Cyber Security Headlines: Intermittent Encryption Warning, Hp Firmware Bugs, Sec Crypto Office – Ciso Series

Cyber Security Headlines: Intermittent encryption warning, HP firmware bugs, SEC crypto office – CISO Series


A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. This tactic is called intermittent encryption, and it consists of encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor. For example, by skipping every other 16 bytes of a file, the encryption process takes almost half of the time required for full encryption but still locks the contents for good. Additionally, because the encryption is milder, automated detection tools that rely on detecting signs of trouble in the form of intense file IO operations are more likely to fail. SentinelLabs has posted a report examining an intermittent encryption trend started by LockFile in mid-2021 that has now been adopted by the likes of Black Basta, ALPHV (BlackCat), PLAY, Agenda, and Qyick.
(Bleeping Computer
A set of six high-severity firmware vulnerabilities impacting a broad range of HP Enterprise devices are still waiting to be patched, although some of them were publicly disclosed since July 2021. Firmware flaws are particularly dangerous because they can lead to malware infections that persist even between OS re-installations or allow long-term compromises that would not trigger standard security tools. A report from Binarly states that even though it’s been a month since they made some of the flaws public at Black Hat 2022, the vendor hasn’t released security updates for all impacted models, leaving many customers exposed to attacks. The researchers reported three bugs to HP in July 2021 and the other three in April 2022, giving the vendor four months and a full year, respectively, to push updates for all affected devices.
(Bleeping Computer)
The U.S. securities regulator will set up two new offices to deal with filings related to crypto assets and the life sciences sector, the agency said on Friday. The “Office of Crypto Assets” and the “Office of Industrial Applications and Services” will join seven existing offices under the Securities and Exchange Commission (SEC) department which handles corporate disclosure filings. Renee Jones, director of the Division of Corporation Finance, said in a statement, “As a result of recent growth in the crypto asset and the life sciences industries, we saw a need to provide greater and more specialized support.”
(Reuters)
New rules drafted by the European Union aimed at regulating AI could prevent developers from releasing open-source models, according to American think tank Brookings. The proposed EU AI Act, yet to be signed into law, states that open source developers have to ensure their AI software is accurate, secure, and be transparent about risk and data use in clear technical documentation. Brookings argues that if a private company were to deploy the public model or use it in a product, and it somehow gets in trouble, the company would then probably try to blame the open source developers and sue them. This might force the open source community to think twice about releasing their code, and would, leave the development of AI to be driven by private companies. 
(The Register)
EdFinancial and the Oklahoma Student Loan Authority (OSLA) are notifying over 2.5 million loanees that their personal data was exposed in a data breach. The target of the breach was Nelnet Servicing, the Lincoln, Neb.-based servicing system and web portal provider for OSLA and EdFinancial, according to a breach disclosure letter. Nelnet revealed the breach to affected loan recipients on July 21, 2022 via a letter. No mention was made as to the cause of the vulnerability and the breach.
(ThreatPost)
Following up on a story we brought you a month ago, Federal Communications Commission (FCC) chair Jessica Rosenworcel has proposed several changes to the U.S. Emergency Alert System (EAS) and Wireless Emergency Alerts, designed to beef up the cybersecurity of the systems following the discovery last month by FEMA of vulnerabilities. The systems allow the federal government, the president or state-level officials to send out emergency warnings about a range of issues including potential weather events or AMBER alerts for missing children. FEMA’s warning stated that the vulnerabilities could enable threat actors to issue alerts over TV, radio, and cable networks.
(The Record)
At this year’s Code Conference in Los Angeles, some of the world’s top tech and media CEOs, and prominent political voices, raised concerns about the power, rapid growth and surveillance capabilities of the Chinese-owned TikTok, in some cases calling for it to be banned altogether. TikTok was notably one of the only major, mainstream social media companies not present. “The reason why this has been so challenging for companies to respond to in the United States, but also around the world, is the scale of TikTok’s investment,” said Snap CEO Evan Spiegel, which recently laid off some 20% of its own workforce, adding, “what nobody had anticipated in the United States was the level of investment that ByteDance made into the U.S. market, and Europe, because it was just something that was unimaginable.”
(Forbes)
A busy week in ransomware saw attacks against NAS devices, and IHG Hotel Group, parent company of Holiday Inn and Intercontinental, among others, disrupting their online reservation systems. Also attacked was technology infrastructure of the Los Angeles Unified School District, although schools remained open. The VICE Society claimed responsibility for the LA schools attack. We also saw some new ransomware research released this week, including Play, BlackCat, ex-Conti members targeting Ukraine, and a new Monti ransomware operation.
(Bleeping Computer)
Acting as a media network for cyber information and exchange, CISO Series is just a member of this fantastic community that unfortunately has some conflicts. We’re just putting ourselves at the center of the conversation, acting as couples counseling for security vendors and practitioners.

CISO Series: Delivering the most fun you’ll have in cybersecurity.
Contact us: info@cisoseries.com
© 2021 CISO Series

source


Leave a Comment

Leave a Reply

Your email address will not be published.

A dark underbelly: Digital loans, real-world extortion – Deccan Herald

Global Cyber Security Market to Gather around USD 156 Billion by 2031 by Growing at ~11% CAGR during 2022-2031; Surge in Unethical Cyber Intrusion, Cyber Attacks, and Others to Drive an Upbeat Growth Trajectory – GlobeNewswire

Mandiant, Google, And The Future Of Cloud Cybersecurity – Forbes

What makes Cybersecurity an attractive career choice in the US? – Economic Times