- April 4, 2024
- Posted by: administrator
- Category: Blog
CISA releases draft rule for cyber incident reporting
Considered to be one of the most significant cybersecurity policy reforms in recent memory, CISA has released its notice of proposed rulemaking (NOPR) that requires critical infrastructure organizations to report cybersecurity incidents. This is intended to provide the federal government with “better insight about breaches that affect highly sensitive entities such as water and power utilities.” This NOPR is the next step in a process that began after the Cyber Incident Reporting for Critical Infrastructure Act was signed into law in March 2022, following the SolarWinds ordeal.
Google now blocks spoofed emails for better phishing protection
Google has now started to automatically block emails sent by bulk senders who do not authenticate their messages. This follows an announcement made last October and places a requirement on companies that send over 5,000 messages daily to Gmail accounts to set up email authentications for their domains. Throughout this year, Google will ramp up the pressure on non-compliant bulk email senders, starting with temporary error codes on a small portion of messages that don’t meet the requirements, but ramping up the rejection process. This, Google says, is to give bulk emailers a chance to become compliant.
Breach at online shopping platform PandaBuy affects 1.3 million customers
The platform, which focuses on selling and shipping products from China, is now owning up to a data breach that leaked the basic data of more than 1.3 million customers on a cybercrime forum. The breach and subsequent posting of the data was announced by the two threat actors themselves, and Troy Hunt of Have I Been Pwned has confirmed their validity. The company itself has yet to acknowledge the incident, stating simply that “no user data has been stolen this year.”
UK and U.S. sign AI safety agreement
Signed by UK Technology Secretary Michelle Donelan and U.S. Commerce Secretary Gina Raimondo, the memorandum of agreement seeks to align the two countries’ scientific approaches, and “work closely to accelerate and rapidly iterate robust suites of evaluations for AI models, systems, and agents.” The partnership will take effect immediately and is intended to allow both organizations to work seamlessly with one another to keep pace with the technology’s emerging risks.”(BBC News and UK Government)
Venom RAT phishing campaign strikes Latin America
According to Digital Media Booster, “the attacks singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican Republic, and Argentina.” The attack is being attributed to a threat actor known as TA558, and uses phishing emails to drop Venom RAT, which has been configured to harvest sensitive data and control systems remotely.
OWASP Foundation warns members of data breach
The breach affects people who may have been a member of the software security nonprofit Open Worldwide Application Security Project between 2006 to 2014. This is after the group “became aware of an old Wiki server that contained decade-old resumes.” The likelihood of this dated documentation being exposed and exploited is small, given that, as OWASP Executive Director Andrew Van der Stock stated, “the directory where the resumes were located was not easily found because it was not indexed and separate from the organization’s Wiki installation.” However, there is a possible learning moment here given that OWASP’s lack of information about the directory was due to a log retention policy on a small Virtual Private Server only allowed for limited log data with old data having been overwritten long before adequate forensics became was possible.
Prudential Insurance provides update on February cyberattack
Back in February we reported on the incident which saw hackers gain access to the company’s network. Representatives from Prudential Insurance have now identified the stolen data as names, addresses, driver’s license numbers or ID cards of 36,545 people, apparently being employees and contractors. They did not, however, clarify what systems were accessed or whether it was a ransomware attack. Victims whose data was stolen will be given two years of identity protection services.
MarineMax provides update on February cyberattack
While Prudential was dealing with its cyberattack in February, we also covered the attack on MarineMax – one of the world’s largest sellers of boas, yachts, and superyachts. The attack, claimed by Rhysida was described at the time as a cybersecurity incident, but the company has now revised this description to one in which “a cybercrime organization accessed a limited portion of the IT systems associated with their retail business.” This includes customer and employee information, including PII.
NOTE:: This article is copyright by cisoseries.com and we are using it for educational or Information purpose only
.