Tonya Riley – Page 38 – WindowsTechs.com

Amazon’s Sidewalk, a neighborhood device network, is ‘uncharted territory’ for data privacy, watchdogs say

Posted on June 9, 2021 by Tonya Riley

A new Amazon feature aimed at keeping users’ home devices connected to the internet by using a friendly slice of neighborhood broadband is already raising concerns about unintended privacy consequences. Amazon’s Sidewalk network pulls slivers of broadband from its users to create a larger network to extend the range for devices further from a users’ home, such as the tracking device Tile or smart lighting at the edge of a users’ property. Benefits of such technology include helping a user find a lost dog or car keys, Amazon touts. It could also keep devices online if the internet of an individual user goes out. Concerns about the expansion of existing home devices’ reach draws on lingering anxieties about internet-connected home devices. Amazon, Google, and other major home security devices have all suffered significant hacks in recent years, while some have collected an alarming amount of users’ private data. Ring’s doorbell […]

The post Amazon’s Sidewalk, a neighborhood device network, is ‘uncharted territory’ for data privacy, watchdogs say appeared first on CyberScoop.

Continue reading Amazon’s Sidewalk, a neighborhood device network, is ‘uncharted territory’ for data privacy, watchdogs say→

Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says

Posted on June 9, 2021 by Tonya Riley

A new ransomware group claims to have breached 30 organizations in government, financial services, health care services, and energy firms in the United States, United Kingdom, and a dozen more countries, according to Palo Alto Networks research published Wednesday. The group, which Palo Alto researchers have dubbed “Prometheus,” most frequently targets the manufacturing industry. The activity comes amid ongoing concern about the effect of ransomware on national security and global supply chains after incidents at Colonial Pipeline and the meat-processing corporation JBS. “The Prometheus ransomware gang has the potential to target organizations that would lead to national concerns,” Doel Santos, threat intelligence analyst at Palo Alto Networks’ Unit 42, wrote in an email. “These threat actors are opportunistic. They are willing to target any organization.” The group has also targeted victims in manufacturing, logistics, consulting, agriculture, insurance, and legal industries. Prometheus claims to be affiliated with REvil, a Russia-based hacking […]

The post Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says appeared first on CyberScoop.

Continue reading Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says→

Colonial Pipeline CEO says company didn’t have plan for potential ransomware attack

Posted on June 8, 2021 by Tonya Riley

Colonial Pipeline did not have guidance in place on how to handle a ransom demand from cybercriminals who locked up its systems, its CEO testified in a hearing before the Senate Homeland Security and Governmental Affairs Committee Tuesday. The company’s failure to prepare explicitly for a ransomware attack — despite warnings from Homeland Security Department’s Cybersecurity and Infrastructure Security Agency as early as February 2020 about the risk of such attacks against the pipeline industry — underscores growing concerns from lawmakers that the critical sector needs tighter regulations when it comes to cybersecurity. “We have an emergency response process: See the threat, contain the threat, remediate the threat, and restore,” Colonial Pipeline CEO Joseph Blount said in response to a question from Sen. Maggie Hassan, D-N.H. about ransomware-specific guidance. “So in this case, you use the same process, but you use a different set of experts.” Hassan chastized Blount’s response, […]

The post Colonial Pipeline CEO says company didn’t have plan for potential ransomware attack appeared first on CyberScoop.

Continue reading Colonial Pipeline CEO says company didn’t have plan for potential ransomware attack→

MoviePass settles with the FTC over exposing private information, misleading consumers

Posted on June 7, 2021 by Tonya Riley

Defunct subscription service MoviePass won’t have to pay users for exposing their personal information, or for quietly blocking them from using the movie ticket service’s “one ticket per day” feature. The now-bankrupt company settled with the Federal Trade Commission Tuesday over allegations that it failed to secure users’ personal information and misled them about the company’s subscription offerings, the agency announced. The subscription service, which launched in 2011, once attracted more than 3 million paid subscribers for its unrivaled service of offering unlimited movie theater passes for initially just $9.99 a month. The business model turned out to be unsustainable, with the company turning to increased prices and eventually bankruptcy in January 2020 after struggling to retain subscribers. Failure to secure a server of users’ private information led to the exposure of tens of thousands of names, birthdates, customer card numbers and credit card numbers between at least May and […]

The post MoviePass settles with the FTC over exposing private information, misleading consumers appeared first on CyberScoop.

Continue reading MoviePass settles with the FTC over exposing private information, misleading consumers→

Hacking accusations are meant to stir conflict ahead of US summit, Russian president says

Posted on June 4, 2021 by Tonya Riley

Russian President Vladimir Putin on Friday said that accusations that the Russian state is in anyway linked to a recent ransomware attack against global meat supplier JBS are “nonsense.” The FBI has blamed the attack on REvil, a group thought to be based out of Russia. U.S. officials have not tied the attack to the Russian government. That breach came after an unrelated incident against Colonial Pipeline, a major U.S. fuel supplier, in which the FBI blamed another alleged Russia-based gang, DarkSide. “I have heard about some meat processing company, it’s nonsense, we understand it’s just laughable. A pipeline? It’s nonsense, too,” Putin told a Russian news station. U.S. President Joe Biden emphasized in May that U.S. intelligence officials do not believe the Russian government was involved in the Colonial Pipeline hack. “We do not believe — emphasis on we do not believe — the Russian government was involved in […]

The post Hacking accusations are meant to stir conflict ahead of US summit, Russian president says appeared first on CyberScoop.

Continue reading Hacking accusations are meant to stir conflict ahead of US summit, Russian president says→

A Supreme Court ruling limits the reach of a landmark hacking law

Posted on June 3, 2021 by Tonya Riley

The Supreme Court issued a 6-3 ruling Thursday determining that improper use of a computer system by someone allowed to use it does not fall under the Computer Fraud and Abuse Act, the nation’s landmark hacking law. The ruling is a significant step in limiting the bounds of the law, which critics have long blasted as overly broad. It’s the first time the court has ruled on a case involving the decades-old hacking statute. The case in question involved former Georgia police officer Nathan Van Buren, who was accused of looking up license plate data in a law enforcement database in exchange for bribes. The prosecution argued that Van Buren’s use exceeded “authorized access,” putting him in violation of the Computer Fraud and Abuse Act. Such an interpretation “would attach criminal penalties to a breathtaking amount of commonplace computer activity,” Justice Amy Coney Barrett, who authored the majority opinion, wrote. […]

The post A Supreme Court ruling limits the reach of a landmark hacking law appeared first on CyberScoop.

Continue reading A Supreme Court ruling limits the reach of a landmark hacking law→

FireEye is selling its security products business for $1.2B

Posted on June 2, 2021 by Tonya Riley

FireEye is selling its security products services to a consortium led by private equity firm Symphony Technology Group for $1.2 billion, the company announced on Wednesday. The long-time cybersecurity giant is best known recently for its role in alerting U.S. authorities in December to the breach of network software company SolarWinds. A months-long alleged Russian hack of the SolarWinds software ensnared at least nine U.S. federal agencies and nearly 100 U.S. companies. The separation announced Wednesday includes FireEye’s network, email, cloud and other security products. The company’s Mandiant forensic intelligence services will remain intact and continue to operate as its own publicly traded company, pending regulatory approval of the sale. FireEye will operate as a stand-alone company under the STG umbrella. “We believe this separation will unlock our high-growth Mandiant Solutions business and allow both organizations to better serve customers,” FireEye Chief Executive Officer Kevin Mandiant said in a statement. […]

The post FireEye is selling its security products business for $1.2B appeared first on CyberScoop.

Continue reading FireEye is selling its security products business for $1.2B→