720-891-1663

Security News Update for Week Ending July 12, 2024

After insurance rates soared between 2020 and 2022, prices went down a little bit (15 percent) in 2023 due to increased competition, better vetting on the part of insurance companies and better company cybersecurity practices. It will be interesting to see where this trend goes, but we will take this for now. Credit: Dark Reading

Multiple US intelligence community officials say that Russia has begun to try to influence the outcome of the 2024 US Presidential election. It appears that their preferred candidate is Trump. Moscow is using a “variety of approaches to bolster its messaging and lend an air of authenticity to its efforts”. China, on the other hand, doesn’t seem to care, in the moment, which candidate wins because they are both anti-China. Trump, on the other hand, will likely end aid to Ukraine, allowing Russia to achieve its goal of global expansionism. Credit: The Record

Florida is not saying why it suddenly pulled the app off the app stores and told users to delete it. We can certainly speculate on that. The fact that they say that they are going to release a new app next year from a new vendor certainly gives an indication that there were problems – likely either the data was vulnerable or the vendor was compromised. One major problem with their solution was that the law still requires you to produce your physical license if requested, so what, exactly, is the reason for the app other than to hand over your unlocked phone to the police. I am sure that nothing could possibly go wrong there. The answer will likely leak out, so be patient. Credit: Techspot

Australian authorities are warning of scammers that are targeting their victims with offers to help them recover from being scammed. The scammers, of course, want money up front. DON’T DO IT. It is a clever scam; I am not sure why or if crooks have not been doing this for a long time. Credit: The Register

CISA performs friendly attacks (called red teaming) for federal agencies and others. In one case, the successfully broke in and no one detected them for five months. They got their initial access due to …. a missing Oracle patch. CISA told them about the vulnerability and they patched it after a couple of weeks but they did not check to see if anyone broke in. Like China or CISA. They explained the attack chain from phishing to remote access trojans to unprotected admin credentials. Credit: The Register

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *