DIRS.INFO The most relevant business & tech news

☆ U.S. Marshals Service suffers security breach
▼ + stars: | 2023-02-28 | by ( ) www.reuters.com time to read: +1 min

Marshals Service (USMS) suffered a ransomware security breach this month that compromised sensitive law enforcement information, a spokesman said on Monday. The Marshals Service notified the U.S. Department of Justice to the breach, and agents there began a forensic investigation, Drew Wade, chief of the Marshals Service public affairs office, told Reuters in an email. "The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees," Wade said. The incident took place on Feb. 17, when the service "discovered a ransomware and data exfiltration event affecting a stand-alone USMS system", after which the system was disconnected from the network, Wade said. The USMS is a federal law enforcement agency within the Department of Justice.

Yet only 54% of all businesses say they have a business continuity and disaster recovery plan for a cyberattack. 2 2022 Small Business Profile, U.S. Small Business Administration Office of Advocacy. https://cdn.advocacy.sba.gov/wp-content/uploads/2022/08/30121338/Small-Business-Economic-Profile-US.pdfCyber Readiness Institute (CRI) is not an affiliate of any company of the Principal Financial Group®. Referenced companies are members of the Principal Financial Group®, Des Moines, IA 50392. ©2023 Principal Financial Services, Inc.

As of Jan. 31, money managers held a net long of 219,924 CBOT corn futures and options contracts, a net long of 175,504 contracts in CBOT soybeans, a net long of 140,943 contracts in CBOT soymeal, a net long of 31,224 contracts in CBOT soyoil, and a net short of 63,628 contracts in CBOT wheat. That included 18,127 contracts of corn, soybeans 29,242 contracts, soymeal 5,440 contracts and CBOT wheat 10,305 contracts. Funds’ Jan. 31 net long in corn was the highest since November, and their net short in CBOT wheat as of Jan. 24 had been the strongest since May 2019. Daily fund estimates collected by Reuters suggest that between Feb. 1 and Feb. 24, commodity funds were net sellers of 26,500 CBOT corn futures and 34,500 CBOT wheat futures. Money managers have not been net sellers of more than 25,000 CBOT wheat futures and options combined over a four-week span since late 2021.

☆ Top Morningstar strategist names a deeply discounted tech stock, in a sector poised for strong growth
▼ + stars: | 2023-02-27 | by ( Weizhen Tan | ) www.cnbc.com time to read: +2 min

Dave Sekera, chief U.S. market strategist for Morningstar, is bullish on one corner of tech that he says is set to experience "some of the strongest long-term secular growth." That's cybersecurity, he told CNBC's "Squawk Box Asia" on Thursday. "Between geopolitical risks, ransomware and hacking, this is just one area that's going to have a lot of secular growth," Sekera said. Sekera names one stock that he says is trading at about a 25% discount to Morningstar's fair value estimates: CrowdStrike . Analysts have struck a bullish tone on cybersecurity of late, arguing that it's one sector that's resilient even in a slowdown.

☆ It's not just you: Cybercriminals are also using ChatGPT to make their jobs easier
▼ + stars: | 2023-02-26 | by ( Hannah Getahun | ) www.businessinsider.com time to read: +8 min

ChatGPT can quickly generate targeted phishing emails or malicious code for malware attacks. AI companies could be held liable for chatbots counseling criminals since Section 230 may not apply. Sergey Shykevich, a lead ChatGPT researcher at cybersecurity company Checkpoint security, has already seen cybercriminals harness the AI's power to create code that can be used in a ransomware attack. In dealing with unlawful or criminal content on their sites from third-party users, most tech companies cite Section 230 of the Communications Decency Act of 1996. In addition, ChatGPT continues to implement guardrails to deter illegal activity, although these guardrails can often be sidestepped with the right script.

☆ Premarket stocks: It's bulls vs. hawks on Wall Street
▼ + stars: | 2023-02-23 | by ( Nicole Goodkind | ) edition.cnn.com time to read: +9 min

New York CNN —There’s a new tussle brewing in the animal kingdom of Wall Street: Hawks vs. Bulls. The question is, will the Fed be able to break through and convince Wall Street to finally give in to market pessimism? “Setting aside what financial market participants expected us to do, I saw a compelling economic case for a 50 basis-point increase,” she said at an event in Florida. Asda told CNN that it was temporarily limiting purchases of some items to three packs per customer. Morrisons told CNN that it had imposed a cap of two packs per customer on the same products.

☆ Ransomware gang leaked Los Angeles student health records online
▼ + stars: | 2023-02-23 | by ( Suzanne Smalley | ) www.reuters.com time to read: +2 min

Feb 23 (Reuters) - Health records for about 2,000 current and former Los Angeles school students have been published to the dark web following a ransomware attack last year, the school district said in a statement on Wednesday. The attacks were first widely reported last year, but the compromise of sensitive health records only came to light in recent days. Last year, Los Angeles School Superintendent Alberto Carvalho said the Russian ransomware gang Vice Society had claimed responsibility for the hack and placed the material online in October. Los Angeles Unified, the second largest school district in the United States, said its investigation is ongoing and that it continues to assess the September 2022 cyberattack. Kelanic told Reuters that approximately 2,000 student assessment records "have been confirmed as part of the attack."

☆ Cyberattack on food giant Dole temporarily shuts down North America production, company memo says
▼ + stars: | 2023-02-22 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +5 min

CNN —A cyberattack earlier this month forced produce giant Dole to temporarily shut down production plants in North America and halt food shipments to grocery stores, according to a company memo about the incident obtained by CNN. “Dole Food Company is in the midst of a Cyber Attack and have subsequently shut down our systems throughout North America,” Emanuel Lazopoulos, senior vice president at Dole’s Fresh Vegetables division, said in a February 10 memo to retailers. “They [customers] are upset, but it happens,” Russell told CNN. Customers started asking questions about the bare shelves, Underwood said, prompting the store to post the Dole memo about the cyberattack on its Facebook page. The multibillion-dollar company — officially known as Dole Plc after a 2021 merger between Dole Food Company and Ireland’s Total Produce — sources produce from dozens of countries around the world.

Law-enforcement officials including Attorney General Merrick Garland, speaking, and Deputy Attorney General Lisa Monaco have been dedicating resources to thwarting cyberattacks. Extortion payments from ransomware, a hacking scourge that has crippled hospitals, schools and public infrastructure, fell significantly last year, according to federal officials, cybersecurity analysts and blockchain firms. After ballooning for years, the amount of money being paid to ransomware criminals dropped in 2022, as did the odds that a victim would pay the criminals who installed the ransomware. With ransomware, hackers lock up a victim’s computer network, encrypting hard drives until victims pay.

☆ Even hackers are getting laid off: As companies beef up cybersecurity, one hacker group reportedly let go of 45 telemarketers tricking people into inviting ransomware
▼ + stars: | 2023-02-21 | by ( Sindhu Sundar | ) www.businessinsider.com time to read: +3 min

More countries are targeting payments made to appease ransomware attackers, according to Gartner. As US Department of Justice investigators and companies beef up their oversight of cybersecurity threats, the impact of ransomware attacks — hackers demand ransom payments from targets — has been blunted, according to a Wall Street Journal report. Ransomware hacks can have high stakes, especially when hackers blackmail targets over private information in order to extract payments. In 2021, the agency created new groups internally, including the National Cryptocurrency Enforcement Team and the Ransomware and Digital Extortion Task Force. Countries are generally also stepping up their oversight of ransomware attacks and trying to improve privacy regulations, according to the research and consulting firm Gartner.

☆ Medical-Device Makers Face Push to Protect Their Wares From Hacks
▼ + stars: | 2023-02-13 | by ( James Rundle | ) www.wsj.com time to read: +5 min

Mounting cyberattacks against hospitals and clinics and a regulatory push are increasing the pressure on medical-device manufacturers to improve the security of their products. Cyber protections have often been an afterthought for medical devices, which can be in operation for decades. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. While Mr. Suarez acknowledged that greater transparency about vulnerabilities is needed from makers of medical devices, he also wants to see customers stop using old, unsupported equipment. “It’s a complex challenge,” Mr. Suarez said.

As of late January, large speculators held moderate to large net long positions across CBOT corn, soybeans and soybean products, and those collectively outweighed their sizable net short in CBOT wheat. CBOT futures have mostly strengthened since then. Black Sea concerns and worsening crops in Argentina also helped CBOT corn drift 0.5% higher in the last 13 days, ending at $6.80-1/2 per bushel Friday. Corn has been the most mild-mannered of CBOT contracts since Jan. 25, trading up or down by less than 2% since then. ESTIMATESAs of Jan. 24, money managers’ net long position in CBOT corn futures and options hit an 11-week high of 201,797 contracts.

☆ Christopher Wray Tries to Thaw FBI’s Frosty Relationship With Business
▼ + stars: | 2023-02-09 | by ( Aruna Viswanatha | ) www.wsj.com time to read: 1 min

FBI Director Christopher Wray has told the private sector that some of the biggest threats to national security are from the Chinese government and the cyber arena. When FBI agents last year infiltrated the networks of Hive, a notorious ransomware group that had demanded hundreds of millions of dollars in ransom payments from some 1,500 companies, hospital networks and other targets, they made an uncomfortable discovery. Only 20% of the victims had approached law enforcement about their attacks.

☆ U.S. imposes cyber-related sanctions on Trickbot hacking gang
▼ + stars: | 2023-02-09 | by ( Raphael Satter | ) www.reuters.com time to read: +1 min

REUTERS/Kacper Pempel/IllustrationWASHINGTON, Feb 9 (Reuters) - The United States has imposed sanctions against seven leading members of a notorious Russian hacking gang known as Trickbot, the Treasury announced on Friday. The Treasury said the sanctions applied to Trickbot's senior figures and managers. Targets of such sanctions are generally barred from holding U.S. assets or transacting with American organizations. However the measure is often largely symbolic given ransomware operators tend to operate well out of reach of U.S. officialdom. Reporting by Susan Heavey Editing by Mark Porter and Frances KerryOur Standards: The Thomson Reuters Trust Principles.

☆ FBI’s Christopher Wray Wants Business to Help Fight China, Cyber Threats
▼ + stars: | 2023-02-09 | by ( Aruna Viswanatha | ) www.wsj.com time to read: 1 min

☆ Euronext has no plans to copy rivals with cloud computing deal
▼ + stars: | 2023-02-09 | by ( Huw Jones | ) www.reuters.com time to read: +2 min

LONDON, Feb 9 (Reuters) - Euronext will not mimic rivals by shifting critical services to outside cloud computers given regulatory concerns, the pan-European exchange's chief executive Stephane Boujnah said. London Stock Exchange Group, CME and Nasdaq have all announced partnerships with cloud computing giants like Alphabet, Amazon and Microsoft, with Deutsche Boerse joining them on Thursday in a "strategic partnership" with Google. Euronext only uses a cloud provider for storing historical data, he said. "We analyse very carefully the dependency on certain providers," Boujnah said as Euronext reported full year earnings. Euronext said it has increased its 2024 annual pre-tax savings related to integrating Borsa Italiana by 15 million euros to 115 million, with around 70 million of this achieved by the end of 2023 as implementation costs remain unchanged.

Summary Trickbot targeted hospitals during COVID-19 pandemic, U.S. saysSanctions could hit hackers' ability to move money-analystWASHINGTON, Feb 9 (Reuters) - The United States and Britain have imposed sanctions against seven leading members of a notorious Russian hacking gang known as Trickbot, officials announced on Friday. U.S. Secretary of State Antony Blinken said in a statement that the United States and Britain were "committed to using all available authorities to defend against cyber threats." Both Trickbot and Conti were accused by U.S. and British authorities of having ties to the Russian intelligence services. Sanctions tend to be largely symbolic given that Russia is already heavily sanctioned and cybercriminals based there tend to steer clear of the United States or Britain. He said that U.S. officials had been lobbying to get other countries to impose sanctions on cybercriminals.

☆ Intesa Sanpaolo says most operations restored after ION ransomware attack
▼ + stars: | 2023-02-09 | by ( ) www.reuters.com time to read: +1 min

LONDON, Feb 9 (Reuters) - Intesa Sanpaolo (ISP.MI) said on Thursday that most of its affected cleard derivatives operations were back up and running, after a ransomware attack at financial data company ION impacted operations at the Italian bank. ION Markets UK's cleared derivatives section was hit with a ransomware attack on Jan. 31. The attack rippled across derivatives markets, gumming up trading and clearing in exchange-traded derivatives at some of the biggest banks and financial institutions in the world, including Intesa Sanpaolo. Intesa said the situation was improving on Thursday, as ION scrambled to get its clients back up and running. "We promptly adopted measures to avoid fully suspending activities related to the exchange-traded derivatives segment," a spokesman at the bank told Reuters.

☆ Britain sanctions seven Russians over cyber crime
▼ + stars: | 2023-02-09 | by ( ) www.reuters.com time to read: +1 min

LONDON, Feb 9 (Reuters) - Britain said on Thursday it had sanctioned seven Russians over cyber crime in co-ordinated action with the United States, as the pair seek to crack down on those they blame for ransomware attacks which have paralysed businesses, schools and hospitals. Britain's Foreign Office said there had been 149 victims of ransomware known as Conti and Ryuk in Britain and that the cyber criminals had used the attacks to gain an estimated 27 million pounds ($32.85 million) from those targeted. Foreign Minister James Cleverly said the new sanctions helped put Britain's national security first and would protect people from serious organised crime. "By sanctioning these cyber criminals, we are sending a clear signal to them and others involved in ransomware that they will be held to account," he said in a statement. ($1 = 0.8218 pounds)Reporting by Muvija M, writing by Sarah Young; editing by William JamesOur Standards: The Thomson Reuters Trust Principles.

LONDON/WASHINGTON, Feb 7 (Reuters) - A global ransomware outbreak has scrambled servers belonging to Florida's Supreme Court and several universities in the United States and Central Europe, according to a Reuters analysis of ransom notes posted online to stricken servers. Florida Supreme Court spokesman Paul Flemming told Reuters that the affected infrastructure had been used to administer other elements of the Florida state court system, and that it was segregated from the Supreme Court's main network. "Florida Supreme Court's network and data are secure," he said, adding that the rest of the state court system's integrity also was not affected. Because internet-facing servers were affected, researchers and tracking services like Ransomwhere or Onyphe could easily follow the criminals' trail. Digital safety officials in Italy said on Monday that there was no evidence pointing to "aggression by a state or hostile state-like entity."

LONDON/WASHINGTON, Feb 7 (Reuters) - A global ransomware outbreak has scrambled servers belonging to Florida's Supreme Court and several universities in the U.S. and Central Europe, according to a Reuters analysis of ransom notes posted online to stricken servers. The Florida Supreme Court didn't respond to messages. Reuters contacted the hackers via an account advertised on their ransom notes but only received a payment demand in return. Because internet-facing servers were affected, researchers and tracking services like Ransomwhere or Onyphe could easily follow the criminals' trail. Reporting by James Pearson in London and Raphael Satter in Washington; Editing by Anna DriverOur Standards: The Thomson Reuters Trust Principles.

☆ LockBit ransomware group threatens to publish stolen Royal Mail data - TechCrunch
▼ + stars: | 2023-02-07 | by ( ) www.reuters.com time to read: 1 min

Feb 7 (Reuters) - UK's Royal Mail, which has been grappling with a cyberattack for about a month now, was added to ransomware group LockBit's dark web leak site this week, TechCrunch reported on Tuesday. LockBit was threatening to publish "all available (Royal Mail) data" on Thursday, according to the report. Reporting by Aby Jose Koilparambil in Bengaluru; Editing by Shounak DasguptaOur Standards: The Thomson Reuters Trust Principles.

☆ ION starts to bring clients back online after ransomware attack - source
▼ + stars: | 2023-02-07 | by ( ) www.reuters.com time to read: +1 min

LONDON, Feb 7 (Reuters) - ION, the financial trading services group hit by a ransomware attack last week, started to bring clients back on to its cleared derivatives platform overnight, a person familiar with the matter told Reuters on Tuesday. Among the many ION clients whose operations were likely to have been affected by the attack and ensuing disruption were ABN Amro Clearing (ABNd.AS) and Intesa Sanpaolo (ISP.MI), Italy's biggest bank, according to messages to clients from both banks that were seen by Reuters last week. The hackers who claimed responsibility for the breach at ION said last week a ransom had been paid, declining to say how much it was, or offer any evidence that the money had been handed over. ION declined to comment on whether the ransom had been paid. Reporting by Harry Robertson; Editing by Amanda CooperOur Standards: The Thomson Reuters Trust Principles.

☆ Exclusive: Record-breaking 2022 for North Korea crypto theft, UN report says
▼ + stars: | 2023-02-06 | by ( Michelle Nichols | ) www.reuters.com time to read: +5 min

North Korea has previously denied allegations of hacking or other cyberattacks. The United States has long been warning that North Korea is ready to carry out a seventh nuclear test. They also said they have started an investigation into reports of ammunition exports by North Korea. North Korea has rejected the accusation as groundless and Wagner's owner, Yevgeny Prigozhin, denied getting arms from North Korea. Last May, China and Russia vetoed a U.S.-led push to impose more U.N. sanctions on North Korea.

☆ Chip equipment maker MKS Instruments says it is investigating ransomware attack
▼ + stars: | 2023-02-06 | by ( ) www.reuters.com time to read: +1 min

Feb 6 (Reuters) - MKS Instruments Inc (MKSI.O) said on Monday it was investigating a ransomware attack that occurred last week and affected the semiconductor equipment maker's production-related systems. The company said it was in the early stages of investigating the attack that it identified on Feb. 3, adding that costs related to the incident have not been determined. Ransomware is a form of malicious software deployed by criminals which works by encrypting data, with hackers offering the victim a key in return for payments. MKS said it would temporarily suspend operations at some of its facilities, as part of its containment efforts. Italy's National Cybersecurity Agency warned on Sunday that thousands of computer servers had been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers.

Search resuls for: "Ransomware"

25 mentions found