Newsflash woensdag 19 juni 2024
Eerste Kamer akkoord met sterk bekritiseerde 'datasurveillancewet' WGS
(security.nl)

De Eerste Kamer is akkoord gegaan met het voorstel voor de Wet gegevensverwerking door samenwerkingsverbanden (WGS), door tegenstanders ook wel 'datasurveillancewet' of 'Super SyRI' genoemd.

De fracties van BBB, VVD, CDA, D66, PVV, ChristenUnie, JA21, SGP, 50PLUS en OPNL stemden voor het wetsvoorstel van demissionair minister Yesilgöz van Justitie en Veiligheid. De fracties van GroenLinks-PvdA, PvdD, SP, FVD en Volt stemden tegen.

De WGS biedt een juridische basis voor overheidsorganisaties én private partijen, verenigd in samenwerkingsverbanden, om persoonsgegevens met elkaar te delen voor de bestrijding van fraude.

Grote Nederlandse partijen willen mail en chat van Rijk in plaats van big tech
(tweakers.net)

De Nederlandse politieke partijen NSC en GroenLinks-PvdA pleiten in een initiatiefnota voor een Rijksmaildienst en Rijkschatdienst als alternatief voor digitale diensten van grote techbedrijven als Microsoft en Google.

De partijen willen ernaar streven dat over vijf jaar 30 procent van de clouddiensten uit Nederland komt. De Rijksoverheid moet clouddiensten uit Nederland stimuleren volgens het plan en het initiatief pakken voor het oprichten van Nederlandse diensten.

De partijen willen af van de SLM Microsoft, Google Cloud en Amazon Web Services, de rijksdienst die samenwerking met grote techbedrijven regelt.

Study reveals 45% of passwords crackable within a minute
(securitybrief.co.nz)

Astudy conducted by Kaspersky has unveiled that many online passwords are alarmingly vulnerable to being guessed by scammers within a minute.

Out of 193 million passwords analysed, over 87 million could be compromised in less than a minute, while only 23% of the passwords had the resistance to withstand such attacks for over a year.

The research examined passwords that were compromised by infostealers and available on the darknet. According to the findings, a large proportion of these passwords were easy targets for brute force and smart guessing attacks.

Dark-web kingpin puts 'stolen' internal AMD databases, source code up for sale
(theregister.com)

AMD's IT team is no doubt going through its logs today after cyber-crooks put up for sale what is claimed to be internal data stolen from the US microprocessor designer.

The supposedly swiped information is being peddled on the recently revived the dark-web BreachForums souk.

One or more criminals using the handle IntelBroker are offering, in exchange for cryptocurrency, what's claimed to be customer databases, upcoming product specifications and plans, internal financial figures and source code, firmware and ROMs, staff information – including names, user IDs, and phone numbers – and other sensitive info.

Singapore Extradites Suspected Cybercrime Scammers from Malaysia
(darkreading.com)

Singapore police scored a win with the arrests of two men accused of operating servers that enabled cybercrimes against Singaporeans and the dismantling of their supporting infrastructure.

In 2023, nearly 2,000 victims in Singapore downloaded malicious Android applications that allowed the scammers to steal device data, including bank information, according to a statement from the Singapore police.

Following a deep analysis of the malware by cybersecurity officials in Singapore, Hong Kong, and Malaysia, where the arrests were made, police were able to track the entire organization behind the attacks, including a syndicate accused of operating a fraudulent customer service center in Taiwan.

Hackers Demand as Much as $5 Million From Snowflake Clients
(claimsjournal.com)

Cybercriminals are demanding payments of between $300,000 and $5 million apiece from as many as 10 companies breached in a campaign that targeted Snowflake Inc. customers, according to a security firm helping with the investigation.

The hacking scheme has entered a “new stage” as the gang looks to profit from the most valuable information it has stolen, said Austin Larsen, a senior threat analyst at Google’s Mandiant security business, which helped lead Snowflake’s inquiry.

That includes auctioning companies’ data on illegal online forums to try to pressure them into making payments, he said.

The absence of multi-factor authentication led to the Medibank hack, regulator alleges
(abc.net.au)

The private Australian health insurer Medibank did not have multi factor authentication protections on its private network when it was successfully hacked, new court filings allege.

The Office of the Australian Information Commissioner (OAIC) alleges a lack of multi factor authentication at Medibank led to the 2022 data hack of nearly 9.7 million current and previous customers.

Documents filed to the Federal Court on Monday by the OAIC allege the massive data breach stemmed from an employee of a Medibank contractor, an IT service desk operator, who saved his login details to a personal web browser installed on his work computer.

NHS boss says Scottish trust wouldn't give cyberattackers what they wanted
(theregister.com)

The chief exec at NHS Dumfries and Galloway will write to thousands of folks in the Scottish region whose data was stolen by criminals, admitting the lot of it was published after the trust did not give in to the miscreants' demands.

Residents of Dumfries and Galloway in Scotland will soon be receiving a letter from the CEO of the regional National Health Service org explaining in full the February cyberattack that may affect them.

Draft copies of the letters to be sent this week were posted on NHS Dumfries and Galloway's website on Monday. It explains in plain terms what happened, what the attack means for residents, and how to stay safe online in the wake of the incident.

The lasting impacts of the pandemic on cybersecurity in healthcare
(verdict.co.uk)

GlobalData predicts that global cybersecurity revenues across healthcare payors and providers will reach $11bn by 2027.

On June 4 2024, several major London hospitals were hit by a cyber-attack. The hospitals affected included Guy’s, St Thomas’, and the Evelina Children’s Hospital.

The hackers behind the attack targeted the pathology services provider Synnovis. As the healthcare sector deals with sensitive data and critical services, cyberattacks are especially costly.

Report highlights surge in cyberattacks on operational technology
(securitybrief.co.nz)

A recent report from Fortinet has highlighted a substantial rise in cyberattacks targeting operational technology (OT) systems, raising concerns for organisations globally about the need to enhance cybersecurity measures.

The 2024 State of Operational Technology and Cybersecurity Report indicates that 73 per cent of organisations experienced an intrusion impacting either OT systems alone or both OT and IT systems, marking a significant increase from 49 per cent the previous year.

John Maddison, chief marketing officer at Fortinet, elaborated on the significance of these findings.

Cut & Paste Tactics Import Malware to Unwitting Victims
(darkreading.com)

Threat actors are using fake browser updates and software fixes to trick users into cutting/copying and pasting PowerShell scripts loaded with various malware strains — including remote access Trojans (RATs) and infostealers — to infect their computers.

Researchers from Proofpoint observed the socially engineered technique employed by initial access broker tracked as TA571, as well as an unidentified actor in the last three months, starting as early as March 1, they revealed in a blog post published June 17.

There appear to be two methods of social engineering used in the activity — one that offers fake browser updates in yet another ClearFake campaign, and the other that delivers error messages related to Word, Google Chrome, and OneDrive dubbed "ClickFix" by the researchers.

Why You Shouldn't Unsubscribe From Spam Emails
(hackernoon.com)

Many people don’t realize opting out of spam emails is an easy way to receive more junk mail or even infect a device with malware. Even opening a suspicious message could result in losing security or privacy. What are the risks of unsubscribing?

At best, unsubscribing from spam lets the sender know the account is active, prompting them to send more emails or sell the recipient’s contact information on the dark web.

At worst, what appears to be an annoying or sketchy message is actually a phishing attempt — meaning clicking anything could infect the device with malware.

New maritime cybersecurity body starts operations
(splash247.com)

A new body looking to raise the standard of cybersecurity risk assessment across the maritime industry, the International Maritime Cyber Security Organisation (IMCSO), started work on Tuesday.

IMCSO also devised a certification programme for security consultants and a professional register, which will assist shipping organisations select experienced personnel.

The organisation will also validate report outputs to ensure consistency with reports held on a central database and make them accessible to the authorities and third parties that need to determine the risk status of a vessel.

G7 countries vow to establish collective cybersecurity framework for operational tech
(therecord.media)

The Group of Seven (G7) countries have agreed to establish a collective cybersecurity framework around operational technologies for both manufacturers and operators, the White House announced Tuesday.

At last week’s summit in Italy, the gathered G7 leaders “committed to taking critical action to strengthen the cybersecurity of the global supply chain of key technologies used to manage and operate electricity, oil, and natural gas systems across the world,” National Security Advisor Jake Sullivan said.

The initiative seeks to address the continuous cyberattacks targeting energy systems around the world that are “vulnerable to disruption.”

Rising exploitation in enterprise software: Key trends for CISOs
(helpnetsecurity.com)

Action1 researchers found an alarming increase in the total number of vulnerabilities across all enterprise software categories.

“With the NVD’s delay in associating Common Vulnerabilities and Exposures (CVE) identifiers with CPE (Common Platform Enumeration) data, our report comes at a critical moment, providing much-needed insights into the evolving vulnerability landscape for enterprise software,” said Mike Walters, President of Action1.

“Our goal is to arm key decision makers with essential knowledge so that they can prioritize their efforts in vulnerability monitoring using alternative approaches while the traditional reliance on NVDs is challenged.

Are We Turning the Corner in the Fight Against Cybercrime? It’s Complicated
(securityboulevard.com)

Cybersecurity professionals struggle to feel optimistic about their efforts to thwart cybercriminals.

Cybercrime attacks continue to increase in frequency, scale and impact. While security teams become more sophisticated, so do their adversaries.

Millions of dollars are spent on tools, technologies and resources to stop breaches. Yet millions more are spent recovering from malware and ransomware attacks that succeed.

TikTok faces fresh US pressure over child privacy
(bbc.com)

The US Federal Trade Commission (FTC) has referred a complaint against TikTok and its Chinese parent company ByteDance over potential violations of children's privacy to the Department of Justice (DOJ).

The FTC says its own investigation "uncovered reason to believe" that the firms "are violating or are about to violate the law".

In a statement to BBC News, a TikTok spokesperson said they were disappointed by the decision. The case is separate from legislation passed earlier this year to ban TikTok in the US if ByteDance does not sell the business.

Why Enterprise Editions of Open Source Databases Are Essential for Large Organizations
(cysecurity.news)

With the digital age ushering in massive data flows into organizational systems daily, the real value of this data lies in its ability to generate critical insights and predictions, enhancing productivity and ROI.

To harness these benefits, data must be efficiently stored and managed in databases that allow easy access, modification, and organization.

Open-source databases present an attractive option due to their flexibility, cost savings, and strong community support. They allow users to modify the source code, enabling custom solutions tailored to specific needs.

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting
(helpnetsecurity.com)

SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection (IDS/IPS), network security monitoring (NSM), and threat hunting. The project is developed and maintained by Stamus Networks.

SELKS is an effective production-grade solution for many small and medium-sized organizations. Since all the data in SELKS is generated by the Suricata engine, it is popular among network security practitioners who explore the capabilities of Suricata IDS/IPS/NSM and analyze the network protocol monitoring logs and alerts it generates.

By default, SELKS has over 28 default dashboards, more than 400 visualizations, and 24 predefined searches available.

Getting a Firmer Grip on AI Privacy Concerns in Healthcare
(healthcareinfosecurity.com)

Artificial intelligence technologies offer tremendous promise in healthcare, but it's crucial for organizations to carefully assess the complex data privacy concerns involved with different types of AI products and deployments, said Karen Habercoss, chief privacy officer at UChicago Medicine.

"Really understanding what the use cases are and how we can minimize the amount of data we're handing over so we can protect our patients, their privacy and their data" is critical, she said.

"I'm very pro-AI. I think it is going to be game changer in healthcare in terms of how we clinically take care of patients. Those are the very positive things that come out of it. But with it comes great responsibility to protect our patients from things that they may not understand," she said.

World's top AI chatbots have no problem parroting Russian disinformation
(theregister.com)

Media analyst house NewsGuard tested chatbots from ten top AI developers, and found they all were willing to emit Russian disinformation to varying degrees.

For this study, the LLM-powered bots – including OpenAI's ChatGPT, Microsoft's Copilot, and Google's Gemini – were each given 57 prompts to complete. These prompts questioned false claims made in articles circulated by what's said to be a network of disinformation outlets dressed up as local news websites that ultimately serve Russian interests and push pro-Putin propaganda.

The prompts did not reference the articles directly. Rather, they queried the accuracy of the narratives of those stories, giving the bots a chance to shoot down the disinformation.

McDonald's ends AI drive-thru trial after order mishaps
(sky.com)

McDonald's is ending its AI drive-thru trial after customers reported errors in their orders - including bacon being added to ice cream.

The fast food chain's AI ordering system, developed by IBM, uses voice recognition to process orders and has been rolled out at more than 100 McDonald's locations in the US since 2021.

However, the technology's reliability has been called into question in recent months, with members of the public sharing videos of order mix-ups on social media.