Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Privacy and Security. Show all posts

Data of Domestic Violence Victims Leaked in ZircoDATA Hack

 

Monash Health, a Victorian public health agency, has announced that it had been impacted by the recent ZircoDATA hack. 

Earlier this year in February, ZircoDATA, which provides safe document storage, data management, and digital conversion of 9,000 clients across Australia, reported a system vulnerability. The Victoria-based company also manages some of Monash Health's archived historical documents. 

Monash Health stated on May 3 that the hack revealed some of its historic data on domestic violence sufferers. 

"Investigation analysis indicates that the Monash Health information involved in the ZircoDATA data breach relates to a selection of archived data from the family violence and sexual assault support units at Monash Medical Centre, the Queen Victoria Hospital, and Southern Health, limited to the period from 1970 to 1993," noted Eugine Yafele, Monash Health chief executive, in a statement.

The National Office of Cyber Security has been informed of this incident. Monash Health said that the cyber attack had not compromised or damaged its systems. 

"Monash Health is deeply sorry that the external breach has occurred, and we continue to work with ZircoDATA in the investigation," Yafele added. 

The larger trend

The ransomware group Black Basta has taken credit for breaking into ZircoDATA on the dark web, claiming to have stolen nearly 395 gigabytes of data, including confidential agreements, financial papers, and personal data. The first ransom deadline was March 1st. 

ZircoDATA has received support from Lieutenant General Michelle McGuinness, the National Cyber Security Coordinator, in notifying its impacted customers. She added that other branches of the government have also been affected.

"The majority of these entities are still in the process of working with ZircoDATA to identify impacted data and any victims and are yet to begin notifying impacted individuals. There are clear processes for ZircoDATA and the affected government entities to work through," McGuinness noted. 

Before the new year, St Vincent's Health, one of the country's largest not-for-profit health and aged care organisations, disclosed a data breach by unidentified hackers, though no sensitive information was stolen.

AI's Dark Side: Splunk Report Forecasts Troubled Trends in Privacy and Security

 




There is no doubt that AI is going to be very beneficial to security professionals, but cybercriminals will be looking for ways to harness the power of AI to their advantage as well. As bad actors push artificial intelligence to new extremes, Splunk's Security Predictions 2024 report predicts that it will certainly expand organisations' attack surfaces. 
As a result of the advancement of artificial intelligence, malicious actors will have a better chance of enhancing their portfolios and strategies. As it is anticipated that new threats will emerge in 2024, a new wave of attack methods spawning not only from artificial intelligence but also from the robust adoption of 5G in India is anticipated.

As a result, cybercriminals will have more opportunities to exploit cybercriminals since the attack surface is already wide. According to Robert Pizzari, Group Vice President, Strategic Advisor, Asia Pacific, Splunk, cybercriminals will have more opportunities. Among the key trends in security and observability that Splunk has identified for 2024, are the following: 

It is anticipated that, by 2024, CISOs will also have a greater stake at stake due to the increasing stringency, complexity, and difficulty of navigating the regulatory environment. According to the State of Security 2023, 79% of line-of-business stakeholders see the security team as either a trusted resource for information or as one of the most critical enablers of the organisation's mission. 

It was recently found in a recent Splunk report that 86% of security leaders believe that generative AI will help alleviate skill gaps and talent shortages. AI will take on security tasks. It will become more of a virtual assistant than an assistant, as it will take care of repetitive, mundane, and labour-intensive tasks that are not necessary to perform. 

While the majority of people are excited about AI, they are also nervous - CIOs and CTOs will feel the pressure to get more from less in this year's budget, making it the year of mindful budgets and massive disruption. People are excited about AI, but they are also nervous - and there will be tremendous pressure on CIOs and CTOs. With artificial intelligence, users can better understand what's going on in an environment by detecting and identifying anomalies. 

However, it would not replace manual troubleshooting. Many companies are going to use artificial intelligence to detect anomalies first, then move on to investigation and respond automatically. 

Automated remediation is something people can expect to see shortly. It has become apparent that observability can be a meaningful signal for security operations: There are a significant number of vendors who sell security products separate from one another. 

The lack of interoperability of their products is often a cause of frustration for their customers. There's no question that a DevSecOps mindset will lead the organisation - whether it's big or small - towards digital resilience, no matter if the servers are in the cloud or in the back corner of your garage.

Is Wave Browser Safe ?


Unless it is an ultimate exception, everyone has a browser installed on their computer and smartphones to surf the web, work, communicate with others and more. 

However, there are significant differences in browsers. Some browsers prioritize speed and convenience, some privacy, while other browsers focus on certain specialized tasks. And there come browsers that are potentially wicked, such as the Wave browser. 

Is Wave Browser Safe? 

On their official websites, Wave browsers portray themselves as an alternative to mainstream software that guarantees "anonymity of your data," and offers a personalized experience to users. "Not only do we not pass your data onto third parties, we don't even store it ourselves," the website states. 

Wave browser is available on Windows, MacOS, Android, and iOS. It can be installed via Google Play and App Store, indicating its successful marketplace requirement regarding functionality and security.

The Wave browser is classified as a Potentially Unwanted Program (PUP). PUPs, as the term suggests are not very harmful. However, certain behaviours displayed by PUP do cause indirect or direct harm: display unwanted ads, slow down the user's device, collect an excessive amount of data, etc. 

Wave browsers are almost every time installed unintentionally, attached to other software. For instance, a user’s antivirus software may fail to detect Wave, consequently making him download and install the malicious browser. During its installation, the browser may even trick the user into clicking certain boxes, which ultimately enables it to import data and become their default browser. 

A user may not even recognize anything suspicious, since Wave is, in fact, a browser. Wave browser is based on Chromium, the open-source web browser project that is the foundation for Chrome, Microsoft Edge, Brave, and several other similar products. However, after a few minutes of its installation, the user will realize what has transpired, since their system will be bombarded with annoying ads and pop-ups. Also, a user may take a hint when their browser becomes incapable of showing relevant search results and only displays search ads, or links leading to websites unrelated to the keyword they may have entered.

Since Wave will not display any relevant search results, but instead they may lead the users into paying for advertising, one may encounter shady webpages, that may as well contain a malware. While Wave itself is not a malware, it may lead its victim to phishing sites or malicious programs, entailing risk to their privacy and security. 

This answers the question of ‘Is Wave browser safe?’ which is ‘No, it is not.’ While it is neither a virus nor any malware, it certainly should not be there in a user’s device. Wave browser will only serve them with annoying ads, display irrelevant search results and compromise their security, at worst.