This week in ransomware – Friday July 1, 2022
[ad_1]
“Denial is not a river in Egypt”
We start this week’s summary with a famous quote from Mark Twain, and our theme is “denial.”
We know that the majority of companies have experienced some form of ransomware attack. According to a Telus survey published in 2022, “cyber-attacks are on the rise in Canada, with 98 per cent of Canadian organizations reporting a cyberattack in the last 12 months.”
Who do we trust when attackers claim to have had a successful ransomware attack, but the company denies that the attack was successful?
This week, two major companies both issued denials in the face of ransomware gangs claiming they have successfully attacked the company, and who post evidence of stolen data to prove their claim?
Walmart denies attack by Yanluowang gang
Walmart has denied being attacked with ransomware by the Yanluowang gang, although the gang claimed to have encrypted thousands of computers.
In a statement to BleepingComputer, Walmart said their “Information Security team is monitoring our systems 24/7,” and believe the claims to be inaccurate.
Walmart continues to deny the attack, but files posted, ostensibly from the Yanluowang gang, do appear to contain information that claims to be from Walmart’s internal network, including a security certificate, a list of domain users, and the output of a kerberoasting attack.
Kerberoasting is an attack used when threat actors gain access to a network and then are able to access Windows services accounts and their hashed NTLM passwords. The attackers then use hashed passwords to brute-force the extraction of plain-text passwords. Once they have these credentials, they can elevate their privileges on the Windows domain.
Sourced from an article in Tech News Day with additional info from Bleeping Computer.
AMD denies ransomware attack
AMD says they are investigating a cyberattack after the RansomHouse gang claimed to have stolen 450 GB of data from the company in the past year.
RansomHouse is known as for stealing data and then demanding a ransom with the threat of publicly leaking the data or selling it to other threat actors.
While they have not named AMD, the RansomHouse gang has posted on Telegram that they would soon be selling the data of a well-known, three letter company that starts with the letter “A”.
Sourced from an article in Bleeping Computer
No good deed goes unpunished?
So why do companies deny attacks? Have these companies not been breached? Or are they reluctant to come forward, given the extreme penalties that are being levied against companies who have been successful attacked.
Podcast host Howard Solomon reported on Cyber Security Today that Carnival Cruise Line has been fined US$5 million for data breaches which featured the theft of personal information of passengers and employees. According to Carnival, the company had four cybersecurity events between 2019 and 2021, including two ransomware attacks.
Carnival is being penalized for violating state financial services regulations by not implementing multifactor authentication. Authorities claim that it failed to report the first of the four attacks and that it also failed “ to adequately train staff about cybersecurity.”
Ironically, the reason Carnival companies were able to be penalized stems from the fact that the company also sells cybersecurity insurance, and because of this, it was subject to state cybersecurity regulations. The settlement will force Carnival companies to stop selling insurance in New York State in addition to the financial penalties.
Again, according to the podcast, Carnival recently reached a US$1.2 million settlement with 46 states involving a 2019 data breach.
Sourced from the podcast Cyber Security Today
[ad_2]
Source link
Absorbable Modified Polymers Technology Advanced Technology Grants Pass Aidan'S Professional Technology Services Albuquerque Nm Information Technology Recruiters Bhd Technology Vr Catholic "Information Technology Ceo Comcast Technology Computer Technology Electronic Current Applications Of Rdna Technology Disadvantages Technology Law Ferrum Technology Services Fundamentals Of Medical Laboratory Technology Gmu Department Of Information Technology Hornborg Alf Technology Effects I'M Done Working In Technology James V. Arms Technology Jurassic Park Technology Analysis Liquidmetal Technology News Llc Mathey Technology And Engineering Medical Technology In 500 Bc Musc Library Technology Downloads New Jersey Technology Office Space Pc Ralley Technology Ridge Technology Services Technology 3x Reverse Etf Technology Abuse Use Technology Adoption Three Types Technology Advantage Info Technology And Improving Menial Jobs Technology Classroom Building 311 Technology Companys In Usa Technology Distracting Studying Students Technology Docking Stations Technology Enablement White Paper Technology Images For Ppt Technology Impact On Finance Departments Technology In Chennai Technology In Greek Translation Technology Into History Lesson Technology Is Electricity Ted Talks Technology Professionals Of British Columbia Technology Relatesecuirty Topics Technology Studies Emu Technology To Prevent Medication Errors Technology Want What Ails Look Tesla Technology Roadmap Veterinary Assisting Vs Veterinary Technology Wentworth Institute Of Technology Animation What Is Today'S Technology With The Arise Of Technology
Recent Posts
Archives
Categories
BL
TL
Visit Now
ExampleTheme by The WP Club . Proudly powered by WordPress