Author: rescue@crimefire.in

There’s nothing worse than a payment app getting hacked, but that’s exactly what’s happened, as PayPal confirmed that it had experienced a data breach affecting tens of thousands of users.
Security breaches are certainly nothing new to online users. Strong passwords and multifactor authentication may help, but companies with lax security continue to drop the ball and user information is often at risk.
Unfortunately, payment platform PayPal has fallen victim to a security breach itself, and the information leaked is a lot more serious than your run of the mill hack.
Verifying
Don’t miss out on the top business tech news with Tech.co’s weekly highlights reel
PayPal users might want to take a quick glance at their accounts to make sure nothing is askew. In a notice from PayPal, the company warned users “about an incident” that “may have impacted their PayPal accounts.”
“During this time, the unauthorized third parties were able to view, and potentially acquire, some personal information for certain PayPal users.”
The personal information in question included usernames, addresses, Social Security numbers, individual tax identification numbers, and birth dates, which is some considerably valuable data. However, PayPal remains confident that the information was merely vulnerable and not necessarily obtained by third party hackers.
“We have no information suggesting that any of your personal information was misused as a result of this incident, or that there are any unauthorized transactions on your account.”
No information is certainly better than bad information, but PayPal users will have to make do with the potential that their personal data is somewhere it’s not supposed to be.
Breaches like the one PayPal just experienced are far too common in the tech industry, but unfortunately, there isn’t much you can do to protect yourself beyond exclusively using services that make a firm commitment to security.
However, there are plenty of other ways you can make sure your online behavior isn’t opening you up to some kind breach or hack. Password managers are the best place to start, as they keep your first line of defense strong, even offering passwordless options in some cases.
If you want to take it to the next level, VPNs and antivirus software can make sure your online activity is protected and safe from malware and other nefarious systems online. Generally speaking, though, as long as you’re vigilant and don’t click on too many random links across the web, you should be fairly safe in the eyes of the average hacker.
Verifying
We’re sorry this article didn’t help you today – we welcome feedback, so if there’s any way you feel we could improve our content, please email us at contact@tech.co
Conor is the Lead Writer for Tech.co. For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He’s written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He’s also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word “colloquially” correctly. You can email Conor at conor@tech.co.
As with any generation, there’s no single hive-mind opinion…
Apple, Meta, and Twitter have all disclosed cybersecurity…
The affordable VPN has proven that its no-log policy is…
All three MailChimp breaches in the past 12 months have…
© Copyright 2023

source

We use cookies and other tracking technologies to provide services in line with the preferences you reveal while browsing the Website to show personalize content and targeted ads, analyze site traffic, and understand where our audience is coming from in order to improve your browsing experience on our Website. By continuing to browse this Website, you consent to the use of these cookies. If you wish to object such processing, please read the instructions described in our Cookie Policy / Privacy Policy.
Interested in blogging for timesofindia.com? We will be happy to have you on board as a blogger, if you have the knack for writing. Just drop in a mail at toiblogs@timesinternet.in with a brief bio and we will get in touch with you.
Mr Yashasvi Yadav is an IPS officer of 2000 batch and is presently posted as Special IGP Maharashtra Cyber Department, which is the nodal agency for cybercrime and related mat … MORE
Cybersecurity: An all encompassing article which lucidly expounds on various facets of cyber security and answers six basic questions, which clarify the whole gamut of issues (A to Z) relating to cyber security in an insightful, non-technical manner, easily understandable to all readers.
WHO – The victims
In contemporary times, technology is omnipresent evident in a world where every day is a technological miracle, where internet of things (IOT)is a welcome convenience. While driverless cars, clone armies of super human robots, money transfers at the click of the mouse, smart homes and social media obsession have brought about a revolution and transformed the planet into an unrecognisable place in the last five years, cybercrime has emerged as an organised well funded enterprise. It is appropriately called the ‘arms race’ of the 21st century. It is remarkable that in India there are incredibly more than 700 million smart phone users. In this backdrop cyber security has become an iconic issue and hence the fast emerging problem of cybercrime impinges on not only the netizens but practically everybody on the planet earth. Techno-savvy corporates or students doing online classes or bureaucrats dealing with national security or even technologically illiterate senior citizens, the monster of cyber-crime impacts everybody in a very significant manner. Online frauds, Data theft, ransomware, invasion of privacy and even cyber attacks on critical infrastructure of nations makes it a very significant issue affecting all and sundry.
WHAT – The contours of cybercrime
The new age cybercrime has surpassed USD 6 trillion in revenues and damages, catapulting it as the top organised crime syndicate globally, easily surpassing crime syndicates like narco-trafficking and counterfeiting . Hence, we are dealing with a menace that is not merely sporadic but has transformed into a well funded enterprise operating transnationally in a borderless world. The range of damages that cyber crime or lack of cybersecurity causes are humongous. In modern times, data is called ‘the new oil’and hence data theft is one of the most prevalent forms of cybercrime. This data is then manoeuvred and used as a raw material to launch a variety of cyber attacks like phishing attacks, online financial frauds like credit card frauds, sextortion, ransomware attacks, introducing malware to cause breach of privacy, Advanced Persistent Threat to critical infrastructure and national security apparatus to grave form of cyber terrorism, which may include causing electricity outages, cyber attack on water purification plants and on railway signalling systems et cetera. Thus the impact of cybercrime is immense and across the spectrum. Not only petty Online scams but cyber terrorism impacting national security and cyber warfare are real dangers which need to be tackled urgently.
WHEN- The monster strikes
The threats to cyber security is an ongoing continuous problem gathering momentum with every passing day. While internet was born in late 1960s as ARPANET, a small network of government computers. It has metamorphosed into ubiquitous and all pervasive phenomenon.The world of cybercrime too has massively spread its tentacles. The scary part is that while analysing the issue of cyber threats, at this very moment ,innumerable well funded groups of cyber criminals and hackers are fervently trying to unearth ‘zero day’ vulnerabilities to scam, dupe and cause malfunctioning of computer systems. The most alarming aspect of vulnerability of cyber security is that the cyber menace is transforming rapidly into nefarious form of cyber terrorism,where even national security or lives of citizens may come under threat.
WHERE – The playfield
In modern times, technology is omnipresent and hence threat to cyber security is very real and all pervasive. Cybercrime threatens every thing from smartphones to bank accounts to computer controlled pacemakers to nuclear reactors and even national security. cybercrime is appropriately called the arms race of the 21st century, where there is a mad rush for unearthing zero day(unreported) vulnerabilities and exploiting them with the anonymity afforded by darknet or the onion routers. Thus,all information technology and communication systems are vulnerable to the threat of cybercrime and proper cyber security audits and hardening of systems is urgently needed.
WHY – The raison d’etre
With technology creeping in all facets of our existence and providing exemplary solutions to myriad of persistent problems. It is no wonder that cyber crime too is correspondingly getting emboldened and has redefined landscapes. While Internet Of Things (IOT), smart homes, driverless cars, E governance, digitalisation of records and transparency afforded by smart governance is praiseworthy , threat to cyber security is a massive concomitant danger. Cybercrime is no longer perpetrated by lone computer savant camouflaged in A hoody . It is business, a parallel economy worth trillions of USD. It is preferred and becoming prevalent because of low entry costs, technology advances are so quick that security agencies are not able to keep pace. The risk of getting caught is minimised by techniques of proxy bouncing and use of virtual private networks VPN‘s, which make the attack appear originating from a country like Iran or North Korea, which are shrouded in secrecy. Owing to the aforesaid reasons cybercrime has emerged as an all pervasive , highly lucrative enterprise with low risk and high returns.
HOW – The unravelling
Cybercrime re-models with blitzkrieg pace into darknet crimes where one can hire a contract killer or buy and sell narcotics with anonymity , ransomware where data of an agency is surreptitiously encrypted and ransom demanded in crypto currency, man in the middle attacks, sextortion, social online grooming of children, child pornography, Jamtara styled online financial frauds, spoofing, scamming, botnet attacks, skimming attacks,phishing and vishing, attacks on critical infrastructure by state actors or even deep fake and deep nude attacks. It is obvious that the threat to cyber security is veritable and needs to be addressed urgently. The first step towards mitigation of the threat is to appreciate that it is becoming stronger by the day and find countermeasures to make it ineffective. It is ironical that still policy makers are blissfully unaware of the Frankenstein‘s monster inspite of cyber attacks occurring with alarming regularity across the globe, cyber-heist on banks, cyber attacks on critical infrastructure, cyber-warfare and invasion of privacy is causing havoc with impunity. It is high time that have become sensitive to this burgeoning problem and immediately start the process of hardening of our information and technology systems. Awareness must be generated to undertake cyber audit measures like updation of firewalls, air gapping of servers, cyber hygienic behavior and awareness about possible cyber attacks. It is imperative that security agencies too get their act together and fight cybercrime in a sincere and concerted manner, with international cooperation and upgradation of resources, tools and skilled manpower.
Request you to lodge online complaint on https://cybercrime.gov.in/  portal & also visit the nearest police station along with a copy of the online complaint generated on the “Cyber Crime.gov.in” portal for further necessary action.
{{C_D}}
{{{short}}} {{#more}} … Read More {{/more}}
Views expressed above are the author’s own.
Union of 100 states: Why India must have many small states. It will make for better economy and better politics
Pakistan conundrum: Islamabad’s economic collapse won’t be good for India
Short Sellers: A short, murky history – Outfits like Hindenburg often push ethical boundaries. But the lesson from the Adani episode is that good corporate governance is the best defence against such attacks
Cruel crackdown: Assam’s mass arrests against child marriage endanger due process, increase women’s suffering
In Assam, the answer is schools, not jails: Crackdown on child marriage doesn’t address real causes: girls’ education & women’s jobs
No smarts in Adani crisis: How BJP, opposition, many commentators & the group itself got their responses wrong
Help Afghan women: Prioritise visas for them. Save them from Taliban
MPs, use the break: Budget session’s second half should hopefully see some quality arguments on the GoI economic policy
We the people should know who they are: Judges are not above their politics and life experiences, their diversity counts
The aam investor: Adani crisis: retail market participants need reassurance
Interested in blogging for timesofindia.com? We will be happy to have you on board as a blogger, if you have the knack for writing. Just drop in a mail at toiblogs@timesinternet.in with a brief bio and we will get in touch with you.
Cash Flow
Ruminations,TOI News,Tracking Indian Communities
Red Herring
Heartchakra
Copyright © 2023 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service

source

A .gov website belongs to an official government organization in the United States.
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Columbia
Share on Twitter Twitter Share on Facebook Facebook Email Email
The FBI Columbia field office is leading a multi-agency law enforcement three-day training course this week aimed at better equipping investigators with tools and knowledge to address the ever-growing threat of cyber crime.
The Cyber Investigations Course is a three-day course where attendees will learn skills and knowledge for advancing their investigations through a subject’s basic use of technology. The course is also designed to increase attendees’ knowledge of the Internet, investigative techniques, open-source intelligence, virtual currency, legal processes, digital evidence collection and analysis.
Cyber crimes have rapidly increased over the last few years with bad actors enhancing their techniques and abilities to cause harm to individuals and businesses.
“This training will be beneficial across the board to help investigators alleviate hurdles to working cases with technical aspects,” said Supervisory Special Agent Cindy Starns, who oversees the Columbia field office’s cyber investigations.
The training is sponsored by the FBI’s Columbia field office with support from the FBI Charlotte field office.
emailStay Connected Get FBI email alerts Subscribe No Thanks ×

source

Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.
Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.
By signing up you agree to allow POLITICO to collect your user information and use it to better recommend content to you, send you email newsletters or updates from POLITICO, and share insights based on aggregated user information. You further agree to our privacy policy and terms of service. You can unsubscribe at any time and can contact us here. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Loading
You will now start receiving email updates
You are already subscribed
Something went wrong
By signing up you agree to allow POLITICO to collect your user information and use it to better recommend content to you, send you email newsletters or updates from POLITICO, and share insights based on aggregated user information. You further agree to our privacy policy and terms of service. You can unsubscribe at any time and can contact us here. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
By JOHN SAKELLARIADIS 
01/30/2023 10:00 AM EST
— With help from Maggie Miller

—CISA is starting the year laser-focused on enhancing cybersecurity at the corporate level, a top agency official tells MC.
HAPPY MONDAY, and welcome to Morning Cybersecurity! Between the Sixers, the Phillies and the Eagles, the City of Brotherly Love is having a moment.
… Which should infuriate me as a New Yorker. But between my editor (Philly native) and my in-laws (ditto), I’m ready to praise the Birds now so I don’t have to eat crow later. Fly, Eagles fly!
Got tips, feedback or other commentary? Send them my way at [email protected]. You can also follow @POLITICOPro and @MorningCybersec on Twitter. Full team contact info is below.

We’re spilling the tea (and drinking tons of it in our newsroom) in U.K. politics with our latest newsletter, London Playbook PM. Get to know all the movers and shakers in Westminster and never miss a beat of British politics with a free subscription. Don’t miss out, we’ve got some exciting moves coming. Sign up today.
Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Nothing terabyte-sized on the agenda.

AT THE BOARD LEVEL — A top priority for the Cybersecurity and Infrastructure Security Agency in 2023: cajoling corporations into better safeguarding their networks — including a potential laundry list of what that should include, Maggie reports in a story out this morning.
Companies need to embrace the idea of “corporate cyber responsibility,” CISA chief of staff Kiersten Todt told POLITICO in an interview Friday at the agency’s headquarters in Arlington, Va.
“The innovation of the car was a great asset, and with that though came this responsibility to take care of the car, to make sure it was safe and secure,” Todt said. “Similarly, cyber represents technology, represents innovation that every company benefits from.”
— No orders here: Todt stressed that she’s talking about voluntary actions by companies and said CISA is exploring putting out guidelines to help them do that. That could include CISA creating a “series of best practices” on cybersecurity for boards and senior officials, she said.
“What we’re doing right now is exploring and examining and researching what makes the most sense to be able to put it in a straightforward, accessible way and that is something off of which we can build,” Todt said. She stressed that “this isn’t intended to be ‘thou shalt,’ it’s much more of the ‘we’ve got to work together.’”
Todt said CISA would involve industry in any crafting of guidelines, and that there are no specific deadlines at the moment for the initiative.
— Teamwork makes the dream work: CISA could work with other agencies in prioritizing corporate cybersecurity, such as with the Small Business Administration to help get smaller organizations involved, Todt said. More formally, the Internet Security Alliance and the National Association of Corporate Directors will be jointly involved in the program alongside CISA.
— A silver lining: Companies have been more fixated on cybersecurity after a year in which CISA worked to ensure critical infrastructure groups were alert to potential threats from Russia as part of its “Shields Up” campaign. Todt noted the effort served as a “catalyst” for boards to invest more in cybersecurity, and that industry has made clear to CISA that it doesn’t want to go “shields down,” particularly due to ongoing ransomware attacks that have made cybersecurity a major concern for Americans.
“People now accept this heightened level of vigilance without real fatigue because this is what’s part of what we need to do,” Todt said. “That is an element of this corporate cyber responsibility, and being able to work more collaboratively with industry to help them demystify what we know.”
Read the full story (for Pros!) here.

GOP DRAWS STRAWS FOR HOUSE HOMELAND — An up-and-coming cyber lawmaker is set to lead an influential House committee with jurisdiction over CISA and the nation’s critical infrastructure protection efforts.
Republican Rep. Andrew Garbarino (R-N.Y.) will take the gavel in the House Homeland Security Committee’s subcommittee on Cybersecurity and Infrastructure Protection, Republican leadership announced Friday.
Building a resume — The second-term congressman has been vocal on cybersecurity issues since he entered Congress, sponsoring or co-sponsoring 14 pieces of legislation on the topic.
More aggressive oversight — While in the minority, Garbarino frequently nudged DHS and White House cyber officials to provide more transparency about the administration’s cyber work or to giddy up on congressional priorities.
For example, late last year, Garbarino and Rep. Mike Gallagher (R-Wisc.) pressed the White House to follow through on a new law directing CISA to draft a plan for how the government would maintain “economic continuity” in the event of a massive cyberattack.
GOP depth problems? — None of the other four Republicans named to the subcommittee has a background in cyber policy, and with the exception of Garbarino and Rep. Carlos Giménez (R-Fla.), also a second-term congressman, all are freshmen on Capitol Hill.
Likewise, while Chair Mark Green (R-Tenn.) has cited securing the “cyber border” as one of his top priorities for the committee, neither Green nor vice chair Michael Guest (R-Miss.) has previously been active on cybersecurity issues.

TRANSATLANTIC CYBER COLLAB — The U.S. and European Union are eyeing tighter cooperation on cybersecurity governance, even as both pave the way for new — and likely inconsistent — regulatory regimes.
In a joint statement released late Thursday, DHS and the European Commission’s Directorate-General for Communications Networks, Content and Technology announced the launch of three cyber policy “workstreams” organized around information sharing and crisis response, critical infrastructure protection, and the security of hardware and software.
Next steps — The statement highlighted a number of projects EU and U.S. officials would prioritize ahead of the next EU-U.S. cyber dialogue, expected in the second half of 2023.
Those projects include examining ways to secure civilian space systems, finalizing a “working arrangement” between CISA and its EU equivalent, ENISA, harmonizing incident reporting regimes and developing more robust transatlantic threat sharing programs, among others.
Tough road ahead? — The EU is moving more aggressively than the U.S. when it comes to cyber regulation, raising questions about whether some of those initiatives could quickly run into transatlantic headwinds.
For example, the EU’s newly revised Network and Information Security Directive, or NIS2, designates cloud providers as essential entities, something U.S. lawmakers have thus far avoided. It also sets stricter and more robust incident reporting, corporate governance and vulnerability disclosure rules than equivalents that have gained traction in the U.S.
Hold your horses, MC! — NIS2 will not bear real teeth until a member-state implementation deadline of fall 2024. In the meantime, the White House is gearing up to release its new national cyber strategy, which should help close the transatlantic regulatory gap by calling for tighter oversight of U.S. companies.

Russia blocking access to the State Department’s Rewards for Justice website, hours after it asked for information on the operators of the Hive ransomware group? No, not suspicious at all.

Twitter
— The Atlantic Council has a new blog post out this morning on China’s cyber operations.
— Ukraine blames a notorious Russian hacking group for another disruptive wiper attack. (CyberScoop)
— Russia blocks access to the website of the State Department’s Rewards for Justice program. (The Record)
— Inside TikTok’s plans to address U.S. national security concerns. (CyberScoop)
Chat soon. 
Stay in touch with the whole team: Maggie Miller ([email protected]); John Sakellariadis ([email protected]); and Heidi Vogt ([email protected]).
~~~~~

DOWNLOAD THE POLITICO MOBILE APP: Stay up to speed with the newly updated POLITICO mobile app, featuring timely political news, insights and analysis from the best journalists in the business. The sleek and navigable design offers a convenient way to access POLITICO’s scoops and groundbreaking reporting. Don’t miss out on the app you can rely on for the news you need, reimagined. DOWNLOAD FOR iOS– DOWNLOAD FOR ANDROID.
© 2023 POLITICO LLC

source

Email marketing service provider, Mailchimp, has announced that it suffered a data breach as a result of a social engineering attack on its employees and contractors.
The company has stated that the unauthorized actor was able to gain access to select Mailchimp accounts using employee credentials that were compromised in the attack.
According to Mailchimp, the incident was limited to 133 accounts, and there is no evidence that this compromise affected any other systems or customer data beyond these Mailchimp accounts. The newsletter giant has temporarily suspended account access for Mailchimp accounts where suspicious activity was detected in order to protect user data.
Mailchimp has apologized for the incident and stated that it is working with its users directly to help them reinstate their accounts, answer questions and provide any additional support they need. The company is also continuing its investigation and is providing impacted account holders with timely and accurate information throughout the process.
The company has urged its users to contact ciso@mailchimp.com if they have any questions regarding the incident.
According to Patrick Wragg, cyber-incident response manager at Integrity360, the hack is a reminder that social engineering attacks can be very effective, and it is important for companies to have proper security protocols in place and for employees to be aware of these types of attacks.
"Seeing as phishing emails are still the most successful initial access vector for breaches, the compromise of a company that bases its business around email marketing is bad," Wragg told Infosecurity in an email.
"What perhaps makes this more interesting is that Mailchimp has confirmed it was breached via a phishing/social engineering campaign itself. Employees are your first line of defense against a cyber-attack, and education and awareness are still critical in tackling even basic phishing emails."
The breach comes less than a year after Mailchimp suffered a separate hack in April 2022.

source

Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.

The retail behemoth invited a handful of journalists to its tech offices in Bentonville, Arkansas. The scope of Walmart’s operations speaks to the lengths enterprises must go to remain secure.
BENTONVILLE, Ark. — Walmart wants to be “the world’s most trusted retailer,” Greg Schaffer, a legal executive at the retail giant, said to a handful of journalists seated inside a largely empty hall at the company’s corporate office.
The reporters, Cybersecurity Dive included, sat with our breakfasts — catering that could have fed 50 — to listen to a formal, choreographed fireside chat between Schaffer, the company’s chief counsel for cybersecurity and VP of digital trust compliance, and Jerry Geisler, SVP and CISO, about what trust means at Walmart. 
It was a talk that would have found a home at any technology conference and the first of many held during Walmart’s showcase of its security operations in mid-January. The conversations with more than two dozen members of its security staff and a tour of its facilities illustrated the scope of Walmart’s cyber operations and why it cares so much about security, even if its customers won’t notice. 
“I’m biased — cybersecurity is always top of mind for me, but I know not everybody has that same perspective,” Geisler said in conversation with Schaffer. 
“If it is top of mind for a customer, then I want them to be able to look at what we’re doing and have a high degree of confidence that we are meeting the commitments that we have made to them in terms of how we are going to protect their information,” he said.
If security is not a priority for a customer, Geisler said, Walmart still wants customers to trust it will do what’s right. 
Many businesses don’t make security a priority until it’s too late. Cybersecurity Ventures expects the costs of cybercrime damage to reach $8 trillion this year, up from $6 trillion in 2022, and the World Economic Forum is warning of the potential for global instability following a catastrophic cyber event.
Yet, continued investment in business cybersecurity is not guaranteed as the market navigates a downturn. 
In an era where breaches are the norm and consumers grow apathetic to privacy, an emphasis on security and trust goes underappreciated. Fines imposed by the Federal Trade Commission or the European Union’s data privacy efforts do little to change enterprise treatment of data. Repeat offenders say they are investing in cyber, but additional spending does little to show security cultures can change. 
For Walmart, its seriousness about security is depicted through its scale. Its cyber hubs have a global footprint, allowing Walmart to run security operations 24/7/365 with the help of shift work and time zones (a security operations center in Bangalore, India complements the schedules of U.S.-based security staff, for example). 
Each year, those SOCs process an average of six trillion data points each year — data Walmart internalizes and shares with the broader security community. The company also operates a fully accredited forensics lab to aid data recovery, complete with a clean room, specialized X-ray technology and hot-air soldering. And a tour of one of its data centers, where rule-enforcing staff flanked curious guests, illustrated operational redundancy. 
There’s little room for failure, just failover. 
Walmart does not share information on how much it spends on cybersecurity, nor does it say what percent of its 20,000 Walmart Global Tech employees — responsible for operating the retailer’s foundational technology — work in infosec. A tour of Walmart’s facilities only hints at the scope of its operations, but an up close look close indicates few companies could independently run at such scale. 
Walmart’s cybersecurity is not just a best-in-show example. It may be the exception. 
That’s not to say Walmart’s approach to security is unattainable. Rather, what sets its operation apart is how the retailer has fine-tuned its security focus. In the face of a steady stream of threats, knowing exactly what to prioritize and what can wait is a technique businesses can emulate.
From an outsider’s perspective, Walmart Global Tech facilities offer all the bells and whistles of a world-class security operation without the shiny objects of Silicon Valley perks. On-site, there were no scooters, though a trampoline complete with safety nets stood vacant in the corner of one room.
Badge access points and layers of locked doors offered a clue of where physical security met the digital, despite remote or hybrid work options. 
The retailer is facing the same obstacles as other companies when it comes to talent: the demand far exceeds the supply of cyber workers, a growing gap that now encompasses 3.4 million openings. 
Walmart has a leg up on many organizations in terms of resources. It brought in $572.8 billion in revenue in the fiscal year 2022, and it has a $24.2 billion operating cash flow. But the tenure of its security organization adds a heft of institutional knowledge.
The information security department has well over two decades of history with roots that predate the highest-profile attacks that marked sea changes in industry, whether that’s the 2014 hack on Sony or the 2015 power grid attacks in Ukraine. 
“Our experience has been that because the company started investing in this space over two decades ago that we’ve had the advantage of growing and evolving and maturing programs as the company has grown, evolved and matured and moved into businesses,” Geisler said. 
“That has put us in, I think, the enviable position of having a seat at the table for a long time, to be the trusted partner of our business, and to help guide against missteps,” he said.
Walmart’s security operations have earned it industry clout, and with that comes the ability to attract experienced talent. Pedigrees marking time spent at Google and JPMorgan Chase, alongside other Fortune 100 companies, were sprinkled among its roster of speakers. 
Reputation aside, Walmart’s Live Better U program, which pays 100% of college tuition and books for employees, is aimed at creating a tech talent pipeline, supporting programs in areas including cybersecurity and information technology. 
Retention too, factors into its talent strategy. Inside Walmart’s corporate office, it wasn’t unusual to see years-long tenure with badges proudly declaring time spent in five-year intervals. One expert, Justin Simpson, began his career at Walmart fresh from college more than a decade ago and now serves as a director of data security, with quantum and crypto as part of his purview. 
Top of mind for his work is post-quantum cryptography and making sure Walmart has the right security processes in place in the event that a quantum computer is realized. 
Like Simpson, some experts and specialists at the company are dedicated to the future, no matter how far off it may seem. Others lead identity access management or cloud security. Bots are another specialty, aiding the company’s defense in depth approach to ensure customers can purchase the goods they want. 
On average, in a single month, Walmart can block 8.5 billion malicious bots. 
Far from the generic, harried infosec workers of internet meme fame, each person has a highly specialized role. Every detail of computer engagement — whether corporate staff, store associates or customers — is thought out. Nothing is left to chance or neglect. 
Walmart does not silo its security prowess. It works with external information sharing and analysis centers, sharing intel that relates to threats inside and outside its networks. 
Walmart works in tight unison with its partners in the National Retail Federation, VP and Deputy CISO Rob Duhart said during a lunchtime roundtable discussion. “We win together.” 
NRF and the Retail & Hospitality Information Sharing and Analysis Center strengthened their collaboration earlier this month to better combat malicious cyberattacks and protect customer data. RH-ISAC found the majority of CISOs, 70%, expect their budgets to increase this year. 
Walmart does its “best to continue to partner with our regulatory bodies as well, to make sure that they’re learning from our experience,” Duhart said. 
There’s a layered approach to how it views external networks. Where most organizations refer to it as third-party risk, Walmart’s external party risk encompasses the threats at the fourth, fifth, sixth level and beyond. To each, it offers empirical risk measurements too. 
Working across its security operations and partnerships teams, “we’re able to prioritize how we attack certain risks in the environment,” Russ Buckley, senior director, risk and compliance, said during a roundtable. Beyond labeling something as generically risky, it can use an internal number to help the business quantify where to invest people or budgets. 
“In doing so it allows our business leaders to have an empirical number — not just a guess, not just my favorite friend told me — but they can actually have something they can go and look at and say, ‘This is what we want to do, make that decision,’” Buckley said. “That decision, in turn, supports how we provide all of our services to all of our customers.”
The industry standard common vulnerability scoring system goes through Walmart’s empirical analysis too, which allows the company to determine what risk CVEs could create in its environment. 
That’s where threat intelligence sharing comes into play. Walmart has mechanisms in place to determine what risk a threat really poses. Even if a CVE doesn’t affect its networks, it can externally share how it may impact others in the industry. 
“We contributed a lot to making sure that other people understand the risk as well and maybe why we’re not seeing that risk,” Buckley said. “And we have some influence on other organizations that may change their security posture based on, ‘Hey, Walmart wasn’t affected, but other companies were, maybe we should look at that.’”
It speaks to Walmart’s robust cyber intelligence program. It consumes information from commercial sources, just as many large organizations do, but it also procures its own threat intelligence. 
“We have researchers that are doing things like looking at adversary backend infrastructure, understanding how those threat actors are pivoting,” said Jason O’Dell, VP of security operations, during a roundtable. “Sometimes as a byproduct of that we also see other organizations being targeted by those particular threat actors and we very quickly share that back to the community.”
Household name brand companies see a different attack surface than the average organization, Chris Silva, VP analyst at Gartner, told Cybersecurity Dive in a conversation last year about Walmart’s use of automation in security. “They’re always a bigger target.” 
Brands like Walmart may see threats never before seen in the wild and sharing that intel can give other organizations a chance to respond. 
Walmart has its own security orbit, and the gravity of that extends to the regulatory realm, where the company wants to help set the tone for what customers can come to expect with privacy. 
There’s been a steady march toward privacy legislation at the state level, led by California, though a federal mandate is not in place. Those requirements are “pushing us in a direction that we’re already going,” Schaffer said during the keynote. When those laws come through, “sometimes it’s accelerating a roadmap that we have in place and that’s a good thing.” 
“Our goal, again, to be the most trusted retailer, frankly, because we have some businesses that go beyond retail,” he said. The goal is to become “the most trusted company.” 
It’s a high bar, yet one that Walmart has the resources to clear. In cybersecurity, one wrong move can take a toll on a company’s reputation, but Walmart has the mass to absorb it. Defense is a proactive effort and nothing across its networks is left to chance. 
“We don’t necessarily focus as much on the scale of Walmart, because we’re just used to operating in a big environment,” Geisler said in an interview with Cybersecurity Dive during the last conversation of the day. “It’s just our state of existence.”
Correction: This article has been updated, based on revised information from the company, to reflect that Walmart can block 8.5 billion malicious bots in a single month. Separately, this story was updated to clarify the original source for projected cybercrime costs this year. 
 
Keep up with the story. Subscribe to the Cybersecurity Dive free daily newsletter
Get the free daily newsletter read by industry experts
Want to share a company announcement with your peers?
Get started ➔
The free newsletter covering the top industry headlines

source

Cybercrime is becoming increasingly sophisticated and broader in scope. Phishing attacks may have been around since the dawn of email, but they persist. Those carrying out attacks are searching for the smallest of openings to break into an organizations’ infrastructure to facilitate enormous financial rewards.
Today, 75 percent of cyber attacks originate from email, and attackers are working together to launch joint attacks on large organizations.
Also read: Top 10 hacks and cyber security threats of 2022
Once malware threat actors have used phishing emails to infect organizations’ machines and networks, attacks spread laterally, with access sold to ransomware brokers. According to Verizon’s Data Breach Investigation’s report 2022, web applications and email remain the top two vectors for breaches.
Meanwhile, Cyber Security Hub’s own survey on the top cyber-security trends in 2022 shows that phishing and social engineering attacks are among the greatest threats facing organizations today, with more than 70 percent of respondents citing it as one of their top three cyber-security threats (see Figure 1).
Ransomware groups are conscious to the fact that large corporations are more likely to pay multi-million-dollar ransoms, but national governments cannot rest on their laurels either; in 2021, Cyber Research Labs documented 48 government agencies spanning 21 countries that were affected by ransomware.
Figure 1:
What are the three most dangerous cyber security threats your organization faces today?

Threat actor’s tactics are becoming ever more sinister. When combined with the migration to cloud email access – which comes with its own security implications – it is more important than ever to detect and block malicious actors from compromising businesses data and information via email attacks.
Also read: Five biggest ransomware attacks you need to know about
In this Cyber Security Hub article you will learn where the key vulnerabilities lie for those without sufficient email security, how to successfully detect a security breach before it leads to data loss, information loss and email fraud, and how to block threat actors from carrying out successful attacks. It will delve into today’s best practices and solutions to ensure your email security.
As the ransomware-as-a-service (RaaS) economy matures, ransomware gangs are demonstrating supreme confidence in their debilitating actions.
Recently, Costa Rica’s government was held hostage by the Conti Group, which demanded a US$20m ransom and threatened to overthrow the government if their demands were not met. Other types of attacks using email as a vector include business email compromise (BEC), spam and botnets.
According to a US Federal Bureau of Investigation (FBI) report from May 2022, BEC scams represented a $43bn loss across both international and domestic US organizations between June 2016 and December 2022. During that timeframe the FBI was alerted to more than 240,000 BEC incidents.
Verizon has also noted a 13 percent increase in ransomware breaches in 2022. Despite these facts, email remains an area much ignored by many organizations around the globe.
In terms of the data that is being targeted, during the early phase of an attack, low-level data may be the target. Ultimately, however, groups are looking to steal more sensitive data which influences who they are targeting.
One example lies with human resources (HR), as hackers may pose as job seekers in the hope that HR personnel will open emails and attachments from unknown senders, allowing the ransomware to spread. Attackers then have access to confidential and sensitive company information.
While it is important to implement security measures that are offered by email providers, for example, there are additional tactics you should consider beyond the traditional security stack which we will consider further in this article.
To overcome changing defensive tactics, attackers will always look for new avenues in which to exhibit their criminal abilities. One such method, telephone-oriented attack delivery (TOAD), does not have a payload but uses a phone number that when called, a bad actor will answer and direct their victim to manually download malicious content, thus infecting their computer with ransomware.
As the challenges change, organizations need to treat the playing field as if it will never be fair to them. By adding layers to their security strategies, however, they stand a good chance of deterring ransomware gangs.
There is no silver bullet for the challenge, however, with email compromises growing exponentially due to ever more sophisticated methods and automation that goes beyond scanning, blocking and identifying bad actors sending messages.
Adding layers such as DMARC email authentication to have a better chance of stopping email fraud or BEC in its tracks, implementing isolation training for at-risk users that aligns with their email risk, or isolation of URLs clicked on from email. Other methods include mSOAR – the automatic remediation of malicious messages post-delivery; abuse mailbox automation; and enhanced data protection such as email DLP and encryption.
Also read: Top 5 recent cyber attacks you should know about
Everyone within a company, from interns to the CEO, are prime targets for threat actors seeking access to deploy ransomware. Even gaining access to a small foothold in a business using a compromised employee account can have devastating consequences. Malicious actors can move laterally, escalating the priviledges they have access to until they have the ability to take over a company’s entire enterprise network.
A comprehensive email security strategy can easily be implemented, but it will require employees to use strong passwords and utilize email encryption for both email content and attachments. Security best practices for BYOD should also be employed by companies that allow their employees access to corporate email on personal devices.
To protect employees against advanced threats, organizations should use malware sandbox analysis inline and to not forward emails until they have been checked. Companies should also implement software to scan incoming communications and block those that contain malicious software.
When an email account is compromised it has the potential to cause a huge amount of damage in potential data loss or attacks launched from a compromised email account to other internal or third-party users. In these cases, having a cloud access security broker (CASB) solution can help identify and remediate potentially suspicious logins.
Organizations can also benefit from joint integration with identity access management vendors to automatically reset passwords in cases where credentials have been potentially compromised. Proofpoint’s experts recommend enforcing stricter authentication for users who receive targeted attacks.
Firms can additionally implement a data protection solution to identify sensitive data and prevent it from being lost via email. This is because malware developers are leasing out their skills to affiliates who use turn-key solutions to infect victims. In turn, it is becoming easier and more profitable for less-skilled criminals to seize enterprise networks with military-grade encryption and demand millions for the key to the files.
A crucial part of defense against malware are secure backups, as threat actors may attempt to poison or delete backups during their operations.
With multi-layered intrusions the new normal, organizations should always assume all systems are important enough to be patched, protected and monitored.
Organizations need to achieve stronger visibility of the ransomware threats they face, but also ensure their workforces are alert to the risks they are exposed to through education, support and network protections.
By understanding ransomware risk and details organizations will be able to effectively shift their approach and prevent an attack from happening.
The solutions exist and selecting the right partners helps organizations maintain their focus on their own goals and aims. Solutions such as Proofpoint’s TAP Dashboard help organizations to understand their security postures within their industries, who within their organizations is being specifically targeted, and with what type of malware threats.
Most threat actors are motivated by financial reward, so protecting data and ensuring staff are educated should never be up for debate. Organizations should focus on behaviour rather than artifacts to have a stronger defence against ever-evolving threats.
Finally, a people-centric approach to ransomware may not be typical, but it is necessary given the risks. While endpoints and other technology can help stop ransomware after activated, it is always easier to stop attacks before they start.
Read the full report here
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC

Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!
Already an IQPC Community Member?
Sign in Here or Forgot Password
Sign up now and get FREE access to our extensive library of reports, infographics, whitepapers, webinars and online events from the world’s foremost thought leaders.
We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

source

To enjoy additional benefits
CONNECT WITH US
January 23, 2023 05:57 am | Updated 12:21 pm IST – CHENNAI
COMMents
SHARE
READ LATER
State Cyber Command Centre at Chennai

Taking into account the increasing trend of cybercrimes and to render quick redressal to the aggrieved, the State Cyber Crime Wing is in the process of outsourcing its call centre operations since it receives more than 500 calls per day.
Additional Director General of Police (ADGP) Cyber Crime, Sanjay Kumar told The Hindu, “We have a dedicated toll-free helpline number 1930 to render quick redressal for a common man who loses his money to cyber fraudsters or faces any other crime. This number is handled by our trained staff working round the clock in our dedicated control room at the Cyber Crime Wing Headquarters.
We receive 500 to 550 calls daily and 40-50 calls are about financial fraud. If all details are provided by the complainant on time either through the toll free number or National Cyber Crime Reporting Portal- www.cybercrime.gov.in, we can retrieve the money back to the victim at the earliest.”
The State Cyber Crime’s call centre received 78, 191 calls from April 7, 2021 to November 30, 2022. Over 45,000 of them were registered under the community service register and 2051 were reduced in FIR.
“Every month the number of complaints are increasing. Since we are receiving more than 500 calls daily, we are in the process of call centre operations. We will have separate teams for liaison with banks and other follow-up.
We will be assigning teams with specific jobs so that affected petitioners can get quick redressal. The investigation into major financial crimes will be handled by our officers,” Mr. Sanjay Kumar while adding that the model of other states was studied.
The State Cyber Crime Wing is also in the process of setting up regional cyber labs at five places including Chennai, Coimbatore, Tiruchi and Madurai and latest tools will be procured to these labs at the cost of Rs. 23 crore.
Superintendent of Police, Cyber Arangam, K.Stalin said, “ We have a dedicated centre called Cyber Arangam which helms our outreach activities to build awareness regarding cyber security. Officers of the Cyber Crime Wing are visiting schools and colleges to propagate the message of safe cyber practices, we conduct hackathons for college students, and we also have a presence on Facebook, Twitter and Instagram.” EOM
COMMents
SHARE
Chennai / Tamil Nadu / cyber crime
BACK TO TOP
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.

source

There’s mounting evidence that the AI chatbot could be a powerful tool both for hackers and for cyber defenders.
History reveals to us that advanced technology, even when it’s developed with the best of intentions, will inevitably end up being used in ways that cause harm. AI is certainly no exception. But with OpenAI’s ChatGPT, both the positive and negative uses of the technology seem to have been taken up a notch. And when it comes to cybersecurity, there’s now mounting evidence that the AI-powered chatbot could be a powerful tool both for hackers and cyber defenders.
ChatGPT — a virtual research and writing assistant that, at least for now, is free to use — is an amazingly helpful tool. Its knowledge is basically limitless, its ability to boil down complex subjects is superb and, oh yeah, it’s fast. But the fact that it can write programming code upon request is where many concerns about possible harms are arising.
For those intent on using the tool to write malware code for deployment in cyberattacks, “ChatGPT lowers the barrier to entry for threat actors with limited programming abilities or technical skills,” researchers from threat intelligence firm Recorded Future said in a report Thursday. “It can produce effective results with just an elementary level of understanding in the fundamentals of cybersecurity and computer science.”
[Related: ChatGPT Malware Shows It’s Time To Get ‘More Serious’ About Security]
Of course, ChatGPT has its positive uses too, including in the cybersecurity realm. Researchers at Accenture Security have been trying out ChatGPT’s capabilities for automating some of the work involved in cyber defense. The initial findings around using the AI-powered chatbot in this way are promising, according to Robert Boyce, Accenture’s global lead for cyber resilience services. It’s clear that the tool “helps reduce the barrier to entry with getting into the defensive side as well,” he told CRN.
OpenAI, which is also behind the DALL-E 2 image generator, and whose backers include Microsoft, first introduced ChatGPT in late November. This week, Microsoft said it’s making a new “multiyear, multibillion dollar investment” into OpenAI, which the New York Times confirmed as amounting to $10 billion. Microsoft had previously invested more than $3 billion into OpenAI starting in 2019, and OpenAI uses Microsoft Azure for its cloud infrastructure.
What follows are the details we’ve assembled on five big pros and cons of ChatGPT for cybersecurity.
Kyle Alspach is a Senior Editor at CRN focused on cybersecurity. His coverage spans news, analysis and deep dives on the cybersecurity industry, with a focus on fast-growing segments such as cloud security, application security and identity security.  He can be reached at kalspach@thechannelcompany.com.

source

The threat of MSPs and their clients being targeted in attacks involving remote management software continues to be a major issue, CISA says in the warning.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that the malicious use of remote management tools continues to pose a major threat, pointing to a “widespread” cyberattack campaign from last fall that employed legitimate remote monitoring and management (RMM) software.
In May 2022, cybersecurity firms including ThreatLocker and Blackpoint Cyber reported observing that malicious actors were using remote management tools as part of cyberattacks including ransomware. That same month, international and U.S. cybersecurity authorities said they were aware of reports showing an increase in cyberattacks targeting managed service providers, and warned that stepped-up attacks on MSPs could be expected.
[Related: Free Trials Of RMMs Are Being Used By Bad Actors: Blackpoint Cyber CEO]
This week, CISA renewed the warning about the threat that MSPs are facing from cyberattacks targeting them and their customers.
“Threat actors often target legitimate users of RMM software” such as MSPs and IT help desks, CISA said in the alert posted on its website. “These threat actors can exploit trust relationships in MSP networks and gain access to a large number of the victim MSP‘s customers.”
Ultimately, “MSP compromises can introduce significant risk—such as ransomware and cyber espionage—to the MSP’s customers,” CISA said.
CISA disclosed that it has identified a “widespread cyber campaign involving the malicious use of legitimate RMM software” that took place last October. As part of the campaign, cybercriminals sent out phishing emails with the goal of getting users to download legitimate RMM software, leading to the theft of funds from the users’ bank accounts.
CISA identified ScreenConnect (now known as ConnectWise Control) and AnyDesk as the RMM tools used in the attacks, though “threat actors can maliciously leverage any legitimate RMM software,” the agency noted.
In a statement provided to CRN, ConnectWise said that, “Unfortunately, software products intended for good use, including remote control tools, can be frequently used by bad actors for malicious purposes. As a company, we strive to be proactive and work diligently to prevent this from happening through training and education as well as the use of comprehensive security tools to detect harmful behavior.”
Upon being “alerted of this behavior, ConnectWise regularly issues take-down requests to remove malicious sites and domains,” the company said in the statement.
CRN has reached out to AnyDesk for comment.
The use of RMM tools offers several advantages to attackers, including saving the attackers from having to create custom malware, as well as having the ability to bypass administrative requirements and software control policies when downloaded as a self-contained executable. RMM tools usually don’t end up getting blocked by anti-malware or antivirus products, either.
With the latest report from CISA, it’s clear that using RMM tools in cyberattacks is a top priority for many threat actors, said Ryan Loughran, help desk manager at New York-based managed IT services firm KJ Technology. Given the fact that such attacks can have severe consequences for both MSPs and their customers, it’s a threat that deserves more attention, Loughran said.
Many small and medium-sized businesses, in particular, don’t think about the potential for being targeted with this type of attack, he said. “It really is a topic that isn’t spoken about enough,” Loughran told CRN.
For that reason, security awareness training for all sizes of business is essential, said Paco Lebron, founder and CEO of ProdigyTeks, a Chicago-based MSP. Lebron has made it a requirement for his customers to participate in awareness training programs, in fact, which emphasizes the risks posed by phishing and social engineering attacks, and the need to avoid downloading unknown software.
“If they’re not going to do security awareness training, they’ll need to find someone else” to be their MSP, Lebron told CRN. “It starts with education.”
The bottom line is that more MSPs need to start viewing themselves as critical infrastructure, according to Robby Hill, CEO of HillSouth, a Florence, S.C.-based MSP. “Protecting MSPs is vital” on a national level, Hill said.
Importantly, there are resources available to assist MSPs, such as joining a cybersecurity task force — local, state or national — which can provide access to best practices and intelligence briefings on where these types of threats are headed, he said.
In October 2021, Microsoft said that the Russia-aligned hackers who were behind the SolarWinds breach had targeted more than 140 IT resellers and service providers in the prior months, and compromised as many as 14. The hackers sought to piggyback on the direct access resellers have to their customers’ IT systems and impersonate them to gain access to their downstream customers, a Microsoft executive said at the time.
Kyle Alspach is a Senior Editor at CRN focused on cybersecurity. His coverage spans news, analysis and deep dives on the cybersecurity industry, with a focus on fast-growing segments such as cloud security, application security and identity security.  He can be reached at kalspach@thechannelcompany.com.

source