Physical security is experiencing a transformation thanks to advancements in artificial intelligence (AI), machine learning (ML), deep learning and intelligent video analytics.
The widespread adoption and use of innovations like ChatGPT and DALL-E have demonstrated that AI technology is more than just a passing trend. It has showcased its potential in various applications that extend beyond writing content or answering questions. Businesses looking to protect their staff and visitors would be wise to understand AI-based physical security solutions.
Addressing today’s security threats requires applications that can rapidly analyze massive amounts of data that surpass human capabilities. According to IFSEC Insider, “AI-based applications enable operators to respond to potential threats faster than ever, while simultaneously reducing false alarm notifications that plagued earlier analytics models.” As such, AI physical security solutions can enable businesses to protect their customers and staff against physical threats in a much faster and more accurate manner.
With the addition of AI, physical security solutions are no longer passive but are actively intelligent devices that can monitor video feeds in real time. This not only can possibly reduce workforce costs but may also increase the likelihood of identifying and catching perpetrators before they commit a crime.
Here are a few examples of AI-based security solutions:
• Access Control and Intrusion Detection Systems: AI access control systems and intrusion detection systems can monitor various building access authentication factors, such as the location of the access attempt, time of day and user behavior, to determine the risk level associated with granting access.
• Smart Security Systems: such as Ring or Nest, incorporate AI features and use computer vision algorithms to detect and track motion, send alerts to connected devices and offer real-time video streaming through mobile apps.
• Behavior Analytics And Threat Intelligence Platforms: AI can be used to help monitor video feeds from security cameras and alert suspicious activities or objects in real time. These systems can detect loitering or unusual behavior and raise alerts for potential security threats.
• Weapons Detection: AI gun detection software can be deployed on security cameras to identify guns when they are brandished and provide real-time situational awareness to first responders. Alternatively, AI-powered thermal imaging systems can detect concealed weapons by identifying heat signatures generated by the weapon or the person carrying it.
People are needed too: These systems are to help assist in identifying threats. The technology doesn’t solve all the problems and people have to physically capture the people involved in the threat.
Best Practices are needed for implementing AI Security Solutions
• Conduct a risk assessment.
• Evaluate security from the ground up.
• Consider data privacy and compliance.
• Train your team on the updated security systems and processes.
• Allocating a budget to a new AI security system, you need to know how to use it.
• Ensure ongoing monitoring and maintenance.
• Embracing AI To Create A Safer Future
This technology is becoming an essential component of future security systems and will soon be the industry norm.
Malwarebytes recently uncovered a concerning trend within Microsoft Bing’s AI chatbot, where malevolent advertisements are ingeniously employed to disseminate malware while users search for commonly used tools. This discovery highlights how unwary individuals can unknowingly stumble upon hazardous websites and inadvertently install malicious software, all through seemingly harmless Bing Chat conversations. These findings underscore the need for heightened vigilance and precautionary measures, as users must remain cautious in their online interactions. https://thehackernews.com/2023/09/microsofts-ai-powered-bing-chat-ads-may.html
After reading this week’s readings, this article stood out to me as I did not think of some of the factors. One of the main factors is physical tampering with hardware before it reached the data center. There can actually be malware installed on servers, networking equipment, physical devices etc. before it even ships to the data center. Having a strong security team within your supply chain is your best bet for this not to happen. The second one that stuck out was unauthorized movement within the data center such as employees gaining access to cleaning the data center and touching equipment etc. There are other risks in the article such as inside malicious and physical data security risk, remote attacks etc.
This article is focused on the recently released draft version of Cybersecurity Framework (CSF) 2.0 by NIST. The CSF was originally developed in 2014 to assist organizations in understanding and managing cybersecurity risks. This draft reflects changes in the cybersecurity landscape and aims to make CSF more accessible to all types and sizes of organizations, beyond just critical infrastructure sectors.
The key points about CSF 2.0 draft include the following:
Scope Expansion: The framework’s scope has expanded to cover cybersecurity for all organizations, regardless of type or size, moving beyond just critical infrastructure protection.
Addition of a Sixth Function: NIST has added a new function, “govern,” emphasizing the importance of an organization’s ability to make and execute internal decisions to support its cybersecurity strategy.
Improved Guidance: The draft offers improved and expanded guidance on implementing the CSF, particularly in creating customized profiles for specific economic sectors and use cases. It includes implementation examples for each function’s subcategories to aid organizations, especially smaller ones, in effectively using the framework.
Integration with Other Frameworks: CSF 2.0 encourages organizations to leverage other technology frameworks, standards, and guidelines, both from NIST and elsewhere, to enhance their cybersecurity efforts.
Reference Tool: NIST has launched the CSF 2.0 Reference Tool, an online resource that allows users to browse, search, and export CSF Core data in human-readable and machine-readable formats. This tool will provide informative references to help users understand the relationships between CSF and other resources for better cybersecurity risk management.
Public feedback on the draft is scheduled to end on November 4, 2023, while the final version of CSF 2.0 will be released in early 2024.
The FBI is warning organizations of new ransomware trends, including dual ransomware attacks and the use of custom data theft tools, wipers, and malware. Organizations should implement a layered security approach, regularly back up data, educate employees on cybersecurity best practices, and have a plan in place for responding to an attack. If you are a victim of a ransomware attack, do not pay the ransom. Report the attack to the FBI and your local law enforcement agency.
The financial services company’s cybersecurity team detected a breach involving an employee’s MAC address being used both locally and remotely, leading to the discovery of two rogue drones on the roof. One drone, a DJI Phantom, was found equipped with a Wi-Fi Pineapple device for internet connection hijacking, while the other, a DJI Matrice, contained a Raspberry Pi, laptop, modem, and Wi-Fi equipment. This incident highlights the emerging threat of drones in cyberattacks, as they can be used for physical surveillance, network sniffing, spoofing, and even Denial-of-Service attacks. With the drone industry rapidly advancing and making these capabilities more accessible, organizations are urged to bolster their cybersecurity defenses by considering physical security vulnerabilities, deploying intrusion detection, using wired connections where possible, and incorporating drone-related threats into their penetration testing efforts.
Dark Beam, a digital risk protection firm, left a client’s interface unprotected which exposed user email and passwords. Once the leak was identified there were 3.8 billion records exposed. The leak was discovered by another firm who later reported it to Dark Beam and it was closed. This is so in line with what we are talking about with physical security and how the user has the greatest role in its success. This leak was blamed on human error. One example given was maybe an employee forgot to password protect the instance after maintenance. Since it was never mentioned how the leak took place I have to update as of this writing. This exposure provided hackers with what the article described as “limitless attack capabilities.” I studied samples of leaked data, and you could plainly see the username and password combinations of a few accounts. (this info was redacted) I have witnessed admins who have forgotten to log off the server after performing updates, so it does happen. Fortunate for us, I was the one that discovered the open server and logged it off. (in case you were wondering)
Article: New Ransomware Trend – Threat Actors Deploy Two Ransomware on Victims’ Networks
This article covers the introduction of new ransomware trends in the IT security sphere being tacked by the FBI and other agencies. The FBI has flagged these two new attacks as repeated redundancy attacks on the same victim but also new efforts to disrupt and destroy user data. As of 2022, ransomware attacks have been escalating on users and organizations. New tools available to bad actors allow attackers to more easily access, retrieve, and hold data hostage on user devices. These methods are always changing and therefor the FBI and other organizations advise utilizing and implementing frameworks like NIST to ensure that data is protected and secured for an organization. The article also advises mitigation methods like backups and port monitoring to ensure that ransomware is ineffective against an organization or individual
FBI Warns of Dual Ransomware Attacks and Data Destruction Trends
In a significant development, the Federal Bureau of Investigation (FBI) has issued a warning regarding the increasing number of dual ransomware attacks and a concerning trend of data destruction activities. Cautiously and competently addressing these cybersecurity threats, the FBI brings to the fore the complexity and the cunningness that characterizes modern cybercrime.
Ransomware, a type of malicious software that encrypts a victim’s files until a ransom has been paid, is not a novel phenomenon. However, the Bureau has increasingly noted instances when attackers deploy dual ransomware, effectively using two aggressive strains simultaneously to bolster their chances of success. By doing so, cybercriminals not only double their chances of bypassing security measures but also significantly increase the pressure on victims to pay the ransom.
The second trend of concern brought to light by the FBI involves data destruction. Instead of merely encrypting files and demanding a ransom for their decryption, some attackers now seem intent on destroying data completely. This aggressive approach disrupts businesses, leaving them without the option to recover their vital data even upon paying a ransom. Such loathsome modus operandi underscores the necessity for organizations to prioritize strategic data backup and improved cybersecurity measures.
In essence, the Bureau’s alert serves as a momentous reminder of the persistent and ever-present cyber threats organizations are steeped in. It signifies a call-to-action for businesses to up their defenses, scale their technological prowess, and remain constantly vigilant to the evolving tricks and tactics employed by cybercriminals.
To address these rising threats, the importance of enacting robust cybersecurity strategies, implementing efficient security measures, and promoting a culture of cyber vigilance within the organization cannot be underplayed. After all, in this digital era, cybersecurity is no longer a luxury, but an essential requirement that should permeate all layers of an organization.
Sport Spectators Have Thoughts on Security Measures During Live Events
While it is already known to us security professionals that better security measures should be taken in general (both physical and digital regarding IS security), it is interesting that according to a survey done by the NCS4 (National Center for Spectator Sports Safety and Security) spectators are willing to pay a possibly substantial surcharge in their ticket fees to support security budgets. This seems to fall in line with the end users’ thoughts on overall security. In this article, I found most interesting the perceptions of safety and security practices, technologies, and industry threats. There were 400 participants of the survey. The numbers show that 3% of participants agreed or strongly agreed that safety and security measures are considered when attending a sporting event. However, 73% of participants agreed that they prefer visible security measures during these events. These two findings seem contradictory but also interesting since the former finding seems like an involuntary admission of lack of initiative with security in general. Though, it does further solidify the point that SETA practices should be recurring and visual. Also, 2/3rds admitted to trusting the sports venue’s efforts to protect them from active shooters and breaches of PII. I am seriously considering contacting Sara to see who took this survey because that is very concerning! Very interesting article, indeed. From these participants, it seems their main concerns during these events are theft, use of weapons, unsafe parking environments, alcohol abuse, inadequate security personnel or screening and fa violence. Now, I will give some credit that these are very valid things to be concerned about during these events and could easily keep your brain tied up (theft of PII? oh yeah forgot about that). But consider the possibility of their being a motive against someone or any business in connection with the production of the event, there are so many ways that this could be executed with the assistance of technology. End user awareness becomes a matter of being proactive and taking initiative.
Article Link: Sport Spectators Open to Security Ticket Fees and Facial Recognition {https://www.asisonline.org/security-management-magazine/latest-news/today-in-security/2023/september/sport-survey-findings-2023/}
A recent cyberattack that affected Johnson Controls International’s (JCI) internal IT systems was reported. On client portals and login pages, subsidiaries Simplex and York are also experiencing technical difficulties. According to a ransom note from the Dark Angels cybergang that was found by a researcher, JCI’s network had been penetrated, and that the group had exposed sensitive information, encrypted files, and erased backups. According to reports, the group ransacked the company’s VMware ESXi servers and grabbed approximately 27TB of data.
Despite JCI’s claim that its applications are still functional, they have put in place an event management plan to lessen further effects while it examines the financial impact on its fiscal year results. If the hack affects systems utilized by JCI’s clients, it might have significant effects, especially in sectors like healthcare, airports, hotels, and stadiums, where JCI is a major player in digital technologies and services for building management.
Over 34 fake packages within the npm package repository designed to steal sensitive data from dev’s systems have been uncovered by Fortinet FortiGuard Labs. The packages contain shady JavaScript files that can extract confidential configurations. Fortinet has categorized the modules into 9 groups based on the similarities in the codes and functions. Fortinet has emphasized that users should be cautious when dealing with unknown or suspicious packages.
Title: FBI: Crippling ‘Dual Ransomware Attacks’ on the Rise
Link: https://www.darkreading.com/threat-intelligence/fbi-highlights-dual-ransomware-attack-in-rising-cybertrends
Summary: The FBI has issued a warning about a growing trend in ransomware attacks, known as “dual ransomware attacks,” where separate attacks occur within hours or days of each other. These attacks, targeting the same victim in quick succession, involve deploying different ransomware variants like AvosLocker, Diamond, and LockBit, leading to a mix of data encryption, exfiltration, and extortion. The FBI advises reporting suspicious activities and recommends safeguarding measures such as maintaining offline encrypted backups, reviewing third-party security, and implementing strict execution policies for known programs to mitigate these threats.
Yet another hotel company, Motel One, has become a victim of a ransomware attack by a hacking group. The hotel in question asserts that its protective measures limited the breach to a relatively small number of credit cards—precisely 150—and that its core business was never in jeopardy.
Conversely, the hacking group claims to have accessed and stolen almost 24.5 million files, which reportedly contain sensitive data. This raises questions about the truthfulness of both sides’ statements. Who is providing accurate information, and why might the hacking group have an incentive to be less than truthful?
Marc Greenberg says
How AI Is Disrupting the Business Of Physical Security
https://www.forbes.com/sites/forbestechcouncil/2023/09/27/how-ai-is-disrupting-the-business-of-physical-security/?sh=3939d9d5528b
Physical security is experiencing a transformation thanks to advancements in artificial intelligence (AI), machine learning (ML), deep learning and intelligent video analytics.
The widespread adoption and use of innovations like ChatGPT and DALL-E have demonstrated that AI technology is more than just a passing trend. It has showcased its potential in various applications that extend beyond writing content or answering questions. Businesses looking to protect their staff and visitors would be wise to understand AI-based physical security solutions.
Addressing today’s security threats requires applications that can rapidly analyze massive amounts of data that surpass human capabilities. According to IFSEC Insider, “AI-based applications enable operators to respond to potential threats faster than ever, while simultaneously reducing false alarm notifications that plagued earlier analytics models.” As such, AI physical security solutions can enable businesses to protect their customers and staff against physical threats in a much faster and more accurate manner.
With the addition of AI, physical security solutions are no longer passive but are actively intelligent devices that can monitor video feeds in real time. This not only can possibly reduce workforce costs but may also increase the likelihood of identifying and catching perpetrators before they commit a crime.
Here are a few examples of AI-based security solutions:
• Access Control and Intrusion Detection Systems: AI access control systems and intrusion detection systems can monitor various building access authentication factors, such as the location of the access attempt, time of day and user behavior, to determine the risk level associated with granting access.
• Smart Security Systems: such as Ring or Nest, incorporate AI features and use computer vision algorithms to detect and track motion, send alerts to connected devices and offer real-time video streaming through mobile apps.
• Behavior Analytics And Threat Intelligence Platforms: AI can be used to help monitor video feeds from security cameras and alert suspicious activities or objects in real time. These systems can detect loitering or unusual behavior and raise alerts for potential security threats.
• Weapons Detection: AI gun detection software can be deployed on security cameras to identify guns when they are brandished and provide real-time situational awareness to first responders. Alternatively, AI-powered thermal imaging systems can detect concealed weapons by identifying heat signatures generated by the weapon or the person carrying it.
People are needed too: These systems are to help assist in identifying threats. The technology doesn’t solve all the problems and people have to physically capture the people involved in the threat.
Best Practices are needed for implementing AI Security Solutions
• Conduct a risk assessment.
• Evaluate security from the ground up.
• Consider data privacy and compliance.
• Train your team on the updated security systems and processes.
• Allocating a budget to a new AI security system, you need to know how to use it.
• Ensure ongoing monitoring and maintenance.
• Embracing AI To Create A Safer Future
This technology is becoming an essential component of future security systems and will soon be the industry norm.
Ikenna Alajemba says
Malwarebytes recently uncovered a concerning trend within Microsoft Bing’s AI chatbot, where malevolent advertisements are ingeniously employed to disseminate malware while users search for commonly used tools. This discovery highlights how unwary individuals can unknowingly stumble upon hazardous websites and inadvertently install malicious software, all through seemingly harmless Bing Chat conversations. These findings underscore the need for heightened vigilance and precautionary measures, as users must remain cautious in their online interactions.
https://thehackernews.com/2023/09/microsofts-ai-powered-bing-chat-ads-may.html
Jeffrey Sullivan says
https://www.datacenterknowledge.com/security/5-physical-data-center-security-threats-are-easy-miss#close-modal
After reading this week’s readings, this article stood out to me as I did not think of some of the factors. One of the main factors is physical tampering with hardware before it reached the data center. There can actually be malware installed on servers, networking equipment, physical devices etc. before it even ships to the data center. Having a strong security team within your supply chain is your best bet for this not to happen. The second one that stuck out was unauthorized movement within the data center such as employees gaining access to cleaning the data center and touching equipment etc. There are other risks in the article such as inside malicious and physical data security risk, remote attacks etc.
Chidiebere Okafor says
This article is focused on the recently released draft version of Cybersecurity Framework (CSF) 2.0 by NIST. The CSF was originally developed in 2014 to assist organizations in understanding and managing cybersecurity risks. This draft reflects changes in the cybersecurity landscape and aims to make CSF more accessible to all types and sizes of organizations, beyond just critical infrastructure sectors.
The key points about CSF 2.0 draft include the following:
Scope Expansion: The framework’s scope has expanded to cover cybersecurity for all organizations, regardless of type or size, moving beyond just critical infrastructure protection.
Addition of a Sixth Function: NIST has added a new function, “govern,” emphasizing the importance of an organization’s ability to make and execute internal decisions to support its cybersecurity strategy.
Improved Guidance: The draft offers improved and expanded guidance on implementing the CSF, particularly in creating customized profiles for specific economic sectors and use cases. It includes implementation examples for each function’s subcategories to aid organizations, especially smaller ones, in effectively using the framework.
Integration with Other Frameworks: CSF 2.0 encourages organizations to leverage other technology frameworks, standards, and guidelines, both from NIST and elsewhere, to enhance their cybersecurity efforts.
Reference Tool: NIST has launched the CSF 2.0 Reference Tool, an online resource that allows users to browse, search, and export CSF Core data in human-readable and machine-readable formats. This tool will provide informative references to help users understand the relationships between CSF and other resources for better cybersecurity risk management.
Public feedback on the draft is scheduled to end on November 4, 2023, while the final version of CSF 2.0 will be released in early 2024.
Link: https://www.nist.gov/news-events/news/2023/08/nist-drafts-major-update-its-widely-used-cybersecurity-framework
Kelly Conger says
https://www.securityweek.com/fbi-warns-organizations-of-dual-ransomware-wiper-attacks/?web_view=true
The FBI is warning organizations of new ransomware trends, including dual ransomware attacks and the use of custom data theft tools, wipers, and malware. Organizations should implement a layered security approach, regularly back up data, educate employees on cybersecurity best practices, and have a plan in place for responding to an attack. If you are a victim of a ransomware attack, do not pay the ransom. Report the attack to the FBI and your local law enforcement agency.
Alyanna Inocentes says
Why Consumer Drones Represent a Special Cybersecurity Risk
https://securityintelligence.com/articles/why-consumer-drones-represent-a-special-cybersecurity-risk/
The financial services company’s cybersecurity team detected a breach involving an employee’s MAC address being used both locally and remotely, leading to the discovery of two rogue drones on the roof. One drone, a DJI Phantom, was found equipped with a Wi-Fi Pineapple device for internet connection hijacking, while the other, a DJI Matrice, contained a Raspberry Pi, laptop, modem, and Wi-Fi equipment. This incident highlights the emerging threat of drones in cyberattacks, as they can be used for physical surveillance, network sniffing, spoofing, and even Denial-of-Service attacks. With the drone industry rapidly advancing and making these capabilities more accessible, organizations are urged to bolster their cybersecurity defenses by considering physical security vulnerabilities, deploying intrusion detection, using wired connections where possible, and incorporating drone-related threats into their penetration testing efforts.
Erskine Payton says
Erskine Payton
In the News Article- Week 6
MIS 5206
Temple University
DarkBeam leaks billions of email and password combinations
https://cybernews.com/security/darkbeam-data-leak/
Dark Beam, a digital risk protection firm, left a client’s interface unprotected which exposed user email and passwords. Once the leak was identified there were 3.8 billion records exposed. The leak was discovered by another firm who later reported it to Dark Beam and it was closed. This is so in line with what we are talking about with physical security and how the user has the greatest role in its success. This leak was blamed on human error. One example given was maybe an employee forgot to password protect the instance after maintenance. Since it was never mentioned how the leak took place I have to update as of this writing. This exposure provided hackers with what the article described as “limitless attack capabilities.” I studied samples of leaked data, and you could plainly see the username and password combinations of a few accounts. (this info was redacted) I have witnessed admins who have forgotten to log off the server after performing updates, so it does happen. Fortunate for us, I was the one that discovered the open server and logged it off. (in case you were wondering)
Andrew Young says
Article: New Ransomware Trend – Threat Actors Deploy Two Ransomware on Victims’ Networks
This article covers the introduction of new ransomware trends in the IT security sphere being tacked by the FBI and other agencies. The FBI has flagged these two new attacks as repeated redundancy attacks on the same victim but also new efforts to disrupt and destroy user data. As of 2022, ransomware attacks have been escalating on users and organizations. New tools available to bad actors allow attackers to more easily access, retrieve, and hold data hostage on user devices. These methods are always changing and therefor the FBI and other organizations advise utilizing and implementing frameworks like NIST to ensure that data is protected and secured for an organization. The article also advises mitigation methods like backups and port monitoring to ensure that ransomware is ineffective against an organization or individual
https://cybersecuritynews.com/new-ransomware-trend/
Michael Obiukwu says
FBI Warns of Dual Ransomware Attacks and Data Destruction Trends
In a significant development, the Federal Bureau of Investigation (FBI) has issued a warning regarding the increasing number of dual ransomware attacks and a concerning trend of data destruction activities. Cautiously and competently addressing these cybersecurity threats, the FBI brings to the fore the complexity and the cunningness that characterizes modern cybercrime.
Ransomware, a type of malicious software that encrypts a victim’s files until a ransom has been paid, is not a novel phenomenon. However, the Bureau has increasingly noted instances when attackers deploy dual ransomware, effectively using two aggressive strains simultaneously to bolster their chances of success. By doing so, cybercriminals not only double their chances of bypassing security measures but also significantly increase the pressure on victims to pay the ransom.
The second trend of concern brought to light by the FBI involves data destruction. Instead of merely encrypting files and demanding a ransom for their decryption, some attackers now seem intent on destroying data completely. This aggressive approach disrupts businesses, leaving them without the option to recover their vital data even upon paying a ransom. Such loathsome modus operandi underscores the necessity for organizations to prioritize strategic data backup and improved cybersecurity measures.
In essence, the Bureau’s alert serves as a momentous reminder of the persistent and ever-present cyber threats organizations are steeped in. It signifies a call-to-action for businesses to up their defenses, scale their technological prowess, and remain constantly vigilant to the evolving tricks and tactics employed by cybercriminals.
To address these rising threats, the importance of enacting robust cybersecurity strategies, implementing efficient security measures, and promoting a culture of cyber vigilance within the organization cannot be underplayed. After all, in this digital era, cybersecurity is no longer a luxury, but an essential requirement that should permeate all layers of an organization.
https://www.infosecurity-magazine.com/news/fbi-warns-dual-ransomware-data/
Michael,OBIUKWU
MS ITACS/2023
Ashley A. Jones says
Sport Spectators Have Thoughts on Security Measures During Live Events
While it is already known to us security professionals that better security measures should be taken in general (both physical and digital regarding IS security), it is interesting that according to a survey done by the NCS4 (National Center for Spectator Sports Safety and Security) spectators are willing to pay a possibly substantial surcharge in their ticket fees to support security budgets. This seems to fall in line with the end users’ thoughts on overall security. In this article, I found most interesting the perceptions of safety and security practices, technologies, and industry threats. There were 400 participants of the survey. The numbers show that 3% of participants agreed or strongly agreed that safety and security measures are considered when attending a sporting event. However, 73% of participants agreed that they prefer visible security measures during these events. These two findings seem contradictory but also interesting since the former finding seems like an involuntary admission of lack of initiative with security in general. Though, it does further solidify the point that SETA practices should be recurring and visual. Also, 2/3rds admitted to trusting the sports venue’s efforts to protect them from active shooters and breaches of PII. I am seriously considering contacting Sara to see who took this survey because that is very concerning! Very interesting article, indeed. From these participants, it seems their main concerns during these events are theft, use of weapons, unsafe parking environments, alcohol abuse, inadequate security personnel or screening and fa violence. Now, I will give some credit that these are very valid things to be concerned about during these events and could easily keep your brain tied up (theft of PII? oh yeah forgot about that). But consider the possibility of their being a motive against someone or any business in connection with the production of the event, there are so many ways that this could be executed with the assistance of technology. End user awareness becomes a matter of being proactive and taking initiative.
Article Link: Sport Spectators Open to Security Ticket Fees and Facial Recognition {https://www.asisonline.org/security-management-magazine/latest-news/today-in-security/2023/september/sport-survey-findings-2023/}
Unnati Singla says
Title: Johnson Controls International Disrupted by Major Cyberattack
Link: https://www.darkreading.com/ics-ot/johnson-controls-international-hit-with-massive-ransomware-attack
A recent cyberattack that affected Johnson Controls International’s (JCI) internal IT systems was reported. On client portals and login pages, subsidiaries Simplex and York are also experiencing technical difficulties. According to a ransom note from the Dark Angels cybergang that was found by a researcher, JCI’s network had been penetrated, and that the group had exposed sensitive information, encrypted files, and erased backups. According to reports, the group ransacked the company’s VMware ESXi servers and grabbed approximately 27TB of data.
Despite JCI’s claim that its applications are still functional, they have put in place an event management plan to lessen further effects while it examines the financial impact on its fiscal year results. If the hack affects systems utilized by JCI’s clients, it might have significant effects, especially in sectors like healthcare, airports, hotels, and stadiums, where JCI is a major player in digital technologies and services for building management.
Akintunde Akinmusire says
https://thehackernews.com/2023/10/over-3-dozen-data-stealing-malicious.html
Over 34 fake packages within the npm package repository designed to steal sensitive data from dev’s systems have been uncovered by Fortinet FortiGuard Labs. The packages contain shady JavaScript files that can extract confidential configurations. Fortinet has categorized the modules into 9 groups based on the similarities in the codes and functions. Fortinet has emphasized that users should be cautious when dealing with unknown or suspicious packages.
Alex Ruiz says
Title: FBI: Crippling ‘Dual Ransomware Attacks’ on the Rise
Link: https://www.darkreading.com/threat-intelligence/fbi-highlights-dual-ransomware-attack-in-rising-cybertrends
Summary: The FBI has issued a warning about a growing trend in ransomware attacks, known as “dual ransomware attacks,” where separate attacks occur within hours or days of each other. These attacks, targeting the same victim in quick succession, involve deploying different ransomware variants like AvosLocker, Diamond, and LockBit, leading to a mix of data encryption, exfiltration, and extortion. The FBI advises reporting suspicious activities and recommends safeguarding measures such as maintaining offline encrypted backups, reviewing third-party security, and implementing strict execution policies for known programs to mitigate these threats.
Akiyah says
Yet another hotel company, Motel One, has become a victim of a ransomware attack by a hacking group. The hotel in question asserts that its protective measures limited the breach to a relatively small number of credit cards—precisely 150—and that its core business was never in jeopardy.
Conversely, the hacking group claims to have accessed and stolen almost 24.5 million files, which reportedly contain sensitive data. This raises questions about the truthfulness of both sides’ statements. Who is providing accurate information, and why might the hacking group have an incentive to be less than truthful?
https://www.bleepingcomputer.com/news/security/motel-one-discloses-data-breach-following-ransomware-attack/