Tim Starks – Page 39 – WindowsTechs.com

Wind turbine giant Vestas says data was compromised in security incident

Posted on November 22, 2021 by Tim Starks

One of the world’s largest wind turbine manufacturers, Vestas Wind Systems, says its contending with a cyberattack that forced the firm shut down some of its IT systems. The Danish company said Monday that its investigating the security incident, discovered Nov. 19, and mitigating the impact. Vestas has “together with external partners worked around the clock to contain the situation and re-establish the integrity of its IT systems,” it said in a statement. “The company’s preliminary findings indicate that the incident has impacted parts of Vestas’ internal IT infrastructure and that data has been compromised.” Vestas, long considered an industry leader with a reported $34 billion in market value, watched a dip in stock value as word of the apparent breach spread. “There is no indication that the incident has impacted third party operations, including customer and supply chain operations,” the company’s Monday update states. “Vestas’ manufacturing, construction and service […]

The post Wind turbine giant Vestas says data was compromised in security incident appeared first on CyberScoop.

Continue reading Wind turbine giant Vestas says data was compromised in security incident→

Banks must report major cyber incidents within 36 hours under finalized regulation

Posted on November 19, 2021 by Tim Starks

Banks must report major cybersecurity incidents to federal officials within 36 hours under a rule that U.S. financial regulators finalized on Thursday. Beginning in May 2022, financial executives will need to be more forthcoming about computer system failures and interruptions, such as ransomware or denial-of-service attacks that have the potential to disrupt customers’ ability to access their accounts, or impact the larger financial system. The rule, dubbed the Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers, was cemented by the Office of the Comptroller of the Currency, Board of Governors of the Federal Reserve System and the Federal Deposit Insurance Corporation. There is currently no specific window that banks must repot such incident to the agencies in question. The final approval comes as Congress weighs broader reporting rules for critical infrastructure owners and operators, and as the Transportation Security Administration has begun imposing reporting requirements on […]

The post Banks must report major cyber incidents within 36 hours under finalized regulation appeared first on CyberScoop.

Continue reading Banks must report major cyber incidents within 36 hours under finalized regulation→

Corporate espionage hackers RedCurl return after hiatus with improved tools

Posted on November 18, 2021 by Tim Starks

A corporate espionage organization known as RedCurl that made waves before disappearing last year has resurfaced with a fresh batch of attacks and sharpened tools for the task, researchers at cybersecurity firm Group-IB said Thursday. The group’s four known attacks since the beginning of 2021 include one against one of Russia’s largest wholesalers, which provides home, leisure and office goods, Group-IB found. Overall, the company concluded that RedCurl has been behind more than 30 attacks during a three-year span. RedCurl’s tactical improvements after a seven-month absence include upgrades to most of its tools, such as more effective data encryption for its malware. “Corporate cyber espionage is still a relatively rare and, in many ways, unique occurrence,” Group-IB’s report reads. “However, it is possible that the group’s success could lead to a new trend in cybercrime.” Despite the rarity of corporate cyber espionage, Group-IB’s report on the RedCurl revival is the […]

The post Corporate espionage hackers RedCurl return after hiatus with improved tools appeared first on CyberScoop.

Continue reading Corporate espionage hackers RedCurl return after hiatus with improved tools→

Iranian government-backed hackers target critical infrastructure with ransomware, US says

Posted on November 17, 2021 by Tim Starks

U.S., U.K. and Australian cyber agencies on Wednesday accused Iranian government-sponsored hacking groups of exploiting Microsoft and Fortinet vulnerabilities this year in a bid to deploy ransomware against critical infrastructure. The hackers are interested in taking advantage of known software flaws where they can, the agencies said. The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency in March, May and June saw Iranian “advanced persistent threat” groups capitalizing on Fortinet vulnerabilities, in one case for a server associated with a U.S. municipal government and in another involving networks associated with a U.S.-based hospital focused on children’s care. In October the hackers relied on a Microsoft Exchange ProxyShell vulnerability “to gain initial access to systems in advance of follow-on operations,” the subject of another recent CISA alert. “The Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including […]

The post Iranian government-backed hackers target critical infrastructure with ransomware, US says appeared first on CyberScoop.

Continue reading Iranian government-backed hackers target critical infrastructure with ransomware, US says→

Ransomware fueled record year for UK cyber response

Posted on November 17, 2021 by Tim Starks

The U.K. National Cyber Security Centre fought a record number of digital intrusions in the past year, the agency reported, driven by a surge in ransomware and hackers targeting the health care sector during the COVID-19 pandemic. Over a 12-month period ending in September, the agency responded to 777 incidents, a more than 7% increase, the center said in its Nov. 17 annual report. Ransomware kept the center busy, with officials handling the same number of incidents in the first four months of 2021 that it did in all of 2020, itself triple the number of incidents in 2019. That made ransomware the “most significant cyber threat facing the U.K. this year,” the report states. Still, businesses aren’t taking it seriously enough, National Cyber Security Centre CEO Lindy Cameron wrote. “In my view it is now the most immediate cyber security threat to U.K. businesses and one that I think […]

The post Ransomware fueled record year for UK cyber response appeared first on CyberScoop.

Continue reading Ransomware fueled record year for UK cyber response→

Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity

Posted on November 15, 2021 by Tim Starks

Presdent Joe Biden signed a $1 trillion infrastructure bill into law on Monday that includes nearly $2 billion for cybersecurity and related provisions. The biggest piece of digital security funding is a Federal Emergency Management Agency cyber grant program, administered in consultation with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, that would distribute $1 billion over four years to state and local governments. An additional $21 million would go toward the Office of the National Cyber Director, which has been unable to make key hires since being established earlier this year due to funding shortages. In all, the legislation — known as the Infrastructure Investment and Jobs Act — is “the largest investment in the resilience of physical and natural systems in American history,” the White House boasted, one that “makes our communities safer and our infrastructure more resilient to the impacts of climate change and cyber-attacks.” […]

The post Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity appeared first on CyberScoop.

Continue reading Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity→

Hackers fire off hoax email messages from FBI account after exploiting misconfigured server

Posted on November 15, 2021 by Tim Starks

Hackers sent a barrage of fake emails over the weekend using an FBI email account, the agency acknowledged, to falsely warn recipients that an attacker stole their information. The nonprofit spam-tracking service Spamhaus Project estimated that the hoax email campaign comprised as many as 100,000 messages. The FBI said that the hackers temporarily broke in via a software misconfiguration for its Law Enforcement Enterprise Portal that the bureau uses to communicate with state and local law enforcement agencies. “While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service,” the FBI said in a Sunday update. “No actor was able to access or compromise any data or PII on the FBI’s network.” The email campaign sought to smear Vinny Troia, a cybersecurity author and CEO of Night Lion Security, as the party […]

The post Hackers fire off hoax email messages from FBI account after exploiting misconfigured server appeared first on CyberScoop.

Continue reading Hackers fire off hoax email messages from FBI account after exploiting misconfigured server→

Likely state-based hackers infected Hong Kong websites to spy on Apple users, Google says

Posted on November 12, 2021 by Tim Starks

Suspected foreign government-backed hackers infected websites belonging to a Hong Kong-based media outlet and a pro-democracy group in a bid to install malware on visitors’ Apple devices, Google researchers say. Google’s Threat Analysis Center discovered the watering hole attack in August, which relied on a previously unreported backdoor, or zero-day flaw. “Based on our findings, we believe this threat actor to be a well-resourced group, likely state backed, with access to their own software engineering team based on the quality of the payload code,” Google’s Eyre Hernandez wrote in a blog post on Thursday. While Google didn’t attribute the attackers to a specific nation, China has long been suspected of conducting cyber-espionage and sowing disinformation aimed at democracy advocates in Hong Kong. The hackers relied on a previously known vulnerability in macOS Catalina to set up the backdoor, Google said. Apple patched the zero-day flaw on Sept. 23. The backdoor […]

The post Likely state-based hackers infected Hong Kong websites to spy on Apple users, Google says appeared first on CyberScoop.

Continue reading Likely state-based hackers infected Hong Kong websites to spy on Apple users, Google says→

Canadian hospitals recovering from breach that forced thousands of appointment cancellations

Posted on November 10, 2021 by Tim Starks

Intruders accessed patient and employee data after infiltrating health-releated IT systems in a breach that’s only now coming into focus. A security incident affecting the province of Newfoundland and Labrador, first detected Oct. 30, took down multiple health networks, leading to the cancellation of thousands of appointments, including for chemotherapy treatments. The regional Eastern Health authority, which employees 13,000 people, on Tuesday announced that its email system was again functioning, more than a week after the initial compromise became known. “As part of the on-going investigation into a cyberattack that impacted health care IT systems in Newfoundland and Labrador, it has been determined that some personal information and personal health information was accessed from the systems,” the provincial government said in a Nov. 9 news release. “A review is ongoing to determine if any other information is affected in the incident and further updates will be provided as appropriate.” Hackers […]

The post Canadian hospitals recovering from breach that forced thousands of appointment cancellations appeared first on CyberScoop.

Continue reading Canadian hospitals recovering from breach that forced thousands of appointment cancellations→