Financial – Page 26 – WindowsTechs.com

NYSE to remove 3 Chinese telecoms from market

Posted on January 6, 2021 by Shannon Vavra

The New York Stock Exchange said Wednesday it will delist several Chinese telecommunications firms that allegedly worked with the Chinese military, the reversal of a previous decision. The stock exchange had first said last week it would remove China Telecom, China Unicom and China Mobile in order to comply with a Trump administration executive order. The order, issued in November, aimed to block Chinese companies from using U.S. capital to help advance Chinese military and intelligence goals. The effect is to bar the companies from trading on the exchange. The NYSE initially tried to backpedal on Monday after “further consultation with relevant regulatory authorities.” The exchange at the time said it would not delist the firms, causing widespread confusion. The decision on Wednesday to delist the firms, after all, came after the Treasury Department‘s Office of Foreign Assets Control issued guidance Tuesday that would block people in the U.S. from conducting […]

The post NYSE to remove 3 Chinese telecoms from market appeared first on CyberScoop.

Continue reading NYSE to remove 3 Chinese telecoms from market→

Nissan investigating possible source code exposure

Posted on January 6, 2021 by Tim Starks

Nissan is examining whether source code for its North American division’s mobile apps, marketing tools and more have leaked online, the company said. “We are aware of a claim regarding a reported improper disclosure of Nissan’s confidential information and source code,” said a Nissan spokesperson. “We take this type of matter seriously and are conducting an investigation.” Tillie Kottmann, a software engineer, publicized the apparently leaked information earlier this week on Twitter and Telegram. They told CyberScoop the information came via a “severely mismanaged” server that had the username and password of “admin:admin.” “I was informed about the server by an anonymous source but acquired it myself and can thus mostly verify it,” Kottmann said via a Twitter direct message exchange. Kottmann said they also heard some ex-Nissan employees recognized projects there. Poorly configured servers are a common source of online data leaks, in recent months afflicting Razer, medical scans, […]

The post Nissan investigating possible source code exposure appeared first on CyberScoop.

Continue reading Nissan investigating possible source code exposure→

The anatomy of a modern day ransomware conglomerate

Posted on January 4, 2021 by Jeff Stone

If school administrators, medical organizations and other crucial industries haven’t already had enough bad news over the past year, a new hacking group that relies on emerging techniques to rip off its victims should fulfill that need. What makes the pain even worse is that the group is using an innovative structure that’s becoming more common in the cybercrime underworld. This ransomware gang, dubbed Egregor, in recent months appears to have hacked more than 130 targets, including schools, manufacturing firms, logistics companies and financial institutions, according to the U.K.-based security firm Sophos. Egregor works much like other strains of ransomware — holding data hostage until a victim pays a fee — though in some ways the group behind it also exemplifies the current state of the hacking economy. Rather than relying on lone hackers who mastermind massive data breaches, or dark web forums frequented only by Russian scammers, today’s cybercriminals […]

The post The anatomy of a modern day ransomware conglomerate appeared first on CyberScoop.

Continue reading The anatomy of a modern day ransomware conglomerate→

Microsoft says SolarWinds hackers accessed company source code

Posted on December 31, 2020 by Tim Starks

Microsoft said Thursday that the SolarWinds hackers were able to access company source code, although the technology giant described the incident as largely harmless in an update to an internal investigation. “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft said in a blog post. “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.” The initial reports that Microsoft suffered a breach via updates to the SolarWinds Orion software generated some partial denials, but the investigation update helps illuminate what happened, and what didn’t, in an apparent cyber-espionage operation that also hit the federal government and other major companies. Microsoft “found no evidence of access to production […]

The post Microsoft says SolarWinds hackers accessed company source code appeared first on CyberScoop.

Continue reading Microsoft says SolarWinds hackers accessed company source code→

Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company

Posted on December 31, 2020 by Joe Warminsky

One of the biggest brands in the music and events business, Ticketmaster, has agreed to pay a $10 million fine for “computer intrusion and fraud offenses” after employees used stolen credentials to spy on a competitor, according to the Department of Justice. The rival company didn’t know that one of its former employees had leaked logins to Ticketmaster, which used them to gather information in the mid-2010s about the competitor’s technology and other aspects of its business. “Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” said acting U.S. Attorney Seth D. DuCharme. “Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic.” The feds don’t name the victim company, but it’s widely known to be Songkick. The investigation […]

The post Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company appeared first on CyberScoop.

Continue reading Tickemaster pays $10M fine to settle charges of using stolen passwords to spy on rival company→

SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage?

Posted on December 30, 2020 by Tim Starks

Every massive breach comes with a trail of lawsuits and regulatory ramifications that can last for years. Home Depot, for instance, only last month settled with a group of state attorneys general over its 2014 breach. The SolarWinds security incident that U.S. officials have pinned on state-sponsored Russian hackers is unlike anything that came before, legal experts say, meaning the legal liability could take even longer to resolve in court. As Congress, federal government departments and corporations reckon with the vast sweep of the SolarWinds breach, there are still many more questions than answers. Fewer pieces of it are less certain than how it might play out in court, where companies and individuals alike stand to gain or lose. Many millions of dollars, corporate blame and years of finger-pointing are on the line. That’s because the targets — government agencies, and some major companies — aren’t the usual kind of […]

The post SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage? appeared first on CyberScoop.

Continue reading SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage?→

Travel-booking company Sabre Corp. settles with 27 states over breach of credit card data

Posted on December 24, 2020 by Joe Warminsky

Sabre Corp. will make a $2.4 million payout and shore up its cybersecurity policies under an agreement with 27 state attorneys general who investigated a breach of its hotel-booking technology. The settlement, announced Wednesday, involves a 2016 intrusion into the SynXis Central Reservation, run by the Texas-based corporation’s Sabre Hospitality Solutions subsidiary. The breach exposed the details of about 1.3 million credit cards. The attorneys general held that Sabre responded poorly to the incident, particularly in notifying people that their information might be compromised. “Sabre first failed its customers with a susceptible security system, then failed them when it came to provide proper notifications,” said New York Attorney General Letitia James. “Today’s agreement not only imposes a hefty fine on Sabre but will ensure that the company has the appropriate security and incident response plan in place so that its failure does not take place again.” In announcing the breach […]

The post Travel-booking company Sabre Corp. settles with 27 states over breach of credit card data appeared first on CyberScoop.

Continue reading Travel-booking company Sabre Corp. settles with 27 states over breach of credit card data→

International sting shuts down ‘favorite’ VPN of cybercriminals

Posted on December 22, 2020 by Joe Warminsky

The latest international action against cybercrime infrastructure involves the takedown of a virtual private network (VPN) used to hide the activities of ransomware gangs and other illegal operations. The FBI and European police announced the sting against the Safe-Inet service Tuesday morning. The VPN company was billed as “cybercriminals’ favorite” by Europol. The FBI said three Web domains associated with the service — safe-inet.com, safe-inet.net and insorg.org — had been seized and then plastered with notices from police. Officials said that taking down Safe-Inet was disruptive to major active cybercriminal campaigns, but they did not specify what those were. “Active for over a decade, Safe-Inet was being used by some of the world’s biggest cybercriminals, such as the ransomware operators responsible for ransomware, E-skimming breaches and other forms of serious cybercrime,” according to a news release from Europol, the top police agency for the European Union. “This VPN service was […]

The post International sting shuts down ‘favorite’ VPN of cybercriminals appeared first on CyberScoop.

Continue reading International sting shuts down ‘favorite’ VPN of cybercriminals→

Cryptocurrencies Hacking [closed]

Posted on December 17, 2020 by Adu

How to provide the best cyber security defense against crypto currencies hacking when it comes to daily trading , as it is far easier when you buy and hold .
Best wish for a happier new year for everyone

Continue reading Cryptocurrencies Hacking [closed]→

Senators press Treasury to speak about breach, planned response to hackers

Posted on December 16, 2020 by Tim Starks

Two key Senate Democrats extensively questioned the U.S. Treasury Department on Tuesday about its reported data breach, a subject it has been less forthcoming about than the other federal agencies swept into the compromise of SolarWinds software. The senators, Sherrod Brown of Ohio and Ron Wyden of Oregon, also want to know whether Treasury plans to sanction the attackers and if it has begun evaluating the overall damage to the economy of the cyber-espionage campaign, which could ripple through the private sector, too. The senators’ letter to Treasury Secretary Steven Mnuchin pushes the department not only to provide information about its own breach, but also to develop a broader response that includes punishments for the hackers responsible. Cybersecurity researchers have tied them to Russia. “These media reports suggest that these attacks were comprehensive and historic and bad actors may have had access to critical U.S. government networks for many months,” […]

The post Senators press Treasury to speak about breach, planned response to hackers appeared first on CyberScoop.

Continue reading Senators press Treasury to speak about breach, planned response to hackers→