appeared first on Cyberscoop.

Continue reading New gaming and hospitality cybersecurity alliance formed by Retail ISAC→