DIRS.INFO The most relevant business & tech news

☆ Panic buying causes widespread gas station closures in South Florida
▼ + stars: | 2023-04-19 | by ( Chris Isidore | ) edition.cnn.com time to read: +3 min

New York CNN —More than half of gas stations in the Miami-Fort Lauderdale area were without gasoline Wednesday after flooding from last week’s massive storm caused a wave of panic buying by drivers topping off their gas tanks. “I would estimate that 80% of [station closings] are due to panic buying,” said Patrick De Haan, head of petroleum analysis for GasBuddy, which tracks station closings and gas prices. Data from GasBuddy showed that 59% of stations in the Miami-Fort Lauderdale market were closed Wednesday, up from about 20% on Sunday. But the even better news is that with full tanks, drivers will not need to fill up in the coming days as they normally might have, and the panic buying is likely to subside. He expected most of the closed stations to be reopened by the weekend.

☆ U.S. says decentralized finance services being used for illicit transfers
▼ + stars: | 2023-04-06 | by ( ) www.reuters.com time to read: +2 min

WASHINGTON, April 6 (Reuters) - North Korea, cybercriminals, ransomware attackers, thieves and scammers are using decentralized finance (DeFi) services to transfer and launder their illicit proceeds, the U.S. Treasury Department warned on Thursday. In a new illicit finance risk assessment on decentralized finance, the Treasury found that illicit actors are exploiting vulnerabilities in U.S. and foreign anti-money laundering and combating the financing of terrorism (AML/CFT) regulation and enforcement as well the technology underpinning the services. DeFi services that fail to comply with these obligations to prevent money laundering and terrorism financing pose the most significant illicit finance risk in this domain, the assessment found. "Our assessment finds that illicit actors, including criminals, scammers, and North Korean cyber actors are using DeFi services in the process of laundering illicit funds," the Treasury's Under Secretary for Terrorism and Financial Intelligence, Brian Nelson, said in the statement. Nelson added that the private sector should use the findings of the assessment to inform their risk mitigation strategies and to take steps to prevent illicit actors from using decentralized finance services.

☆ U.S., European Police Shut Down Hacker Marketplace, Make 119 Arrests
▼ + stars: | 2023-04-05 | by ( Kim S. Nash | ) www.wsj.com time to read: +4 min

The international action conducted Tuesday and Wednesday against Genesis Market, one of the largest so-called initial access brokers in the world, resulted in 119 arrests. The dismantling of Genesis Market follows the arrest last month of a man U.S. prosecutors say ran BreachForums, a site for buying and selling stolen data. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. The Treasury Department on Wednesday sanctioned Genesis Market, a so-called initial access broker in operation since 2018. Genesis Market data was provided to the website Have I Been Pwned, so individuals can check whether their credentials have been compromised.

☆ Australia may inadvertently fuel cyber crime, says data theft victim service
▼ + stars: | 2023-04-05 | by ( Byron Kaye | ) www.reuters.com time to read: +4 min

SYDNEY, April 5 (Reuters) - An Australian government-backed service for victims of identity theft blasted a plan to toughen privacy laws amid an explosion of online data theft, saying it would spur compromised companies to pay ransom and invite more hacking. IDCare, a non-profit that helps internet crime victims, said by making it easier for regulators to fine companies for poor data security and failing to criminalise ransom payment, Australia may inadvertently fuel a cyber-crimewave. Canberra raised the maximum fine to A$50 million ($34 million) from A$2.2 million for companies that fail to stop data theft after the first major attack in October, when some 10 million customer accounts at No. DEMAND SPIKESince Australia made it compulsory for companies to report data breaches in 2018, IDCare's submission said community demand for its services had rocketed. ($1 = 1.4806 Australian dollars)Reporting by Byron Kaye; Editing by Praveen Menon and Sonali PaulOur Standards: The Thomson Reuters Trust Principles.

☆ Rich families skimp when it comes to cybersecurity, and it can cost them millions
▼ + stars: | 2023-04-01 | by ( Paige Hagy | Hayley Cuccinello | ) www.businessinsider.com time to read: +4 min

More than one-third of North American family offices experienced at least one cyberattack in the past 12 months in 2022, per Campden. It comes down to three problems, said Bobby Stover, who leads family office and enterprise services at Ernst & Young. When it comes to cybersecurity, family office principals are cheap, uneducated, and "don't want to deal with it," he told Insider. They cost anywhere from $25,000 to $65,000, and family offices often struggle to understand the benefit, according to Stover. One survey found an incident that cost a family office more than $10 million.

☆ U.S. to Provide $25 Million to Costa Rica for Cybersecurity
▼ + stars: | 2023-03-29 | by ( James Rundle | ) www.wsj.com time to read: +3 min

The U.S. will provide cybersecurity support to the government of Costa Rica, officials said, almost a year after a ransomware group laid siege to its critical infrastructure and triggered a state of emergency. The funds will also help Costa Rica with strategic and technical cyber planning, training, hardware and software licenses, the official said. The official said the U.S. government believes Costa Rica’s support for Ukraine may have been a factor in Conti’s attack, as the group previously expressed its support for the Russian government’s invasion. PREVIEWThe grant to Costa Rica follows similar efforts from the U.S. to assist Albania in recovering from a cyberattack, which the federal government has since linked to Iran. Costa Rica has applied to join this initiative, which comprises 36 countries and the European Union, the official said.

☆ FDA requires medical devices be secured against cyberattacks
▼ + stars: | 2023-03-29 | by ( Jennifer Korn | ) edition.cnn.com time to read: +2 min

As part of the new law, the FDA must also update its medical device cybersecurity guidance at least every two years. A 2022 report released by the FBI cited research finding 53% of digital medical devices and other internet-connected products in hospitals had known critical vulnerabilities. The report listed a number of medical devices that are susceptible to cyber attacks, including insulin pumps, intracardiac defibrillators, mobile cardiac telemetry and pacemakers. A 2018 report from the US Department of Health and Human Services’ Office of the Inspector General said the FDA was not adequately protecting devices from getting hacked. “FDA had plans and processes for addressing certain medical device problems in the postmarket phase, but its plans and processes were deficient for addressing medical device cybersecurity compromises,” the report said.

☆ Crown Resorts' data vendor hacked, limited number of its files impacted
▼ + stars: | 2023-03-27 | by ( ) www.reuters.com time to read: +1 min

March 27 (Reuters) - Australia's biggest casino operator Crown Resorts said on Monday it was investigating a data breach at its third-party file transfer service, GoAnywhere, in which hackers obtained a limited number of Crown's files. "We were recently contacted by a ransomware group who claimed they have illegally obtained a limited number of Crown files," a spokesperson of the formerly listed firm said in a statement. "We can confirm no customer data has been compromised and our business operations have not been impacted." Suspicious activity at GoAnywhere was identified by U.S. cybersecurity firm Fortra nearly two months ago, that offers the service, and has impacted many organisations including mining giant Rio Tinto (RIO.AX). Crown Resorts was bought out in a $6.3 billion deal by U.S. private equity giant Blackstone Inc last June.

In the week ended March 21, money managers reduced their net long position in CBOT soybean futures and options to 110,786 contracts from 127,661 a week earlier. In the week ended March 21, most-active CBOT soybean futures fell 1.8%, new-crop November soybeans shed 3.2%, soymeal lost 4.3% but soyoil added 0.1%. GRAINSMoney managers were modest buyers of CBOT corn futures and options in the week ended March 21 after selling nearly 300,000 contracts over the previous four weeks. Managed money net position in CBOT corn futures and optionsIn CBOT wheat, money managers cut their net short for a second consecutive week, to 86,500 futures and options contracts from 95,257 a week earlier. In the week ended March 21, most-active CBOT corn futures rose 1.5% but CBOT wheat fell 1.9%.

☆ Asian Americans are anxious about hate crimes. TikTok ban rhetoric isn’t helping
▼ + stars: | 2023-03-26 | by ( Brian Fung | ) edition.cnn.com time to read: +15 min

And the Chinese government’s authoritarian approach to numerous other issues clashes with important American values, said many Asian Americans interviewed for this article. Concerns about China have gone mainstream as US national security officials and lawmakers have publicly grappled with state-backed ransomware attacks and other hacking attempts. People rallied during a "Stop Asian Hate" march to protest against anti-Asian hate crimes on Foley Square in New York, on April 4, 2021. But to Chu, the incident was an example of the way politics surrounding China, technology and national security have fueled anti-Asian sentiment. “Asian American issues are American issues, and all Americans deserve to be treated with respect.

☆ ChipMixer Is Shut Down for Allegedly Laundering $3 Billion in Crypto
▼ + stars: | 2023-03-15 | by ( Mengqi Sun | ) www.wsj.com time to read: 1 min

ChipMixer has been used to launder illicit funds gained from ransomware attacks, crypto heists and other types of fraud since 2017, the U.S. Justice Department has alleged. U.S. and European authorities took down cryptocurrency platform ChipMixer and charged its alleged operator, accusing it of laundering more than $3 billion of criminal proceeds, including $700 million allegedly stolen by North Korean hackers. ChipMixer has been a popular platform for laundering illicit funds gained from ransomware attacks, crypto heists and other types of fraud since 2017, the U.S. Justice Department alleged Wednesday. Mixers such as ChipMixer enable users to commingle their funds to obfuscate ownership.

☆ Dangers from Hacks Stretch Beyond Broken Computer Systems
▼ + stars: | 2023-03-15 | by ( James Rundle | Kim S. Nash | ) www.wsj.com time to read: +6 min

Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. Part of the delay, he said, was in getting details from the cloud company, which he declined to name. Cybersecurity companies should be held to a higher standard than others in relaying information about hacks quickly and thoroughly, Mr. Toubba said. The lessons learned from cyberattacks can be just as important as how a company responds to a breach, security chiefs say. LastPass has also rolled out several security tools in its infrastructure, data center and cloud systems, Mr. Toubba said.

WASHINGTON, March 15 (Reuters) - Russian hackers appear to be preparing a renewed wave of cyber attacks against Ukraine, including a "ransomware-style" threat to organizations serving Ukraine's supply lines, a research report by Microsoft (MSFT.O) said on Wednesday. The report, authored by the tech giant’s cyber security research and analysis team, outlines a series of new discoveries about how Russian hackers have operated during the Ukraine conflict and what may come next. “Since January 2023, Microsoft has observed Russian cyber threat activity adjusting to boost destructive and intelligence gathering capacity on Ukraine and its partners’ civilian and military assets,” the report reads. Experts say the tactic of combining physical military operations with cyber techniques mirrors prior Russian activity. These developments have been paired with a growth in more stealthy Russian cyber operations designed to directly compromise organizations in countries allied to Ukraine, according to the report.

☆ Cybercriminals' crypto platform ChipMixer taken down, says Europol
▼ + stars: | 2023-03-15 | by ( ) www.reuters.com time to read: +1 min

BRUSSELS, March 15 (Reuters) - Police and justice departments from around the world have taken down the cryptocurrency platform known as ChipMixer, which had been used by cybercriminals, Europe's Europol police agency said on Wednesday. Europol said it had supported German, U.S., Belgian, Polish and Swiss authorities in the dismantling of ChipMixer's infrastructure, which also resulted in as much as 40 million euros ($42.2 million) being seized. ChipMixer, an unlicensed cryptocurrency mixer set up in mid-2017, specialised in mixing or cutting trails related to virtual currency assets. The ChipMixer software hid the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from drug trafficking, weapons trafficking, ransomware attacks and payment card fraud, Europol said. ($1 = 0.9488 euros)Reporting by Sudip Kar-Gupta; Editing by Mark PortgerOur Standards: The Thomson Reuters Trust Principles.

LATEST DATAIn the week ended Feb. 21, money managers cut nearly 19,000 CBOT corn futures and options contracts off their net long, which fell to 215,928 contracts. They also increased their net long in CBOT soyoil by nearly 12,000 futures and options contracts, and the resulting net long was 34,301 contracts, a one-month high. When adding other reportable traders’ net long, the overall speculative soymeal net long is also a record at 173,690 contracts. and Minneapolis wheat futures and options contracts as of Feb. 21. Most-active CBOT futures hit some milestone lows on Friday.

☆ Software firm Blackbaud to pay $3 mln for misleading disclosures on ransomware attack -SEC
▼ + stars: | 2023-03-09 | by ( ) www.reuters.com time to read: +1 min

WASHINGTON, March 9 (Reuters) - Software company Blackbaud Inc (BLKB.O) has agreed to pay $3 million to settle charges it made misleading disclosures about a 2020 ransomware attack that impacted over 13,000 customers, the U.S. Securities and Exchange Commission said on Thursday. In July 2020, the South Carolina-based provider of donor data management software disclosed a ransomware attacker and said the attacker had not accessed bank account information or Social Security numbers of donors, the SEC said. In August 2020, the SEC said, Blackbaud filed a quarterly report with the agency that omitted material information about the scope of the attack. Representatives for Blackbaud, which did not admit or deny the SEC's findings, did not respond immediately to a request for comment. The regulator has pushed public companies and registered entities to make more timely and specific disclosures about cyber attacks.

SYDNEY, March 8 (Reuters) - One of Australia's top government bureaucrats on Wednesday demanded Russia crack down on the large number of cyber criminals operating in the country, saying their actions posed a threat to national security. The comments come as Canberra reforms its cybersecurity policy following a raft of cyber attacks on some of the country's largest companies. "The greatest density of cyber criminals, particularly those with ransomware, are in Russia," Michael Pezzullo, Secretary of the Department of Home Affairs, told the AFR Business Summit in Sydney. The move follows a rise in cyber attacks since late last year with breaches reported by at least eight companies, including health insurer Medibank Private Ltd (MPL.AX) and telco Optus, owned by Singapore Telecommunications Ltd (STEL.SI). The United States and Britain sanctioned several Russians accused of cyber attacks last month, saying ransomware attacks have paralysed businesses, schools and hospitals.

LATEST DATAThe week ended Feb. 7, the last available week of CoT data, featured mild declines across most-active CBOT corn, wheat, soybean and soy product futures. In the four weeks ended March 7, most-active CBOT corn is down 6% and CBOT wheat has fallen 7%. Daily fund estimates collected by Reuters suggest that between Feb. 8 and March 7, commodity funds were net sellers of 42,500 CBOT corn futures and 38,000 CBOT wheat futures. Funds’ net long in soybean meal would be record-large per the trade estimates. CBOT corn and wheat have recently traded as if the Ukraine grain export deal will be extended before its March 18 expiration despite Russia’s resistance.

☆ Biden administration announces plan to stop water plant hacks
▼ + stars: | 2023-03-03 | by ( Suzanne Smalley | ) www.reuters.com time to read: +3 min

March 3 (Reuters) - The Biden administration announced on Friday a new plan to improve the digital defenses of public water systems. The water system plan, which recommends a series of novel rules placing more responsibility for securing water facilities at the state-level, follows several high-profile hacking incidents in recent years. In February 2021, a cyberattack on a water treatment plant in Florida briefly increased lye levels in the water, an incident that could have been deadly if an alert worker had not detected the hack quickly. EPA officials say they have a "robust technical assistance program" in place to support public water systems that need cyber support. The water treatment industry was also critical of the administration's announcement on Friday.

☆ U.S. unveils new cybersecurity strategy with tighter regulations
▼ + stars: | 2023-03-02 | by ( Suzanne Smalley | ) www.reuters.com time to read: +2 min

March 2 (Reuters) - The White House on Thursday announced a new cybersecurity strategy in the latest effort by the U.S. government to bolster its cyber defenses amid a steady increase in hacking and digital crimes targeting the country. The strategy, which is intended to guide future policy, urges tighter regulation of existing cybersecurity practices across industries and improved collaboration between the government and private sector. The strategy names China and Russia as the most prominent cybersecurity threats to the United States. On a call with reporters, a U.S. official who declined to be named, said part of the new strategy was aimed at reining in Russian hackers. "So we're hopeful that Russia understands the consequences of malicious activity in cyberspace, and will continue to be restrained."

☆ White House aims to shift cybersecurity burden from individuals and small businesses to tech providers
▼ + stars: | 2023-03-02 | by ( Lauren Feiner | ) www.cnbc.com time to read: +3 min

The White House released its long-awaited National Cyber Strategy on Thursday, providing a road map for how the Biden administration aims to defend the U.S. from a rapidly growing number of online threats. "The president's strategy fundamentally reimagines America's cyber social contract," Acting National Cyber Director Kemba Walden said during a press briefing on Wednesday. The White House is proposing that legislation establish liability for software makers which fail to take reasonable precautions to secure their products and services. The White House said the work has already started. WATCH: Closing keynote: The White House is serious about cybersecurity

☆ Layoffs are set to continue. But workers from this sector may likely escape
▼ + stars: | 2023-03-02 | by ( Goh Chiew Tong | ) www.cnbc.com time to read: +6 min

Cybersecurity professionals are vital in reducing risks of cyberattacks, especially so in times of financial instability, experts told CNBC Make It. Demand for these roles are likely to increase as ... the complexity of cyberattacks are intensifying in scale and scope. "These advancements have driven the need for reliable and experienced cybersecurity professionals to build and maintain secure digital infrastructures," he added. The increased risk of cyberthreats is also a key contributor to higher demand for cybersecurity professionals, said Pooja Chhabria, LinkedIn's head of editorial for Asia-Pacific. "The need for cybersecurity professionals who can identify and prevent these attacks will become paramount."

☆ 42% of IT professionals will quit in the next 6 months. Here's how the right software can help them avoid burnout.
▼ + stars: | 2023-03-01 | by ( Sponsor Post | Created Insider Studios With Goto | ) www.businessinsider.com time to read: +8 min

The right software can help businesses who can't find the staff they need. Worldwide the talent shortage could result in unrealized output of $449.70 billion. Alarming numbers underscore the fact that the talent shortage is everywhere. GoTo Resolve can help irrigate the IT desert by providing remote access troubleshooting, support, ticketing, and camera sharing a click away. Essentially, many of the services an enterprise needs to hire for can be procured through Rescue and GoTo Resolve.

☆ U.S. Marshals Service Targeted in Ransomware Attack
▼ + stars: | 2023-02-28 | by ( Alyssa Lukpat | ) www.wsj.com time to read: 1 min

Marshals Service said Tuesday hackers had carried out a major ransomware attack on one of its systems, stealing sensitive information about employees and people under investigation. The agency, which is part of the Justice Department, said it discovered the attack on Feb. 17 but didn’t say when the information was stolen. The Marshals Service said the hackers targeted one stand-alone system, which the agency disconnected as soon as it learned about the attack.

☆ U.S. Marshals Service suffers security breach
▼ + stars: | 2023-02-28 | by ( ) www.reuters.com time to read: +1 min

Marshals Service (USMS) suffered a ransomware security breach this month that compromised sensitive law enforcement information, a spokesman said on Monday. The Marshals Service notified the U.S. Department of Justice to the breach, and agents there began a forensic investigation, Drew Wade, chief of the Marshals Service public affairs office, told Reuters in an email. "The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees," Wade said. The incident took place on Feb. 17, when the service "discovered a ransomware and data exfiltration event affecting a stand-alone USMS system", after which the system was disconnected from the network, Wade said. The USMS is a federal law enforcement agency within the Department of Justice.

Search resuls for: "Ransomware"

25 mentions found