Category: Uncategorized

Welcome to Cyber Security Today. This is the Week in Review podcast for the week ending Friday, March 3rd, 2023. From Toronto, I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

In a few minutes University of Calgary professor Tom Keenan will be here to discuss the security implications of artificial intelligence and ChatGPT. But first a look at some of the headlines from the past seven days:
The White House issued a new National Cybersecurity Strategy that calls on IT companies and providers to take more responsibility for poorly-written applications and poorly secured services. If Congress agrees some critical infrastructure providers will face mandatory minimum cybersecurity obligations.
Password management provider LastPass has admitted that part of last August’s breach of security controls included hackers compromising the home computer of one of the company’s developers, leading to a second data theft.
Canada’s Indigo Books isn’t the only book retailer that’s been hit recently with a cyber attack. In a brief statement filed with the London Stock Exchange, Britain’s WH Smith said it suffered a cybersecurity incident that resulted in access to current and former employee data. Indigo was hit by ransomware, with employee data being stolen by the LockBit gang.
Police in Holland have now acknowledged arresting three men in January on allegations of computer theft, extortion and money laundering. Police believe thousands of companies in several countries were victims of the gang. It is alleged they stole a huge amount of personal information including dates of birth, citizen service numbers, passport numbers and bank account numbers. One of the alleged attackers worked at the Dutch Institute for Vulnerability Disclosure.
GitHub’s secrets scanning service can now be formally used by developers to screen many public code repositories. Until now it’s been a beta service. The secrets it searches for are things like account passwords and authentication tokens that developers add to their code repositories and forget to delete. GitHub secrets scanning works with more than 100 service providers in the GitHub partner program.
Poorly-protected deployments of Redis servers are being hit with a new cryptojacking campaign. Researchers at Cado Security say Redis can be forced to save a database file that is used for executing commands. One is to download a crypto miner. Make sure your Redis servers are locked down.
And the websites of nine hospitals in Denmark went offline last weekend following distributed denial-of-service (DDoS) attacks from a group calling itself Anonymous Sudan. According to the cybersecurity news site The Record, Anonymous Sudan claimed on the Telegram messaging service the attacks were “due to Quran burnings,” a reference to an incident in Stockholm in which the holy book was set alight in front of the Turkish embassy by a man. Hospital operations weren’t affected.
(The following transcript has been edited for clarity and length. To hear the full conversation play the podcast)
Howard: Tom taught what is believed to have been the first university course in computer security in 1974. That’s when only governments, banks, insurance companies and airlines had computers. He’s the author of a book on privacy and capitalism called Technocreep. An adjunct professor in computer science at the University Of Calgary he’s also affiliated with the university’s school of architecture where he keeps an eye on technology and smart communities and Professor Keenan is also a fellow of the Canadian Global Affairs Institute l
Last month he testified before the House of Commons defense committee looking into cyber security and cyber warfare where he spoke on artificial intelligence and ChatGPT, and that’s why he’s my guest here this week.
You worry about the dark side of artificial intelligence. Why?
Tom Keenan: I always worry when everybody loves something, and since last November everybody’s been into ChatGPT … That’s the problem: We haven’t really been very critical about it. Many years ago I was teaching high school students to write neural networks, and I gave them a project: Come up with something good. Of course, being teenagers they wanted to get hands-on with each other so they decided to measure each other’s bodies. They found out that the hip-to-waist ratio is a good predictor of whether you’re male or female. At the end of the program they had kind of a science fair and they showed this program off, measuring members of the public. This rather portly gentleman who was from one of the sponsoring companies came by and said, ‘What am I.” And they said, ‘Sir with 84 per cent certainty you’re female.’ I love that because that shows what AI is: Ai is a game of guessing and probability. I go to ChatGPT and it tells me things like it’s a fact.
I’m working with a lawyer as an expert witness. I told ChatGPT to give me a legal precedent.
And it gave me a Supreme Court of Canada judgment that doesn’t exist. It made it up to cover its tracks. We have a piece of technology that can lie that can be fed bad information and they can’t explain it and that pretends it’s right all the time. That’s a recipe for disaster.
Howard: You told parliamentarians there are three things about AI that bother you.
Tom: One of them is this illusion of certainty. They’ll fall in love with it, they’ll start using it for all kinds of things and not think about the consequences. ChatGPT. Is trained on a wide variety of sources. But the version that’s available to the public now only knows about things through to 2021 … Also, the training data can be biased, as we found with facial recognition. It can favour certain groups. And AI could even be actively poisoned. Somebody who wanted to mislead AI could feed it a lot of bad information and it would spit back bad results.
The second thing is the lack of ethics. Six years ago Microsoft infamously created a bot called Tay that conversed with the public. After a while it was spouting Nazi ideas, foul language. It referred to feminism as a cult. Microsoft lifted the cover to see how this all happened and realized it was just learning from the people who interacted with it. The people who had time to sit around talking to Tay had these kinds of ideas and it just picked up on them. So there’s no ethical oversight for AI.
And the third thing would be the whole idea of consciously doing malicious things to the AI. There’s a woman for years has been trying to rewrite the Wikipedia entry on the Nazis to paint them in a more favorable light. And you may remember in 2003 a whole bunch of Democratic supporters [went online and] linked the phrase ‘miserable failure’ to the [online] Presidential biography of George W Bush, so when you Googled ‘miserable failure’ his picture came up. Twenty years later who knows what they could do to mislead AI?
Howard: You think intelligence agencies right now are busy trying to poison the wells of open-source data.
Tom: Absolutely. First of all most of the really interesting stuff in [government] intelligence is not open source. So if you train the thing on stuff that’s in the New York Times, that you can get from Google, that’s on people’s web pages, you’re only seeing a little fraction of it. The really good stuff is within the [government] secret or a top-secret area. So the first thing that the national defense people would have to do [to protect government AI systems] is creating a kind of private version, almost like an intranet, that didn’t rely on the public data. And then of course agencies are trying to do disinformation regardless of AI, they’re always [publicly] putting out falsehoods. There’s no way to stop it. The [public] database [of all the information on the internet] is going to be poisoned by disinformation. So we better not rely on it.
Howard: ChatGPT differs from other browser search engines in that rather than returning a list of links to information and websites it can create a conversation. It can create a readable document. You’ve said that your big objection to ChatGPT is that it makes answers look very authoritative when it’s really making things up out of nowhere.
Tom: I’ll give you an example and I read it to the Standing Committee on National Defence. I asked ChatGPT to write me a poem about the committee …. ‘The standing committee on national defense/ within the House of Commons its power immense/ so they were all smiling. A place where decisions are made with care/ for the safety and security of all to share/ with members from every party they convene/ to review and assess and to make things clean.’ What does that even mean ‘to make things clean?’ I don’t know. ChatGPT is not going to tell us. Here we have something that’s patently nonsense coming out of ChatGPT.
Howard: What could threat actors do with ChatGPT? Or, what are they doing right now?
Tom: If we have an emergency of some sort that might be the first place people [threat actors] go. The power failed in my house. The bad guys might [send a message] like ‘Send one ten-thousandth of a bitcoin to this address and your power will come back on.’ It’s not that farfetched. I learned at the Defcon hacker conference how to hack the Nest thermostat a few years ago. You had to have hands-on access to update its firmware, but there are stories of people actually holding people’s houses for ransom by taking over their thermostats. So one of the big things to worry about is the internet-of-things. All these connected devices. Something might go horribly wrong and we might be relying on AI to fix it, when the AI is actually being led down the dark path to break it or make it even worse or to break all the safeguards.
Howard: What could a military do with ChatchGPT?
Tom: The military could certainly find out things that are public through open source information. I am able to track Vladimir Putin’s aircraft. It turns out he has quite a number of them. He’s a bit of an aircraft collector. He also has yachts. Because they have transponders I have been able to go on tracking sites. In fact, there’s a fellow who has a bot up on Twitter to track Putin’s movements and his oligarchs … And we have so much data. AI could be used to filter it [the public internet] to show the things that are really important [to them].
Howard: ChatGPT is new. I imagine that in the early years of computer spelling and grammar checkers and they made a lot of mistakes.
Tom: Definitely, and as the database gets better it will get better …
Howard: But I don’t think you’re arguing that we should make artificial intelligence applications unlawful.
Tom: No. But Ronald Reagan once said, ‘Trust but verify.’ So my slogan now is ‘Consult but verify.’ When my students write a long paper I say, ‘You want to use ChatGPT or Wikipedia or anything, that’s fine. What you’re not allowed to do is quote from it. First of all because Wikipedia can be misled. People can edit the entry. After a bit of time it gets corrected. But you might just be the one who picked it up while it was wrong. And with ChatGPT you don’t know where it’s getting its data from. At least Wikipedia gives you usually references that you can go check. So what I tell my students is you can use it and consult it, but don’t trust it. Don’t absolutely use it as your [only] source.
Howard: As part of new Canadian privacy legislation now before the House of Commons the government has proposed legislation to oversee the use of artificial intelligence applications that could cause harm or result in bias. It’s formally called the Artificial Intelligence and Data Act, or AIDA. Businesses that deploy what the law says are high-impact AI technologies would have to use them responsibly. There’d be clear criminal prohibitions and penalties regarding the use of data obtained unlawfully for AI development or where the reckless deployment of AI poses serious harm. What do you think about this legislation?
Tom: It’s terrible. They have my sympathy. I was involved in 1984 in writing Canada’s first computer crime law and we discussed things that were quite interesting, like what if somebody steals my data? Well, look up in the criminal code. What is ‘to steal?’ Well, it’s to deprive someone of their valuable property. If I take your data you may not even know I’ve got it. But you haven’t lost use of it. So we had to do some pretty fancy footwork [in drafting the law]. And that was 1984, to write something as simple as crimes like unauthorized use of computer, misuse of computer and so on. Now it’s so much more complicated.
I looked at C-27, and for starters, it talks about anonymized data. It makes a big thing about how you have to anonymize data if it’s in a high-impact system and say how you did it. But there are plenty of researchers who have shown it’s pretty easy to de-anonymize data if you have three, four, or five data points on somebody. You can go back to figure out who it is. Likewise, they talk about the person responsible. I make my students do an exercise where they do facial analysis. Most of the software programs that they use come from Moldova and places like that. I don’t want them to send their own photograph to be facially analyzed. So I let them send my face — and it comes back with interesting comments me.
The point is that this [proposed] law will only really help in Canada, but so much of the action is international it’s really going to be a drop in the bucket. It might keep you Tellus or Shaw or some company like that from doing something untoward. But it’s really going to be touching just the tip of the iceberg and maybe give us a false sense of security.
Howard: What should information security leaders be telling their CEOs about artificial intelligence and ChatGPT?
Tom: It’s going to be a great thing. It’s probably not going to take your job. It is true that ChatGPT can write code. I’ve experimented with it and you know it writes pretty decent code if you give it good enough specifications. If you’re a low-level coder it might take your job. But if you’re somebody who understands the business and the higher-level goals you’ll probably still have a job. So once we’ve reassured people that they’re not going to be replaced by a robot tomorrow then the question is can they use it? I have a friend who is the chief medical officer of a health clinic and I asked if radiologists be replaced by artificial intelligence. He said, no but radiologists who don’t use AiI will be replaced because it’s going to be a vital tool. There are tumors that are too small for the human eye to see. That’s something AI can pick up on. The future is actually rosey in terms of being able to use AI well. The problem is, like everything, there are going to be people who want to exploit it for bad purposes. We are already seeing malware being written phishing attacks, in romance scams trying to get money out of people. It’s going to do a lot of good. It’s going to do a lot of bad. It’s going to be our job to figure out which is which.
©
IT World Canada. All Rights Reserved.

source

Malware is a fast-growing, ever-evolving threat to cyber security. In the first six months of 2022, over 2.8 billion malware attacks were reported worldwide. Beyond risks to their network, malware like ransomware can have real, monetary costs for businesses. In 2021, damages of ransomware alone cost US$20bn. This was a 6054 percent increase on the global cost of ransomware in 2015, which was $325mn. This is only predicted to increase, with the damages of ransomware forecasted to reach US$250bn by 2031.
The term ‘malware’ is an abbreviation of ‘malicious software’ and, according to the UK National Cyber Security Center (NCSC), “includes viruses, trojans, worms or any code or content that can damage computer systems, networks or devices”.
As the definition of malware is very broad, this article dives into the various different types of malware exploring what these types of malware do, the effect they can have on a network and how they can be mitigated or prevented. 
Named for the mythical ‘trojan horse’ the Greeks used to enter the city of Troy, trojan malware is malware that masquerades as a safe or innocuous file. Once the file is downloaded, it will then start to execute malicious actions on the endpoint it is downloaded onto.
Trojan malware is used by hackers to steal victim’s bank information and eventually their money. This disruptive threat vector is on the rise, with Kapersky Software reporting that it blocked the launch of at least one type of banking malware on the devices of almost 100,000 (99,989) unique users. 
Banking trojans can be spread a number of ways, including via phishing links, posing as useful programs (e.g. a multi-use bank management app) or even as apps for the bank themselves.
Once these programs are downloaded by the victim, the hackers are able to run malicious programs on the victim’s device. In some cases, this will allow them to harvest the login information used for their bank account, giving them access to it. In others, it will allow them to steal bank card information via false data collection tables, asking the user to add their card details to a Google Pay account, for example. In more extreme cases, the malware penetrates the device’s network and turns on administrative access, giving hackers complete control over the device.
If hackers gain control of a device, they can read, reroute and delete text messages or calls, meaning that even if the victim has multi-factor authentication (MFA) set up, the hackers can access the one-time passcodes (OTPs) needed to bypass this security strategy. Hackers can then steal data and money from their victims without them being alerted until it is too late. 
As the actions performed by the hackers come from the victim’s device and will pass all security measure, they will seem legitimate. This means that banks may not flag some or all of the transactions made by the malicious actors as suspicious behavior. Even if the bank notices the unusual activity and attempts to alert the victim, the malware allows the malicious actor to reroute any calls or texts from the bank, and the victim will remain unaware until they next check their bank balance.
Emotet is a trojan banking malware so prevalent and dangerous that the US Cyber Security and Infrastructure Security Agency (CISA), the US Department of Homeland Security (DHS) National Cybersecurity and the US National Communications Integration Center (NCCIC) released a group technical alert regarding it on July 20, 2018.  
The alert warns that Emotet is one of the “most costly and destructive malware affecting [state, local, tribal, and territorial] SLTT governments” due to its ability to rapidly spread throughout networks. Emotet is launched “when a user opens or clicks the malicious download link, PDF or macro-enabled Microsoft Word document” and once in a network, it will download and spread multiple banking trojans. The alert notes that Emotet infections have cost SLTT governments up to US$1mn per infection to mitigate.
Cyber security expert and Cyber Security Hub contributor Alex Vakulov notes that the nature of trojan malware makes it difficult to remove once a device has been infected. In some cases, the only way to prevent it is to return a device to factory settings. For trojan malware, prevention is key.
“The proliferation of mobile devices has spawned a thriving underground industry for creating banking Trojans,” Vakulov explains. “This has led to a sharp increase in the number of banking Trojans and the likelihood of infection.”
Vakulov says that it is not uncommon for users to download malware from official sources such as Google Play, due to the app-checking technology not being completely foolproof. 
“While mobile security solutions can detect unauthorized app activity, it is the personal decision of each user to install a particular software on their phone,” he adds. 
To prevent trojan malware infections, users should remain vigilant by checking the validity of communications and their senders before clicking any links or downloading any attachments. The use of secure file transfer solutions can act as a preventive measure by ensuring that only files sent using trusted software are opened.
Worm malware is a type of malicious program that can self-replicate with the aim of spreading to more devices. Unlike other forms of malware, worms do not need any human or host program to run, meaning it can execute its programming itself once downloaded onto a device.
Worm malware, like many software-based threat vectors, primarily infects devices via the use of infected links and files. Social engineering is often employed to entice victims into clicking links or downloading files. This means the links may be hosted on malicious websites posing as legitimate ones, or may be sent as part of a phishing campaign, where the worm is disguised as a legitimate file type.
By itself, a worm can impact devices in a number of ways, including taking up disk space and even deleting files in order to make more copies of itself. If the worm is equipped with a payload, this can allow the malicious actors to inflict even more damage. 
Cyber security and technology journalist Dave Johnson explained to Business Insider that payloads can allow hackers to “open a backdoor to the PC for hackers or to implant additional malware to steal sensitive information like usernames and passwords, or to use the computer as part of a distributed denial-of-service (DDoS) attack”.
Ransomware worms combine the self-replicating nature of worms with the destructive potential of ransomware.
WannaCry was a worm-based ransomware attack that took place in May 2017. It specifically targeted computers with a Microsoft Windows operating system by utilizing a flaw that meant the system could be tricked into executing code. While a patch for this flaw was developed, many of the victims of the attack did not update their devices’ software as they were unaware of its importance, meaning they were still vulnerable to the attack.
Once on a device, WannaCry encrypted the device’s data and demanded a Bitcoin payment be made to unencrypt its data. It also attempted to spread both laterally across the device’s network and to random devices via the internet. 

 
An example of the ransom note left by WannaCry. Source: Wikimedia Commons
The European Union Agency for Law Enforcement Cooperation (Europol) estimated that the attack spread across 150 countries and affected more than 300,000 computers. Among those affected by the attack were National Health Service hospitals in England and Scotland, where WannaCry affected up 70,000 devices including computers, theatre equipment, MRI scanners and blood-storage refrigerators. Other victims included government agencies, police departments, medical facilities, telecommunications companies and universities across the world.
Multiple cyber security researchers and organizations launched investigations into WannaCry in an attempt to stop the attack and prevent any further harm. This led to the discovery of a kill switch within its code by British researcher Marcus Hutchins. By registering a web domain for a DNS sinkhole he found in its code, Hutchins was able to stop the attack’s spread. This was because the ransomware was only able to encrypt a device’s files if it could not connect to that domain.
Other solutions were also discovered, including researchers from Boston University and University College London who found that the ransomware could be stopped by recovering the keys used to encrypt the data by using a software system called PayBreak. 
The potential losses from the attack were estimated to reach up to $4bn by cyber risk modelling firm Cyence.
Raspberry Robin was originally discovered by cyber security company Red Canary in September 2021 after noticing and tracking a cluster of activity caused by the worm.
Raspberry Robin is installed on computers via a compromised USB, which then introduces the worm to the computer’s system. The worm then goes on to read and execute a malicious file stored on a USB drive, which, if successful, downloads, installs and executes a malicious dynamic-link library file (.dll). Finally, the worm repeatedly attempts to execute outbound connections, typically to The Onion Routing (TOR) nodes. TOR nodes can conceal a user’s location from the connection destination.
Red Canary reported that it had seen Raspberry Robin activity in organizations linked to the manufacturing and technology sectors, although the company noted that it was unclear as to whether there was any connection between the companies affected by the malware. 
Discussing the purpose of the Raspberry Robin worm when it was first discovered, Red Canary admitted that it was unsure “how or where Raspberry Robin infects external drives to perpetuate its activity”, although the company suggested that this “occurs offline or otherwise outside of our visibility”.
The organization also said that its “biggest question concerns the operators’ objectives”. This uncertainty is due to a lack of information on later-stage activity, meaning Red Canary are unable to “make inferences on the goal or goals of these campaigns”. The company did say, however, that it hoped the information uncovered on Raspberry Robin will help in wider efforts when detecting and tracking Raspberry Robin activity.
In August 2022, the Raspberry Robin worm was linked by Microsoft to attacks executed by Russian-based hacking group EvilCorp. Researchers tracking activity by EvilCorp discovered that “FakeUpdates malware [was] being delivered via existing Raspberry Robin infections”. 
FakeUpdates malware is a malvertising access broker, a social engineering-based threat vector that poses as a safe link that tricks victims into clicking on it. In the case of FakeUpdates, it poses as a software or browser update. When clicked on, a JavaScript file stored inside a Zip file is downloaded, executed and run on the victim’s computer. This allows bad actors to gain access to a victim’s profile networks.
As worm malware relies on spreading to devices across a network, if a worm is discovered, the infected device should be taken off the network.
As seen in the WannaCry attack, it is important to update your device’s software regularly to make sure it is patched against any vulnerabilities.  
Other general anti-malware security strategies should also be employed, including having antivirus and antimalware software downloaded. Likewise, any links or files received via email should be carefully considered before opening to avoid worm malware getting onto the device in the first place.
Research by threat intelligence company Check Point Research has found malicious actors are using OpenAI’s ChatGPT to build malware, dark web sites and other tools to enact cyber attacks. 
While the artificial intelligence (AI)-powered chatbot has put restrictions on its use, including using it to create malware, posts on a dark web hacking forum have revealed that it can still be used to do so. One user alludes to this by saying that “there’s still work around”, while another said “the key to getting it to create what you want is by specifying what the program should do and what steps should be taken, consider it like writing pseudo-code for your comp[uter] sci[ence] class”.  

Screenshot provided by Check Point Research
Using this method, the user said they had been able to create a “python file stealer that searches for common file types” that can self-delete after the files are uploaded or if any errors occur while the program is running, “therefore removing any evidence”.
While new technology can be used to develop more sophisticated threats, it can also be used in defense against them. Johnathan Jackson, director of sales engineering APJ at BlackBerry Cybersecurity, notes AI has the potential to be both a boon and a curse when it comes to malware. 
 
“One of the key advantages of using AI in cyber security is its ability to analyze vast amounts of data in real time,” Jackson remarks. “As cyber attacks become more severe and sophisticated, and threat actors evolve their tactics, techniques, and procedures (TTP), traditional security measures become obsolete. AI can learn from previous attacks and adapt its defenses, making it more resilient against future threats.”
Jackson notes that AI can also be used to mitigate advanced persistent threats (APTs), which can be highly targeted and often difficult to detect. This allows organizations to identify threats before they cause significant damage. 
Another benefit of AI in cyber security recognized by Jackson is its use to automate repetitive tasks like those in security management. This frees up cyber security professionals to focus more on strategic tasks such as threat hunting and incident response. 

With more than 140,000 members, Cyber Security Hub is the vibrant community connecting cyber security professionals around the world.
Join Now
15 March, 2023
Online
15 March, 2023
Online
March 21, 2023
Free CS Hub Online Event
22 March, 2023

05 April, 2023
Online
12 April, 2023
Online
Insights from the world’s foremost thought leaders delivered to your inbox.
2023-04-20
10:00 AM – 11:00 AM EST
2023-04-12
10:00 AM – 11:00 AM EST
2023-04-05
10:00 AM – 11:00 AM SGT
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC

Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!
Already an IQPC Community Member?
Sign in Here or Forgot Password
Sign up now and get FREE access to our extensive library of reports, infographics, whitepapers, webinars and online events from the world’s foremost thought leaders.
We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

source

Bootkit can compromise Windows 11, a hacked container found and more.
Welcome to Cyber Security Today. It’s Friday, March 3rd, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

A bootkit being sold to crooks can bypass and corrupt a fully-patched Windows 11 system, say researchers at ESET. Called BlackLotus, it can get around the firmware-based Secure Boot operating system security protection. It exploits a year-old vulnerability that was fixed by Microsoft in its January 2022 Windows update. The problem is exploitation is still possible because the validly signed binaries in the bootkit haven’t been added to what’s called the UEFI revocation list. Once launched this bootkit will disable Windows’ security mechanisms such as Defender and BitLocker. While this bootkit has been sold on underground forums for at least the last four months it seems few threat actors have started using it — so far. ESET urges the UEFI Forum to update its revocation list.
Separately ESET warned that a new custom backdoor is being deployed by what is believed to be a China-aligned group it calls Mustang Panda. It’s a bare-bones backdoor that allows the attacker to execute commands. It uses the MQTT protocol for communications.
Containerized virtual environments with everything an application needs to run are efficient. But they are still vulnerable to cyber-attacks. The latest example was discovered by researchers at Sysdig. They found a containerized workload that was hacked, then leveraged to perform a privilege escalation into an AWS account to steal the victim company’s proprietary software and credentials. It started with the attacker exploiting an internet-facing service in a self-managed Kubernetes cluster hosted inside an AWS cloud account. They got an employee’s temporary username and password through instance metadata. Then because that user had excessive access permissions the attacker could get the credentials of others and move on. One lesson: Give an employee more access than they need to resources and a successful attacker will take advantage. A second lesson: Strong detections and alerts are needed in containerized environments.
Attention Linux administrators: The SysUpdate malware that until now has only run on Windows machines can now run on Linux boxes, according to Trend Micro. It is believed to have been created by a threat actor researchers call Lucky Mouse or Iron Tiger. This malware can take screenshots, find, delete and rename files, upload and download files among other things. The new version also can communicate through DNS text requests.
Fast-food chain Chick-fil-A has begun notifying customers their personal data was exposed between December 18th and February 12th. The attacker used login credentials stolen from an unnamed third party. The stolen information may have included names, email addresses, the last four digits of credit/debit card numbers and mobile pay numbers. If customers saved personal information to their accounts such as the month and day of their birth that would have been stolen, too.
I’ve reported before about data breaches stemming from the compromise of the GoAnywhere managed file transfer service. Hatch Bank in the U.S. is now notifying almost 140,000 customers who borrowed or applied to borrow money that some of their data was accessed at the end of January. The Bleeping Computer news site says the Clop ransomware gang claims responsibility for compromising the file transfer service. That claim hasn’t been verified.
Most listeners know — I hope — to hover over links they get in emails and text messages as one way to confirm they go to a legitimate website. This is especially important if the link is shortened. However, hovering is not foolproof. Scammers have ways to disguise a fake full link. The most recent way is by making the full URL look like it goes to or involves LinkedIn. LinkedIn, of course, is a trusted brand. According to researchers at Malwarebytes, people are getting email messages that look like they came from Amazon about renewing their Prime service. But the goal is to steal Gmail, Microsoft and other passwords. The scam works like this: In the email messages there’s an Update Now button to update your supposed Prime account. Hovering over the button shows a shortened link that includes the word LinkedIn. Click on it and you get redirected to a website that looks like an Amazon login page. Victims who enter their email address and password as requested get sent to a so-called Security Checkup page where they are asked to fill in personal information — which goes to the crooks. This works because of a website redirect service that LinkedIn offers. Don’t be fooled by this scam.
That’s it for now. But later today the Week in Review podcast will be available. My guest will be University of Calgary cybersecurity professor Tom Keenan. He’ll talk about artificial intelligence and ChatGPT. That show will be available after 3 pm. Eastern time
Links to details about podcast stories are in the text version at ITWorldCanada.com.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.
©
IT World Canada. All Rights Reserved.

source

SPOTLIGHT –
Technology and training are keys to thwarting cyber attacks
In 2022, 25% of all ransomware attacks were aimed at the health care sector, and nearly 80% of health care breaches were attributed to hacking and IT incidents. Even worse, the health care industry has held the title for the costliest breach for 12 years in a row.
With larger health systems better equipped with more resources to help combat attacks, smaller outpatient facilities have a target on their back as an easier avenue for cyber criminals to access valuable patient data such as bank account and Social Security numbers, as well as intellectual property around medical research.
These often underfunded and understaffed facilities need to prioritize their cyber health now more than ever.
Leveraging technology to keep outpatient centers data secure
Artificial intelligence (AI) and Machine Learning (ML) are beneficial for improving health outcomes and processes—from drug discovery to analyzing patient data, they’re transforming the way that health care organizations operate.However, while AI can be a crucial component in protecting your organization, if not implemented properly, it could also be a hacker’s way into exploiting your system. Cybercriminals are no strangers to AI and how it is used in defenses for cybersecurity.
However, by combining ML and AI tools in the cloud, outpatient facilities can remove the “noise” from cyber attacks. These tools can also help with compliance by using vendor-centric ML/AI tools or building ML models to intelligently capture compliance issues.
Consider proactive technology defenses to work alongside ML/AI, such as MDR (managed detection and response). This technology can aid in quickly identifying threats, helping organizations respond without delay and thwarting major issues.
Increased training can bolster resilience to cyber attacks
While investments in technology play a large role in identifying attacks and helping protect against them, it is equally critical to invest in your teams by equipping them with the knowledge necessary to identify and prepare for attacks. A simple phishing email could be an entry for cyber criminals to gain access to the organization, and if employees do not know how to identify these subtle attacks, they could be putting the entire outpatient center and even a larger affiliated health care system at risk.
Additionally, connected health care has become so prevalent and electronic health records so widely used that if not managed properly, they can become easy targets for cyber criminals. In 2022 alone, health care organizations averaged nearly two breaches and over 500 patient records exposed each day. Educating workers on the proper ways to manage patient data through all technologies used helps to keep that data safe and secure.
While cybersecurity training is required for HIPAA compliance, this training typically takes place only with new hires. A one-time training session isn’t enough. The cybersecurity landscape is always changing, especially with the evolving regulatory compliance environment, so there need to be processes in place to continually update and educate employees to ensure they understand the employer’s cybersecurity policies.
Prioritize a cyber recovery plan
The most common consequence of cyberattacks in the health care industry is a delay in procedures and necessary patient tests. In a 2022 study, 57% of providers reported that cyberattacks had caused negative patient outcomes, and 50% noted increased complications to medical procedures.
Hackers are smart, and unfortunately, even with all the right precautions, remaining vigilant and prepared is a must.This unpredictability means cyber recovery planning must be a key part of your outpatient center’s incident response to minimize any impact on patients, procedures, or the organization’s ability to function.
While identification of a breach needs to occur quickly, recovery needs to be even faster. Ongoing testing of incident response plans is for preparedness, as finding those holes in your cyber defenses will prove its worth down the line.Having the demonstrated ability to quickly recover from a breach can also improve cyber insurance coverage and save money.
With multiple cyberattacks occurring daily in health care, outpatient centers need to have plans in place to make cybersecurity a top priority. The ability to better identify and respond to any form of security issue not only will help your staff feel more secure, but it will allow patients to feel that their data is safe.
Sanjeev Pant is field CTO of Presidio
Five tips for maximizing data security and ensuring HIPAA compliance
Feds warn about Russia-linked hacking group attacking health care
Number of data breaches continues to rise
Threat of denial-of-service cyberattacks growing in health care
Data breaches continue to plague health care industry
3 strategies to protect your practice from cyberattacks
2 Clarke Drive
Cranbury, NJ 08512
609-716-7777

source

How cybersecurity executives make the case for continued tech investments in a tough economy  CNBC
source

DATA breaches emanating from cyber attacks are costing companies more and their customers are being saddled with that cost in the form of higher prices for services, according to a report put out by Schneider Electrics, a Europe-based digital automation and energy management company which also has an arm in Jamaica.
Schneider Electrics, which presented the information as part of its sales pitch for its EcoStruxure system to be seen as the entity to help overcome the problem, said companies are becoming more and more vulnerable, especially as digitisation — including cloud storage of data — is accelerated by the COVID-19 pandemic. Alerts for data breaches, it pointed out, increased 600 per cent during the pandemic.
Quoting figures presented recently by technology company IBM, Schneider Electrics pointed out that data breaches in 2022 cost companies across the world an average of US$2.09 million, up 15 per cent from 2021. Companies operating in the finance and health sectors were cited as being among the most vulnerable to cyber attacks.
In Jamaica alone, the estimated losses due to cybercrime exceed $12 million annually, according to figures from The Major Organised Crime and Anti-Corruption Agency (MOCA).
“These cyber attackers take advantage of system vulnerabilities and, in many cases, not only affect data centres or databases but also any system or equipment connected to an Internet connection network or cloud,” said Miguel Duluc, central English Caribbean territory manager at Schneider Electric.
Duluc pointed out that cybercrime is constantly evolving and that attackers are attentive to the latest trends and technologies to hook the largest number of victims with attacks that often involve various actions, as they seek to make at least one of these actions successful. He added that perpetrators have gone from being basic and massive to more complex and selective, showing that cybercriminals are fine-tuning their tactics and procedures to be more efficient in achieving their goal.
“In the last two years companies across all industries have migrated a lot of their processes, equipment, machinery and maintenance controls to intelligent systems connected to the Internet of Things, to cloud networks, interconnecting and digitising. However, when making this migration, parameters and security systems must be taken into account to prevent an attacker from taking advantage of these multichannel platforms,” Duluc continued.
His urging comes as the Latin American Outlook report showed that 60 per cent of the companies affected by data breaches and the higher cost it has placed on their operation, hiked the cost of their services to their customers to help offset the losses.
Other data reveal that the Latin American and Caribbean region suffered 137 billion attempted cyber attacks from January to June 2022, an increase compared to the same period last year. In addition to the extremely high numbers, the data reveal an increase in the use of more sophisticated and targeted strategies, such as ransomware. During the first six months of 2022 approximately 384,000 ransomware distribution attempts were detected worldwide. Of these, 52,000 were destined for Latin America.
In 2022, for the first time, a group called Conti managed to paralyse Costa Rica’s financial sector, leading that country to declare a national emergency and with the crisis costing an estimated US$38 million per day. There were similar attacks on the health systems in France and Spain.
“It is important to bear in mind that the systems of, for example, a bank are not the same as those of a hospital in which the monitoring of equipment becomes lighter and therefore [presents] an opportunity for the attacker, who will not go after the equipment but rather after the software that controls it. By having access to a shared network it can enter through that software and reach databases or sensitive information, as well as control the operation of the equipment and even interrupt its operations,” explained Duluc.
Now you can read the Jamaica Observer ePaper anytime, anywhere. The Jamaica Observer ePaper is available to you at home or at work, and is the same edition as the printed copy available at
HOUSE RULES

source

No company nor individual is immune from the growing number of cyber attacks. During the third quarter, which ended September 30, just one type of cyber attack—data breaches—exposed 15 million data records, a 37% increase compared with the previous quarter, according to Statista.
The growing number of data breaches and other cyber attacks is placing mounting pressure on companies to hire more professionals to both prevent and react to these attacks. With more than 700,000 open cybersecurity jobs, even the White House is making a greater push to fill cyber positions and develop a pipeline.
“It’s confirmation that cybersecurity needs to be front-and-center if you’re a large enterprise—especially if you’re a public business where you’ve got a bigger responsibility to protect shareholders,” Jim Dolce, CEO of cybersecurity firm Lookout, told Fortune in a recent interview.  “Cybersecurity has become a focal point for every large business. It has become a board-level discussion.”
Among the fastest-growing and most in-demand jobs in the U.S. is the role of information security analyst, according to the U.S. Bureau of Labor Statistics (BLS). Between 2021 and 2031, the number of information security analysts is projected to grow 35%, making it the eighth-fastest-growing occupation in the U.S. 
While it may be a more entry-level to mid-career position in cybersecurity, these workers plan and execute security measures at an enterprise level—and get paid for the gravity of their work. The median base pay for information security analysts in 2021 was $102,600, data from the BLS shows.
Other common titles for an information security analyst include cybersecurity analyst, compliance analyst, and compliance analyst. Essentially, these workers are focused on protecting a company’s hardware, software, and data from outside attacks by cyber criminals.
Cybersecurity workers in security analyst roles typically need a bachelor’s degree in computer science, cybersecurity, or a related field to get a job, but some people enter the industry with a high school diploma and industry-relevant certifications and/or trainings, according to the BLS. 
Certifications required to become an information security analyst depend on the speciality and sector that the job is in, Casey Marks, chief qualifications officer at (ISC)², tells Fortune. The Certified Information Systems Security Professional (CISSP) is one of the most popular certifications for these workers; CyberSeek reports that it’s the top-requested certification for cybersecurity or information security analysts. (ISC)² oversees and administers cybersecurity certifications.
“Not only can certifications enable higher salaries for cybersecurity professionals, but they can also help individuals land a job in the first place,” Marks says. “Employers widely recognize certifications like CISSP as it helps validate the candidate’s skill set.”
While many information security analysts either undertake a non-degree route or study the field in undergrad, there are other opportunities to boost cybersecurity salaries. As Marks mentioned, earning a certification can be one way to increase earnings potential. 
Cybersecurity workers who have earned at least one certification can see their annual salary increase by more than $33,000, (ISC)²’s 2021 Cybersecurity Workforce Study shows. Earning a certification does require an investment of both time and money, however—and some even require work experience to pursue. 
For example, the exam registration for the CISSP certification is $749, and an online, self-paced course to prepare for the exam starts at $941, Marks says. Preparation time will vary by test taker based on their experience levels and background in cybersecurity concepts. 
“However, the CISSP certification is an exam you cannot cram for, and many schedule the exam three to eight months in advance to allow for ample prep and study time,” Marks adds. “To even pursue the CISSP certification, individuals need five years of paid work experience in two or more of the eight domains of the CISSP CBK [Common Body of Knowledge].”
Earning a master’s degree in cybersecurity can also be an effective way to increase pay packages. The University of California—Berkeley, which Fortune ranks as having the No. 1 online master’s degree program in cybersecurity, sees grads land $200,000 pay packages. Students from other top cybersecurity master’s programs make between $126,000 and $150,000.
“In terms of salary impact, a master’s degree has been proven to help the earning potential of cybersecurity professionals,” Mike Morris, Western Governors University, College of IT associate dean and director of academic programs in cybersecurity, previously told Fortune. WGU is ranked No. 3 on Fortune’s list of best online cybersecurity master’s programs. 
Check out all of Fortune’s rankings of degree programs, and learn more about specific career paths.

source

A Los Angeles-based cyber security expert has warned of a data breach at social media site Twitter that has allegedly affected “millions” across the US and EU.
Chad Loder, who is the founder of cyber security awareness company Habitu8, took to the social media site on November 23 to warn users of the alleged data breach that Loder claims occurred “no earlier than 2021” and “has not been reported before”.
In a series of tweets, Loder claimed they had seen the data stolen in the alleged breach and spoken to potential victims of the breach, who had confirmed that the breached data was “accurate”.

Loder said that any Twitter account with the “let others find you by phone number” setting enabled in its “discoverability” settings is affected, with “all accounts for the entire country code of France” listed, with their full mobile numbers.
The breach also allegedly includes the “full phone number spaces for multiple country codes in the EU” and “some area code[s] in the US”, with the data set including personal information for “verified accounts, celebrities, prominent politicians and government agencies”.
Twitter previously confirmed a data breach that affected millions of user accounts in July of this year, however, Loder stated that this “cannot” be the same breach unless the company “lied” about the July breach. According to Loder, the data from this breach is “not the same data” as that seen in the July breach, as it is in a “completely different format” and has “different affected accounts”.
Loder believes that the breach occurred due to malicious actors exploiting the same vulnerability as the hack reported in July.

Loder’s Twitter account was suspended at some point in the last 24 hours as, according to Twitter, it “violate[d] the Twitter rules”.
On July 27 of this year, a hacker who went by the alias ‘devil’ claimed in a post in hacking forum Breach Forum that they were selling data stolen from more than 5.4 million Twitter accounts.
According to devil, the data stolen included email addresses and phone numbers from “celebrities, companies, randoms, OGs, etc”. ‘OGs’ refers to Twitter handles that are either short, comprising of one or two letters, or a desirable word, like a first name. Devil said they would not accept offers lower than US$30,000 for the data set.
The owner of Breach Forums first verified that the leak was authentic, stating that the data breach took place as devil was able to exploit a vulnerability on the social media site first flagged in January 2022.
A report on the vulnerability was published to bug bounty and vulnerability coordination platform HackerOne on January 1, 2022, by a member called zhirinovsky. In the report, they described the effects of the vulnerability, saying:
“The vulnerability allows any party without any authentication to obtain a Twitter ID (which is almost equal to getting the username of an account) of any user by submitting a phone number/email even though the user has prohibited this action in the privacy settings. The bug exists due to the process of authorization used in the Android Client of Twitter, specifically in the process of checking the duplication of a Twitter account.”
This means the vulnerability could, and later did, allow “any attacker with a basic knowledge of scripting/coding [to] enumerate a big chunk of the Twitter user base” and collect user data into a database that linked Twitter usernames to their respective email addresses or phone numbers. This could then be sold to malicious parties who could use the data for advertising purposes, or to maliciously target specific Twitter accounts, for example celebrities.
Twitter itself verified the vulnerability on January 6 and subsequently paid zhirinovsky US$5,040 to patch the issue on January 13, with zhirinovsky confirming that the issue had been resolved that day.
On August 5, Twitter posted a statement about the breach, confirming that it had happened and that it was due to the vulnerability flagged in January. The company said it would “directly notify the account users [it] could confirm were affected by this issue”.
Twitter said the data breach was “unfortunate” and encouraged users to enable two-factor authentication to protect their accounts from unauthorized logins. 

With more than 140,000 members, Cyber Security Hub is the vibrant community connecting cyber security professionals around the world.
Join Now
The cyber attack saw confidential information held by the law enforcement office compromised
The cyber attack has reportedly affected NATOs response to the recent earthquakes affecting Syria an…
Two separate lawsuits have been filed against the company for allegedly failing to protect customer…
This marks the second social engineering attack the company has suffered in less than a year
The lawsuit alleges that LastPass stored crucial information that allowed hackers access to victims’…
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC

Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!
Already an IQPC Community Member?
Sign in Here or Forgot Password
Sign up now and get FREE access to our extensive library of reports, infographics, whitepapers, webinars and online events from the world’s foremost thought leaders.
We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

source

Data breaches have, unfortunately, become an all-too-common reality. The Varonis 2021 Data Risk Report indicates that most corporations have poor cybersecurity practices and unprotected data, making them vulnerable to cyberattacks and data loss.
With a single data breach costing a company an average of $3.86 million and eroding a brand’s reputation and its consumers’ trust, mitigating the risks is no longer a luxury. However, as cyberattacks get more pervasive and sophisticated, merely patching up traditional cybersecurity measures may not be enough to fend off future data breaches.
Instead, it’s imperative to start seeking more advanced security solutions. As far as innovative solutions go, preventing data breaches by utilizing the blockchain may be our best hope.
Blockchain technology, also referred to as distributed ledger technology (DLT), is the culmination of decades of research and advancement in cryptography and cybersecurity. The term “blockchain” was first popularized thanks to cryptocurrency, as it’s the technology behind record-keeping in the Bitcoin network. 
This technology makes it extremely difficult to change or hack a system, as it allows for the data to be recorded and distributed but not copied. Since it provides a brand-new approach to storing data securely, it can be a promising solution for data breaches in any environment with high-security requirements.
Built on the idea of P2P networks, a blockchain is a public, digital ledger of stored data shared across a whole network of computer systems. Each block holds several transactions, and whenever a new transaction happens, a record of that transaction gets added to every network participant’s ledger.
Its robust encryption and decentralized and immutable nature could be the answer to preventing data breaches.
World Wide Web inventor Tim Berners-Lee has said recently that “we’ve lost control of our personal data.” Companies store enormous amounts of personally identifiable information (PII), including usernames, passwords, payment details, and even social security numbers, as the Domino’s data leak in India (amongst others) has made clear.
While this data is almost always encrypted, it’s never as secure as it would be in a blockchain. By making use of the best aspects of cryptography, blockchain can finally put an end to data breaches.
How can a shared ledger be more secure than standard encryption methods?
To secure stored data, blockchain employs two different types of cryptographic algorithms: hash functions and asymmetric-key algorithms. This way, the data can only be shared with the member’s consent, and they can also specify how the recipient of their data can use the data and the window of time in which the recipient is allowed to do so.
When the first transaction of a chain occurs, the blockchain’s code gives it a unique hash value. As more transactions occur, their hash values are then hashed and encoded into a Merkle tree, thereby creating a block. Every block gets a unique hash with the hash of the previous block’s header and timestamp encoded.
This creates a link between the two blocks, which, in turn, becomes the first link in the chain. Since this link is created using unique information from each block, the two are immutably bound.
Asymmetric encryption, also known as public-key cryptography, encrypts plain text using two keys: a private key that’s typically produced via a random number algorithm, and a public one. The public key is available freely and can be transferred over unsecured channels.
On the other hand, the private key is kept a secret so that only the user can know it. Without it, it’s almost impossible to access the data. It functions as a digital signature, like real-world signatures.
This way, blockchain gives individual consumers the ability to manage their own data and specify with whom to share it over cryptographically encoded networks. 
A primary reason for the increase in data breaches is over-reliance on centralized servers. Once consumers and app users enter their personal data, it’s directly written into the company’s database, and the user doesn’t get much say in what happens to it afterward.
Even if users attempt to limit the data the company can share with third parties, there will be loopholes to exploit. As the Facebook–Cambridge Analytica data-mining scandal showed, the results of such centralization can be catastrophic. Additionally, even assuming goodwill, the company’s servers could still get hacked by cybercriminals.
In contrast, blockchains are decentralized, immutable records of data. This decentralization eliminates the need for one trusted, centralized authority to verify data integrity. Instead, it allows users to share data in a trustless environment. Each member has access to their own data, a system known as zero-knowledge storage.
This also makes the network less likely to fall victim to hackers. Unless they bring down the whole network simultaneously, the undamaged nodes will quickly detect the intrusion.
Since decentralization reduces points of weakness, blockchains also have a much lower chance of succumbing to an IP-based DDoS attack than centralized systems using client/server architectures.
In addition to being decentralized, blockchains are also designed to be immutable, which increases data integrity. The blockchains’ immutability makes all the data stored therein almost impossible to alter.
Because every individual in the network has access to a copy of the distributed ledger, any corruption that occurs in a member’s ledger will automatically cause it to be rejected by the rest of the network members. Therefore, any alteration or change in the block data will lead to inconsistency and break the blockchain, rendering it invalid.
Even though blockchain technology has been around since 2009, it has much untapped potential in the field of cybersecurity, especially when it comes to preventing data breaches.
The top-notch cryptography employed by blockchain protocols guarantees the safety of all data stored in the ledger, making it a promising solution.
Since nodes running the blockchain must always verify any transaction’s validity before it’s executed, cybercriminals are almost guaranteed to be stopped in their tracks before they gain access to any private data.
Jenelle Fulton-Brown is a security architect and internet privacy advocate based in Toronto, Canada helping Fortune 500 companies build future-proof internal systems.
Welcome to the VentureBeat community!
DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.
If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.
You might even consider contributing an article of your own!
Read More From DataDecisionMakers
Want must read news straight to your inbox?
© 2023 VentureBeat. All rights reserved.

source

[1/3] A T-Mobile store is pictured in the Manhattan borough of New York, New York, U.S., May 20, 2019. REUTERS/Carlo Allegri
Jan 20 (Reuters) – U.S. wireless carrier T-Mobile (TMUS.O) said on Thursday it was investigating a data breach that may have exposed 37 million postpaid and prepaid accounts, and hinted at incurring significant costs related to the incident.
It's the second major cyberattack in less than two years and comes months after the carrier agreed to upgrade its data security to settle a litigation related to a 2021 incident that compromised information of an estimated 76.6 million people.
The company identified malicious activity on Jan. 5 and contained it within a day, it said, adding no sensitive data such as financial information was exposed.
T-Mobile, however, added that basic customer data – such as name, billing address, email and phone number – was breached and that it had begun notifying impacted customers. The company has more than 110 million subscribers.
A spokesperson for the U.S. Federal Communications Commission (FCC) said the regulator had opened an investigation into the incident.
View 2 more stories
"Carriers have a unique responsibility to protect customer information. When they fail to do so, we will hold them accountable. This incident is the latest in a string of data breaches at the company, and the FCC is investigating," the spokesperson said.
T-Mobile declined to comment on the investigation. The company's shares fell 1% in Friday morning trade.
The news of the incident also drew sharp reaction from analysts.
"While these cybersecurity breaches may not be systemic in nature, their frequency of occurrence at T-Mobile is an alarming outlier relative to telecom peers," said Neil Mack, senior analyst for Moody's Investors Service.
"It could negatively impact customer behavior, cause churn to spike and potentially attract the scrutiny of the FCC and other regulators."
Our Standards: The Thomson Reuters Trust Principles.
Reuters, the news and media division of Thomson Reuters, is the world’s largest multimedia news provider, reaching billions of people worldwide every day. Reuters provides business, financial, national and international news to professionals via desktop terminals, the world's media organizations, industry events and directly to consumers.
Build the strongest argument relying on authoritative content, attorney-editor expertise, and industry defining technology.
The most comprehensive solution to manage all your complex and ever-expanding tax and compliance needs.
The industry leader for online information for tax, accounting and finance professionals.
Access unmatched financial data, news and content in a highly-customised workflow experience on desktop, web and mobile.
Browse an unrivalled portfolio of real-time and historical market data and insights from worldwide sources and experts.
Screen for heightened risk individual and entities globally to help uncover hidden risks in business relationships and human networks.
All quotes delayed a minimum of 15 minutes. See here for a complete list of exchanges and delays.
© 2023 Reuters. All rights reserved

source