09-05-202111-05-2021

Security daily (10-05-2021)

JP Morgan artificial intelligence researcher says AI goal is to 'eradicate financial crime'

J.P. Morgan envisions a chief role for artificial intelligence in putting an end to financial crimes, the company’s head of AI research said Monday. Financial crimes that institutions like J.P. Morgan might have to reckon with include money laundering, sanctions violations, fraud and outright cyber theft. Across all industries and organizations, financial crime cost companies and organizations $1.45 trillion in 2019, according to one estimate, with cybercrime and fraud reportedly the most common varieties. “There is this concept of values” for AI, said Manuela Veloso, who besides her work for J.P. Morgan has worked as a professor in Carnegie Mellon University’s school of computer science. “First, we want AI to be able to eradicate financial crime.” Veloso’s comments came Monday during AI Week, an event produced by Scoop News Group. Along with direct money heists, cybercriminals run afoul of the law in other ways that can be categorized as financial […] The post JP Morgan artificial intelligence researcher says AI goal is to 'eradicate financial crime' appeared first on CyberScoop. (CyberScoop)

FBI blames DarkSide ransomware operators for Colonial Pipeline incident

The FBI on Monday said that a cybercriminal enterprise behind a ransomware variant known as DarkSide was responsible for the hack that prompted one of the country’s largest pipeline operators to temporarily shut down. The FBI statement came as Colonial Pipeline, which says it transports some 45% of all fuel consumed on the East Coast, said that it was aiming to “substantially” restore its pipeline operations by the end of the week. In a private advisory to U.S. companies obtained by CyberScoop, the FBI said that it had been tracking the DarkSide ransomware variant since October. “Darkside has impacted numerous organizations across various sectors including manufacturing, legal, insurance, healthcare and energy,” the FBI advisory said. The authors of DarkSide lease their hacking tools to other criminals in a “ransomware-as-as-service” model that splits the proceeds among the perpetrators, the bureau added. The Colonial Pipeline incident, which began Friday, is one of […] The post FBI blames DarkSide ransomware operators for Colonial Pipeline incident appeared first on CyberScoop. (CyberScoop)

Artificial intelligence could accelerate breach notification time, expert says

Faster data breach notification time is emerging as a reliable application of artificial intelligence in the cybersecurity sector, a development that could help other industries better understand their own use of smarter technologies, a leading subject matter expert said on Monday.  Dr. Frederic Lemieux, faculty director and professor of the practice for applied intelligence at Georgetown University, suggested that more efficient pattern recognition already is helping global companies spot anomalies in wide swaths of data. Unusual behaviors — such as an employee logging on to sensitive networks at odd hours, or an email attachment including nefarious data — are more likely to raise a red flag, pointing human analysts to possible security issues.  “It’s simple,” Lemieux said during AI Week, an event produced by Scoop News Group. “The costs of cybersecurity are prohibitive and companies are facing situations where the average cost of a data breach in the United States […] The post Artificial intelligence could accelerate breach notification time, expert says appeared first on CyberScoop. (CyberScoop)

Experts suggest French insurer AXA's plan to shun ransomware payouts will set a precedent

When French insurer AXA signaled last week that it would no longer write new cyber-insurance policies covering  extortion payouts to criminals, ransomware and cyber insurance experts had two reactions. They wondered why it took so long, and how long it would take others to follow suit. Ransomware is an ever-increasing cause of cyber-insurance claims, according to industry estimates, and having such insurance may make policyholders more likely to be attacked. A representative of the REvil ransomware gang said in a March interview that the group specifically targets victims known to have cyber-insurance, because they’re “one of the tastiest morsels” who can more easily afford to pay. In perhaps the biggest ransomware payment of 2020, smartwatch maker Garmin paid a reported $10 million and said it wasn’t sure how much its insurance would cover of all the costs, which it didn’t enumerate by type of expense.  Those conditions can perpetuate themselves. […] The post Experts suggest French insurer AXA's plan to shun ransomware payouts will set a precedent appeared first on CyberScoop. (CyberScoop)

US issues emergency declaration following Colonial Pipeline ransomware incident, relaxing transport rules

After a ransomware attack hampered one of the largest pipeline operators in the U.S., the Transportation Department on Sunday issued an emergency directive allowing drivers in 17 states and the District of Columbia to work longer hours to transport fuel. The “regional emergency declaration” is meant to alleviate any disruptions to supply following the security incident at Colonial Pipeline, which the company revealed Friday. While the Georgia-based company normally delivers more than 100 million gallons of gas, diesel and other products daily to customers from Texas to New York, according to its website, the ransomware infection forced a temporary halt to its operations. Colonial Pipeline says it transports some 45% of all fuel consumed on the East Coast. The Transportation Department’s declaration means that truckers carrying gasoline, diesel, jet fuel and other refined petroleum products are temporarily exempt from laws restricting the amount of time they are allowed to be […] The post US issues emergency declaration following Colonial Pipeline ransomware incident, relaxing transport rules appeared first on CyberScoop. (CyberScoop)

Never say never! Warren Buffett caught up in integer overflow error…

640Kbytes of RAM should be enough for anyone... (Naked Security)

Major U.S. Pipeline Crippled In Ransomware Attack

(News ≈ Packet Storm)

Justice Department Quietly Seized Washington Post Reporters' Phone Records During Trump Era

(News ≈ Packet Storm)

Amazon Seized, Destroyed Two Million Fake Products In 2020

(News ≈ Packet Storm)

Group Pleads Guilty To Running Bulletproof Hosting Service

(News ≈ Packet Storm)

Is it still a good idea to require users to change their passwords?

For as long as corporate IT has been in existence, users have been required to change their passwords periodically. In fact, the need for scheduled password changes may be one of the most long-standing of all IT best practices. Recently, however, things have started to change. Microsoft has reversed course on the best practices that it has had in place for decades and no longer recommends that (The Hacker News)

Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down

Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyber attacks. "On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack," the company said in a statement posted on its website. "We have since (The Hacker News)

Facebook Will Limit Your WhatsApp Features For Not Accepting Privacy Policy

WhatsApp on Friday disclosed that it won't deactivate accounts of users who don't accept its new privacy policy rolling out on May 15, adding it will continue to keep reminding them to accept the new terms. "No one will have their accounts deleted or lose functionality of WhatsApp on May 15 because of this update," the Facebook-owned messaging service said in a statement. The move marks a (The Hacker News)

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service (SVR) have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operators appear to have reacted [...] by changing their TTPs in an attempt to avoid further detection and (The Hacker News)

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices

Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm's mobile station modems (MSM) that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. "If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and (The Hacker News)

Colonial Pipeline’s Ransomware Attack Sparks Emergency Declaration

Security researchers mull possible perpetrators of the attack, and warned that the incident could be a harbinger of things to come.  (Threatpost)

Lemon Duck Cryptojacking Botnet Changes Up Tactics

The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets. (Threatpost)

09-05-202111-05-2021

/security-daily/ 11-05-2021 23:44:23