Friday is a great day to wrap up some of the biggest news in the cybersecurity world. Starting this week, we will be posting the top 5 most important news and research from the past week.
Highly skilled hackers were able to plot a good ransomware attack on the University of California at San Francisco and received a payout of 118 bitcoins as a result. The university hired a professional negotiator who negotiated a lower amount of decryption for the system. Failure to use security testing services can result in huge losses, both financial and reputational.
The importance of cybersecurity in facilitating productive remote work was a significant catalyst for the two years-worth of digital transformation we observed in the first two months of the COVID-19 pandemic. In this era of ubiquitous computing, security solutions don’t just sniff out threats, they serve as control planes for improving productivity and collaboration by giving end-users easier access to more corporate resources. Microsoft recently concluded a survey of nearly 800 business leaders of companies of more than 500 employees in India (IN), Germany (DE), the United Kingdom (UK) and the United States (US) to better understand their views of the pandemic threat landscape, implications for budgets and staffing, and how they feel the pandemic could reshape the cyber-security long-term.
Among the key insights are data showing that an alarming number of businesses are still impacted by phishing scams, security budgets, and hiring increased in response to COVID-19, and cloud-based technologies and architectures like Zero Trust are significant areas of investment moving forward.
The federal prosecutors in the United States have charged Uber’s former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016.
According to the press release published by the U.S. Department of Justice, Sullivan “took deliberate steps to conceal, deflect, and mislead the Federal Trade Commission about the breach” that also involved paying hackers $100,000 ransom to keep the incident secret.
The 2016 Uber’s data breach exposed names, email addresses, phone numbers of 57 million Uber riders and drivers, and driver license numbers of around 600,000 drivers.
The company revealed this information to the public almost a year later in 2017, immediately after Sullivan left his job at Uber in November.
Later it was reported that two hackers, Brandon Charles Glover of Florida and Vasile Mereacre of Toronto, were behind the incident to whom Sullivan approved paying money in exchange for promises to delete data of customers they had stolen.
At the beginning of the week, news broke that the company, which produces the wildly popular Jack Daniel’s whiskey and Finlandia vodka, fell under the distribution of another extortionist. Ransomware groups have been very active in the past few months. Such giants as Garmin, Canon and others were attacked. Our RnD team anticipates that ransomware operators will expand their operations and we will see more and more attacks like this.
At DEFCON 28, researchers demonstrated several vulnerabilities in the Zoom app. These vulnerabilities allow an attacker to gain access to compromised systems. After the researcher personally reported the issues to the company, they released a fix and the Zoom app became more secure. This is a great example of how bug bounty helps large companies continually improve the safety of their products.
Hacken Club Twitter: https://twitter.com/hackenclub
CER.live Twitter: https://twitter.com/cer_live
Hacken Club Telegram: https://t.me/hackenclub
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.