Garmin Facing U.S. Investigation Over Payments to Terrorists By Third Party Following Cyber Attack

channelnews | August 05, 2020

Garmin is believed to be under investigation by US authorities, for paying cyber terrorists millions of dollars via a third party after their data operations were taken down in a major hack attack by an organisation called Evil Corp.The US Company who like to present themselves as a squeaky-clean Company appears to have had no hesitation in paying Evil Corp who has been sanctioned by the US Treasury as a terrorist organisation.

Spotlight

You may often hear experts refer to malware, trojan horses, ransomware, worms, spyware, viruses, etc. What do these terms mean and how does it concern you or your business? Find out in the next episode of ESET Cybersecurity tips & tricks.

Spotlight

You may often hear experts refer to malware, trojan horses, ransomware, worms, spyware, viruses, etc. What do these terms mean and how does it concern you or your business? Find out in the next episode of ESET Cybersecurity tips & tricks.

Related News

DATA SECURITY

Cerberus Sentinel Launches Secured Managed Services Providing Senior Support to Mitigate Cyber Risks

Cerberus Sentinel | October 26, 2021

Cerberus Cyber Sentinel Corporation a cybersecurity consulting and managed security services firm, today introduced its Cerberus Sentinel Secured Managed Services to help organizations step up their cybersecurity protections with security-focused, end-to-end network and device management solutions provided by a team of senior staff. Cerberus Sentinel's full-scale secured managed services are an integral part of MCCP+, their holistic approach to cybersecurity, compliance and culture. This ensures that all strategic solutions are tailored specifically for each client. Cerberus Sentinel has long recognized that a company must incorporate a culture of cybersecurity through its solutions, processes, and staff training to address the rapid growth of threats to its very existence, data, and intellectual property. "The cost of just one data breach was $3.86 million in 2020,The cybersecurity market is expected to grow to $10.5 trillion by 2025, and the lack of those trained with cyber skills remains a challenge for most businesses. We know organizations are struggling to stay ahead of attacks, as well as to protect their customers and employees. With our senior team's decades of experience, we can provide peace of mind by partnering side-by-side to help them reduce system downtime and realize a quantifiable increase in employee productivity." Brian Yelm, managing director, Cerberus Sentinel Cerberus Sentinel Secured Managed Services highlights include: Managed Support: Unlimited concierge support for all workstations, servers, firewalls, switches, routers, wireless access points, printers, and copiers. A real-time inventory is kept of all hardware and software. Strategic guidance is provided to organizations without a CIO, CTO or director of IT. Security Bundle: Antivirus/MDR, scripting tools, and patch management are included as well as software for workstations and servers to provide secure remote access. Project Engagement: Covers custom projects or for remediation after a penetration test or security assessment uncovers system vulnerabilities. Microsoft 365 Partner: All licenses and email migration are available. Backup and Disaster Recovery: Customized on-premises, hybrid, and cloud-based back-up solutions. Spam, Web and DNS Filtering: Partnership with Cisco Umbrella (DNS) and provider of multiple spam filter solutions tailored for specific email environments. Cloud Storage: Custom Tech Connect Drive, plus partnership with Dropbox and Microsoft for One Drive support. About Cerberus Sentinel Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Read More

DATA SECURITY

Cloudflare Acquired Area 1 Security for Expanding its Zero Trust Platform

Cloudflare | February 24, 2022

Cloudflare, Inc. a security, performance, and reliability firm striving to build a better Internet, has agreed to buy Area 1 Security. Area 1 Security's cloud-native software, which integrates with any email provider, prevents phishing assaults by detecting and deleting them before they can cause harm in the workplace. As a result, the organization stopped more than 40 million harmful phishing operations in 2021 alone, including business email compromise, malware, ransomware, and other advanced threats. “Email is the largest cyber-attack vector on the Internet, which makes integrated email security-critical to any true Zero Trust network. That’s why today we’re welcoming Area 1 Security to help make Cloudflare’s platform the clear leader in Zero Trust, To us, the future of Zero Trust includes an integrated, one-click approach to securing all of an organization’s applications, including its most ubiquitous cloud application, email. Together, we expect we’ll be delivering the fastest, most effective, and most reliable email security on the market.” Matthew Prince, co-founder, and CEO of Cloudflare Malicious phishing attacks, especially business email intrusion, are the most costly, according to the FBI's Internet Crime Complaint Center 2020 Internet Crime Report, with U.S. businesses losing more than $1.8 billion. For example, the JPMorgan Chase breach, in which a phishing attack impacted 76 million households and 7 million small businesses; SolarWinds, in which phishing led to the compromise of 18,000 customers, including multiple government agencies; Sony Pictures, in which a phishing attack reportedly resulted in the theft of more than 100 terabytes of proprietary data; and the United States elections, in which phishing has been cited as the cause of damage inflicted "The biggest challenges with email are its ubiquity and our readiness to trust it," Forrester says. Everyone has an email account, and many of them have many accounts, making it an easy target for hackers." As a result, businesses of all sizes must explore how to incorporate email solutions into their broader security stack and strengthen it with global threat intelligence. As a result, email continues to be an attractive entry point for increasingly sophisticated cyberattacks. Research Director for IDC’s Network Security Products and Strategies, Chris Rodriguez, notes, "Email is often the largest cloud application for any organization; and also represents the largest attack vector. Instead of viewing email security as a standalone issue, more businesses realize that it needs to be part of their holistic security strategy. The combination of Cloudflare and Area 1 Security offers customers a uniquely differentiated and comprehensive Zero Trust offering with coverage across the entire threat lifecycle." “Today, email is a business’ most-used cloud application. It's unfortunately unprotected. We estimate that more than 90% of cyber security damages are the result of just one thing: phishing," said Patrick Sweeney, CEO, and President of Area 1 Security. "By combining our leading phishing protection and threat intelligence capabilities with Cloudflare’s global network, data capabilities, and Zero Trust platform, we truly believe that together we can help companies of any size better secure their entire network infrastructure and better protect against the most destructive cyber risks.” In 2021, Cloudflare launched its Advanced Email Security Suite, which includes creating bespoke email names, managing incoming email routing, and preventing email spoofing and phishing on outgoing emails. Because Cloudflare's global network blocks an average of 86 billion cyber threats per day, it has unique threat intelligence data that can help it better filter out targeted phishing attacks (spear phishing) and other security threats that legacy email security solutions and API-only email security offerings may miss. Area 1 Security has long adopted a proactive approach to email security to halt phishing operations in their infancy. The two businesses will create a complete Zero Trust solution that clients may enable through Cloudflare's global edge by combining Area 1 Security's highly scalable technology and years of experience in email protection with Cloudflare's worldwide network. Cloudflare will pay $162 million for Area 1 Security, subject to normal adjustments, with 40-50 percent of the amount paid in Cloudflare's Class A common stock and the rest paid in cash. The transaction is expected to close in the first half of 2022, subject to usual closing conditions.

Read More

DATA SECURITY

Lack of Remote and Hybrid Work Policies Put Education Industry at Risk for IT Security Issues

Apricorn | July 23, 2021

The leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, Apricorn, has announced various findings for the education sector from the Apricorn Global IT Security Survey, 2021. The survey says the education industry lacks concern about security threats from employees and, due to limited IT security policies related to remote work, has a greater risk for cybersecurity breaches and data loss than other industries. For example, 69.4% of respondents say, as targets that attackers can use to access data, employees at their organizations don't think of themselves, compared to 37.5% in information technology (IT). The survey was to compare cybersecurity policies of various industries about hybrid and remote work. More than 400 respondents completed the survey. Unfortunately, the education industry constantly lags behind many other healthcare, manufacturing, IT, and financial services when executing lost/stolen devices and data security policies. Remarkably, compared to 55% in IT, only 26% of respondents in the education industry agreed that they have policies regarding lost/stolen devices. Many education institutions, in the Fall, will be returning to in-person instruction; however, in the education sector, most survey respondents (90.77%) said a hybrid work option exists. Organizations in education demonstrated a trend of allowing employee choice when it comes to policy adherence when asked about policies and procedures that have been put in place regarding transporting data and devices. Compared to an average of 52% for other top industries, only 20% of education organizations require encrypted hardware. More than half of EDUCATION organizations permit the use of personal USB devices. About Apricorn Founded in 1983, Apricorn is a leading provider of secure storage innovations to prominent companies in education, healthcare, finance, and government throughout North America, EMEA, and Canada. Apricorn products have become the trusted standard for a myriad of data security strategies worldwide. Under the Apricorn brand, numerous award-winning products and patents have been developed.

Read More