720-891-1663

Alerts, Breach, Business Continuity, Hacks, Legal, Microsoft, News Bites, Security Practices

Security News Update for December 6, 2024

Leave a comment

North Koreans Attacking Crypto With Social Engineering

Because … that is where the money is. The FBI says they are using highly tailored, difficult to detect social engineering campaigns. In spite of the so-called technical expertise of these targeted companies these attacks are effective. Credit: The Record

August Ransomware Attack Causes Stoli Vodka to File for Bankruptcy

The August 2024 ransomware attack caused Stoli’s ERP system to come to a halt, forcing the company into manual mode and causing the company to default on loan payments. This came after Russia seized their last two distilleries in mother Russia. The combination KOed the company. They will reorganize and you (likely) will still be able to buy your vodka. It is a warning about the impact of ransomware attacks and insufficient business continuity processes. Credit: Bleeping Computer

Microsoft Says Having a TPM is a Non-negotiable Requirement for Windows 11

Even though Windows 11 has been released for years and Support for Windows 10 ends in less than a year, more than 60 percent of all Windows systems worldwide still run Windows 10. Part of the reason is that Windows 11 requires that all computers running Windows 11 have a security coprocessor called a TPM. Microsoft just reiterated that it is not negotiable. That means that companies that are still running Windows 10 and which have computers without a TPM version 2 security coprocessor will either need to remain on Windows 10 after it is no longer supported or will have to replace those computers. Credit: Bleeping Computer

FCC Calls for Enhanced Security for Telecom Providers

Okay, call me Mr. Negative. The FCC, a month before it changes hands, has issued a DRAFT declaratory ruling mandating carriers to secure their networks. Whatever that means. Were they not securing them before? Will the carriers agree to this? Will the next administration say this is a rule and we don’t like rules. Even if magic happens, it will take 5-10 years to implement it and the smaller carriers won’t have the resources to do it. One thing working in the FCC’s favor is that Congress is, apparently, scared after receiving a classified briefing this week. Still, if you care about the security of your data, protecting it is up to you. Remember, if your data is harder to exploit (i.e. your protection mechanisms are better than the next guy), likely the hackers will move on to the folks that are not doing this. Read the details of the FCC ruling here.

Feds, Who Have Been Trying to Kill Encryption for Decades, Say Use Encrypted Apps

The FBI has been leading the attack against encryption causing them to “go dark” for decades. Now the FBI and CISA are telling the public that, in light of Salt Typhoon, Americans should use encrypted apps. The FBI official said, “People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant” multi-factor authentication. I assume responsibly managed means with a back door for them. But they can’t force that. At least not yet. Credit: NBC

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2024 CyberCecurity, All rights reserved. Privacy Policy