Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Information Security risk. Show all posts
Sensitive data
BBC Chat GPT Data Privacy Laws Information Security risk Italy Malicious actor OpenAI Privacy Sensitive data

ChatGPT and Data Privacy Concerns: What You Need to Know

As artificial intelligence (AI) continues to advance, concerns about data privacy and security have become increasingly relevant. One of the latest AI systems to raise privacy concerns is ChatGPT, a language model based on the GPT-3.5 architecture developed by OpenAI. ChatGPT is designed to understand natural language and generate human-like responses, making it a popular tool for chatbots, virtual assistants, and other applications. However, as ChatGPT becomes more widely used, concerns about data privacy and security have been raised.

One of the main concerns about ChatGPT is that it may need to be more compliant with data privacy laws such as GDPR. In Italy, ChatGPT was temporarily banned in 2021 over concerns about data privacy. While the ban was later lifted, the incident raised questions about the potential risks of using ChatGPT. Wired reported that the ban was due to the fact that ChatGPT was not transparent enough about how it operates and stores data and that it may not be compliant with GDPR.

Another concern is that ChatGPT may be vulnerable to cyber attacks. As with any system that stores and processes data, there is a risk that it could be hacked, putting sensitive information at risk. In addition, as ChatGPT becomes more advanced, there is a risk that it could be used for malicious purposes, such as creating convincing phishing scams or deepfakes.

ChatGPT also raises ethical concerns, particularly when it comes to the potential for bias and discrimination. As Brandeis University points out, language models like ChatGPT are only as good as the data they are trained on, and if that data is biased, the model will be biased as well. This can lead to unintended consequences, such as reinforcing existing stereotypes or perpetuating discrimination.

Despite these concerns, ChatGPT remains a popular and powerful tool for many applications. In 2021, the BBC reported that ChatGPT was being used to create chatbots that could help people with mental health issues, and it has also been used in the legal and financial sectors. However, it is important for users to be aware of the potential risks and take steps to mitigate them.

While ChatGPT has the potential to revolutionize the way we interact with technology, it is essential to be aware of the potential risks and take steps to address them. This includes ensuring compliance with data privacy laws, taking steps to protect against cyber attacks, and being vigilant about potential biases and discrimination. By doing so, we can harness the power of ChatGPT while minimizing its potential risks.
Read more »
Third party file
Data Breach Encrypted Files FBI Federal Trade Commission Information Security risk Software Vulnerability Third party file

The Medical Review Institute of America Alerts Patients of a Privacy Breach

 

On November 9, 2021, MRIoA discovered that it had been the victim of a sophisticated cyber-attack that affected over 134,000 people, according to a data breach notification filed by the Maine Attorney General's Office. Following the realization of the security incident, the institution set forth to protect and restore the organization's systems and operations. MRIoA also promptly enlisted the assistance of third-party forensic and incident response experts to conduct a thorough investigation into the nature and scope of the problem, as well as sought assistance with remediation efforts. The incident was further reported to the FBI as well. 

According to MRIoA, which discovered the incident on November 12, 2021, the security incident primarily involved the unauthorized gathering of information; MRIoA retrieved and validated the deletion of the received information to the best of its abilities and knowledge on November 16, 2021. 

The HITRUST Common Security Framework (CSF) and associated standards/regulations, such as HIPAA, HITECH, and state data and privacy legislation, are incorporated into MRIoA's privacy and security program, according to the company's conditions. MRIoA enforces tight access controls, including privileged access, file integrity monitoring, input validation, and complete audit logging, and protects data confidentiality by encrypting data at rest with AES-256 and data in transit using TLS1.2. 

"We place a high importance on the security and privacy of the information stored on our systems, and we were astonished and disheartened to learn that we were one of the thousands of victims of this type of cyberattack," MRIoA's CEO, Ron Sullivan said. 

Meanwhile, as iterated below, additional cybersecurity precautions were installed and are being deployed to MRIoA's existing infrastructure to better limit the possibility of this type of event occurring again. 

  • Continuous threat hunting and detection software monitoring of their systems.
  • When attempting to access the systems, add extra multifactor authentication protections.
  • To ensure that all threat remains were eradicated, new servers were constructed from the ground up. Working with outside cybersecurity specialists to help them with their security initiatives.
  • Creating a new and hardened backup environment; enhancing their cybersecurity training for employees.

As MRIoA reviews, rewrites, and amends their existing cybersecurity rules in the wake of the attack, they suggest individuals report any fraudulent conduct to the appropriate law enforcement agencies, such as their state attorney general and the Federal Trade Commission (FTC).
 
Affected individuals are being offered free credit monitoring and identity protection services by the MRIoA. Further, individuals who want to sign up for the free credit monitoring service must do so within 90 days of getting their MRIoA notice letter. 
Read more »
Vulnerabilities and Exploits
Information Security risk National Cyber Security Russia Russian Cyber Security Vulnerabilities Vulnerabilities and Exploits

Every tenth significant IT system in Russia is infected with malware

 According to Rostelecom-Solar research, every 10th critical information infrastructure (CII) in the Russian Federation is compromised by malware. Even hackers with low qualifications are able to attack most of these IT networks: a significant part of the detected vulnerabilities have existed for more than 10 years, but organizations have not prevented them.

Vladimir Drukov, director of the Cyber Attack Monitoring and Response Center at Rostelecom-Solar, associates the presence of vulnerabilities in CII with the fact that the process of regular software updates has not yet been established in more than 90% of companies.

Kaspersky Lab experts agreed with the findings of the study. According to Anton Shipulin, Lead Business Development Manager at Kaspersky Industrial CyberSecurity, cybersecurity is still at a low level in most CII facilities.

"In terms of data protection, a large number of CII objects are currently in a "depressing situation", and there are no serious hacker attacks on them "by happy accident", but it is only a matter of time," added Fedor Dbar, Commercial Director of Security Code.

In addition, the number of hosts with the vulnerable SMB protocol has almost doubled. It is a network protocol for sharing files, printers, and other network resources that is used in almost every organization. Such vulnerabilities are particularly dangerous, as they allow hackers to remotely run arbitrary code without passing authentication, infecting all computers connected to the local network with malware.

The main problem in internal networks is incorrect password management. Weak and dictionary passwords that allow an attacker to break into an organization's internal network are extremely common. Password selection is used by both amateur hackers and professional attackers.

Moreover, the pandemic has also significantly weakened IT perimeters. Over the past year, the number of automated process control systems (APCS) available from the Internet has grown by more than 60%. This increases the risks of industrial espionage and cyber-terrorism.


Read more »
Vulnerability and Exploits
Information Security News Information Security risk Russia Russian Cyber Security Russian Hackers Vulnerability and Exploits

Russian hackers hacked the first level Olympiad in a second

A new Olympic season has begun in Russia. Many competitions have been moved online due to the COVID-19 pandemic. The first level Olympiad allows the winner to enter the university without exams.

It turns out that the hacker could theoretically ensure admission to the best universities in the country, putting graduates in unequal conditions.

SQL injections and XSS vulnerabilities were discovered on the site, which make it is possible to influence the results of the competition. As a result, according to the hacker, it is easily possible: 1) find out the tasks in advance and change the answer data during the Olympiad; 2) see the sessions and data of other users; and 3) massively upload user information, including personal information (information from the passport, registration, phone, e-mail).

"SQL injection is one of the easiest ways to hack a site. Indeed, in a very short period of time and by replacing several characters, an attacker can gain access to all personal data of the Olympiad and to all tasks," said Oleg Bakhtadze-Karnaukhov, an independent researcher on the Darknet.

According to the researcher, most likely, there was not enough time to detect such errors during the programming of this site, although it takes little time to find and fix them.

"If the site contains vulnerabilities, then a command in a specific programming language can be inserted, for example, in a link, and the page will display information that was not intended for users initially," explained Dmitry Galov, Cybersecurity Expert at Kaspersky Lab.

According to Alexei Drozd, head of the information security department at SearchInform, the reason may be design errors, as a result of which the site, for example, poorly checks or does not check incoming information at all.

"Unfortunately, when developing websites and applications, security issues are always in the background. First, there is a question of functionality," concluded Alexey Drozd.


Read more »
Phishing Attacks
Data Breach Data Leak Information Security risk Phishing Attacks

Freedom Finance's customer data got leaked after employee fell for phishing attack

Broker Freedom Finance admitted the fact of hacking its internal network and stealing data leaks about 16,000 clients of the company for 2018. The founder and CEO of the company Timur Turlov announced this on Instagram.

He called the incident "an extremely unpleasant and shameful incident in information security", which occurred on December 24, and admitted: "We screwed up."

According to him, one employee of the company received a phishing email, which he opened and ran on the local machine despite the security warning. "And then all the weak points of our security were revealed," said Turlov.

“Cyber ransomware attacked a segment of our internal network and stole some data from the local machines of a number of employees in Russia. These are machines belonging to the employees of a Russian broker that provides access to the Russian stock market and almost the entire data packet is dated 2018,” wrote Turlov on his Instagram.

Almost no customers who opened accounts in the United States were affected. The broker's international clients were not affected either.

He assured that hackers did not get access to CRM, back-office reports, trading platform data, and also did not get customer passwords.

Turlov promised that the company will contact affected customers as soon as possible, tell them what documents have been made publicly available, and advise on how to minimize risks.

"Of course, now we have completely cleaned out the network and all local machines, have already rebuilt it, and are convinced that data is no longer leaking," assured he.

Turlov believes that the system was hacked to blackmail the company with media publicity and extort money.

"The company has decided to admit its mistake and not cooperate with criminals," said Turlov.

On November 24, Ashot Hovhannisyan, the founder of the Data Leakage & Breach Intelligence (DLBI) service, announced the appearance of Freedom Finance's customer data.

Read more »
US Government
AI Artificial Intelligence Cybersecurity Information Security risk US Government

Trukno: "On A Mission To Deliver Cyber Intelligence, Not Cyber News"

 

Trukno: Virtual Threat Intelligence Analyst to launch their Broad Beta Version on 22nd December. Every second a new attack in cyberspace takes place, according to a report by Acronis 32% of companies are attacked at least once a day and to keep up with these threats and attacks is a mind picking process. There are two ways of keeping up with Cyber Security- a) being updated with cyber blogs or b) hiring your own cyber threat analyst. But Trukno is a platform that provides a virtual threat intelligence analyst for people who want to keep up with cybersecurity, be up to date on recent attacks as well as to know the threat actors and attack landscape trend with their syndicated search engine and threat curator. 

Set to launch their Broad Beta version on 22nd December, for individuals who are full-time cybersecurity analysts as well as for the majority of people who want to know the how and happenings in cybersecurity in a much faster, easier, and detailed way. 

Ehacking news had a discussion with Trukno CEO and Founder Manish Kapoor, Co-Founder Noah Binstock, and Team about their platform, how it works, features and advantages. 

I'm sharing below the details from the interview with you all, read to know about Trukno and how you can set up a beta account for yourself: 

The Story Behind Trukno Mr. Manish (CEO and Founder): We formed Trukno in Oct 2018 in Denver Colorado. Before that I was in Cisco, which is a big networking company also very focused on Cybersecurity, I was there for 10 years and what I did day to day was to help the world’s largest service providers like AT&T, Telstra help them understand the latest going on in cybersecurity and based upon that help them build cybersecurity services they could sell to their enterprise customers using Cisco system products - that was the essence of what my team and I did and when you do that you’re going in front of the world’s largest cybersecurity companies so they know what they’re talking about in cybersecurity and hence I had the constant pressure to keep up with cybersecurity latest threats and how those could be turned into new services and I tell you it’s easier said than done. In preparation, I would blog hop from one blog to another and very quickly I started to realize, there is a difference between keeping up with cyber news vs. keeping up with cyber threats. 

The whole process would take me hours leaving me more confused and that's when I realized something is missing either I don't have the right tools or there must be a better way since then we have probably talked to 504 folks in cybersecurity from Cisco to stock analyst to researchers and we realized that this problem was not just isolated for me that problem exists for the cyber community in general. So what tools that exist today in cybersecurity are targeted for deep-dive practitioners who want to see the bits and bytes and it's a full-time job just to keep up with it and only the largest corporations in the world can hire dedicated threat intelligence analysts and everybody else who wants to keep up with cyber threats really struggles. So that is the problem we are trying to solve, and the mission we are on is to deliver cyber threat intelligence and not cyber security news. We intend to do so in the most efficient comprehensive and affordable way to the masses so that is the story behind Trukno.  

Mr. Noah (Co-founder): We found that when it comes to threat researchers and external strategic analysts there is often one position that is providing these reports for an organization and what we realized is that those reports and those patterns and findings these people are curating; they have benefits of all cybersecurity and not just the organization they are working for, so we are actually trying to find ways to scale that information. The objective information about external threats landscapes and the inner workings and patterns that are occurring in front of our eyes so we can give that to organizations and individuals without access to a dedicated intelligence analyst.

Trukno Breakdown and Features: 

Newsfeed: A news feed that you can create based on your interests; it's basically a news feed from a hundred and fifty sources for people who want to keep up with cybersecurity news at one place and users can create their own feed and have all their news sources at one place 

Dashboard: You can choose your interests of information using filters from industry, Technology, Malware, and actors. The sweet thing about this threat analyst is you can go from shallow to deep in a way that’s organized and detailed. It informs you about threat actors, breach specifics; how many times the threat was used thus the user gets very detailed information in a very short time. 

My Boards (and Team Collaboration):  You can assign Custom Tags to threats, breaches, and discussions; and comment and converse with your team. 

Trukno Vision: Mr. Manish: Our Vision is to get critical vital threat information to the broad cyber community; you don’t have to have PhD. to keep up with cyber threats. That is what we believe. That is the reason we are going to the extent of not only breaking down TTPs (Tactics, techniques, and procedures) but breaking down text associated with that TTPs in each specific breach because we want to make it a ten-second visual that gives you the summary verses a thirty-minute read. 

How it works: Mr. Manish: What we are doing is with all this curation is we are building an automated engine which is AI-driven but with human intervention to maintain quality analysis and to do that we break down every single article until the AI takes over. That is to say, It’s a combination of Artificial and Human Intelligence as 90% of the breaches use the same TTPs and on a day to day basis there are new threats surfacing that have never been seen before and AI is not going to be able to that on its own; it will always be human aided AI. So our AI will become more and more efficient with more training data but it will always be human intelligence aided. 

Next Step: Mr. Manish: Add more sources for people who want more content, people who want details we will give them IUCs, people who want news feed but more flexibility customization we’ll add custom URL capabilities and people who want more collaboration, we’ll be adding integration slack and some basic team capabilities on our side. 

How is this threat intelligence different from MITRE? Mr. Manish: Think of MITRE as a US government organization, and it has created all the rules and regulations but you won’t go to MITRE to know what happened an hour ago, what breach happened, and how that happened in the MITRE framework. So, we are creating a dashboard that uses the MITRE framework to pull all that information together. 

EndNote: Mr. Manish: We are truly on a mission to solve this very critical problem in society, cybersecurity has become one of the biggest problem facing humanity and we think that cybersecurity is not about IT, bigger boxes, and fancy software; it's about threat risk management - the importance of knowing the right threats at the right time is so critical and right now it is so hard to do that we truly believe we can move the needle on this thing with the platform to make it simple, affordable and comprehensive – that’s our mission and that's what we stand for. 

The Trukno broad beta will be open for everyone, to avail go to their website (https://www.trukno.com/). In their Beta version, all features are free for everyone, with the full version coming in the first quarter of next year will have a freemium model that is free News Feed and My Board and subscription-based Dashboard.
Read more »
Information Security risk
Cyber Security Cyber Security News Information Security risk

Russian experts warn about security risks of Bluetooth on a smartphone

Associate Professor of computer science at the Russian University of Economics, Alexander Timofeev said that hackers can use Bluetooth to break into an electronic device.

"The possibility of Bluetooth hacking can endanger any information stored on the device (photos, emails, texts). In addition, an attacker can gain control of the device and send unwanted data to it,” noted Timofeev.

According to him, at the hacker festival What The Hack, which takes place in the Netherlands, experts showed how using a laptop and a special program with a directional antenna people can eavesdrop on what the driver of a passing car is talking about through a Bluetooth headset.

The head of Check Point Software Technologies Ltd. Sergey Zabula agreed that constantly enabled Bluetooth carries a significant threat to the security of the phone and its owner. Scammers are constantly improving their attack methods, and the small range of Bluetooth signal propagation is no longer a problem for them.

"Using amplifiers, hackers can get into a user's device without even asking for their permission and without knowing the secret key of the connection”, noted Mr. Zabula.

The consequences of attacks using Bluetooth can be varied. So, in just a few seconds, fraudsters can connect to a user's device, install malware, and eventually steal or delete valuable information. Moreover, via Bluetooth, hackers can listen to calls, set their forwarding, and send calls and text messages, which in turn leads to financial losses of the victim. Also, using a Bluetooth connection, fraudsters can carry out a DoS attack and completely disable the phone.

Experts recommend disabling Bluetooth as soon as it is no longer necessary, since this function, when activated, is a "godsend for scammers."

Read more »
Vulnerabilities and Exploits
Cyber Security News Information Security risk IT Security Vulnerabilities Vulnerabilities and Exploits

About 84% of Russian companies have vulnerable IT system

More than 80% of companies in Russia neglect the basic means of protecting information systems and data, as a result of which 84% of companies have vulnerabilities in their IT systems that can be exploited, including by novice hackers who do not have a high level of programming skills.

According to Ekaterina Kilyusheva, head of the research group of the information security analytics department at Positive Technologies, companies suffer from inexperienced hackers in about 10% of cases.

Based on the testing of 19 large companies from different sectors of the economy, it turned out that in 58% of cases, companies have at least one security breach that can be hacked by publicly available software for hackers.

It is noted that most often in Russian companies, security gaps are associated with the use of outdated software, the vulnerabilities of which are already known.

As noted by ESET security specialist Tony Anscomb, in addition to outdated software, companies often have poorly configured network infrastructure and operating systems, lack of encryption and two-factor authentication, which also increases the likelihood of a system being compromised.

It is noted that the best protected are companies in the financial sector and energy industry, which process large amounts of personal information and where the high dependence of business development on the stability of the IT direction, explained the head of Analytics and special projects InfoWatch Andrey Arsentiev.

Read more »
Subscribe to: Posts (Atom)