Samsung to unveil its generative AI tool in September

0
[ad_1]

Samsung is reportedly planning to unveil its ChatGPT-like generative AI tool next month. According to the Korean media, the company will demo the new tool during its Real Summit 2023 event in Seoul, South Korea on September 12. The latest edition of the annual tech event will focus on generative AI and cloud technologies.

Samsung is known to be developing an in-house AI tool since at least May this year. Local media said the company has teamed up with domestic tech firm Naver on the project, which doesn’t yet have a name. Its co-CEO Kyung Kye-hyun confirmed the plans the following month. However, he didn’t reveal when the tool will arrive.

Meanwhile, reports suggested that Samsung would rush to launch the product. It appears the company is now ready to show the tool to the world. The Korean firm will demo the AI solution to its clients and the media during the tech event in a couple of weeks, Korea Daily reports. It’s unclear whether it will be the final product or if Samsung is bringing an early version of the tool to Real Summit 2023.

Samsung will keep its generative AI tool private to itself

Generative AI is all the rage lately. Almost every online tool we use today comes with some sort of AI-powered generative features. ChatGPT started the trend, but we now have hundreds of such products. Some are standalone tools capable of answering every question, while others have expertise in a certain field or come integrated with existing products.

Samsung’s AI tool, meanwhile, will be a little different. The unnamed service is designed to help the company improve and speed up business processes. It plans to use the tool in various business areas, including data analysis and information sourcing for chip production, cost management, transcription of audio files or voice notes, translation of documents, and customer service.

In other words, Samsung’s ChatGPT alternative will be private to the company. It won’t be available to the public, at least that isn’t the plan right now. The Korean firm developed the tool to use internally after some employees inadvertently leaked critical chip information through ChatGPT. This happened when Samsung allowed employees to use OpenAI’s AI tool to speed up some work earlier this year.

The company has since banned the use of all third-party generative AI tools on official devices and internal networks. But this means it’s missing out on potential business advancements with the help of AI. This is likely why Samsung is rushing to launch its in-house solution. It remains to be seen whether the Korean behemoth ever launches a public version of the tool to go head-on against ChatGPT, Google Bard, and others.


[ad_2]
Source link

Dropbox ends unlimited storage plans due to crypto miners

0
[ad_1]

After years of providing users with unlimited cloud storage, Dropbox is finally abandoning the “all the space you need” storage plan. This decision comes in response to users exploiting the service for activities such as crypto mining and reselling storage to others.

In a blog post, Dropbox also pointed out a notable instance involving the cryptocurrency Chia, which heavily relies on storage capacity as a fundamental component of its mining process. The currency’s “proof of space and time” model, which rewards users based on their ownership of “plots,” each demanding 100 GB of storage on physical hard drives, led to crypto miners combining their storage resources.

“In recent months, we’ve seen a surge of this behaviour in the wake of other services making similar policy changes. We’ve observed that customers like these frequently consume thousands of times more storage than our genuine business customers, which risks creating an unreliable experience for all of our customers,” reads Dropbox’s blog post.

New plans

As a result of the shift, the company’s Advanced plan, which includes three active licenses, will now provide 15TB of shared storage space, sufficient for storing approximately 100 million documents, 4 million photos, or 7,500 hours of HD video content. Additionally, Dropbox emphasizes that users who utilize less than 35TB of storage will retain their current storage capacity and receive an extra 5TB of pooled storage credit for five years. However, for businesses exceeding the 35TB threshold, the company will offer a similar arrangement, including a 5TB credit for one year, up to a maximum total of 1,000TB.

Moreover, starting September 18 for new customers, Dropbox will introduce new storage add-ons, which will provide an extra 1TB of storage at a monthly rate of $10 or a discounted rate of $8 per month for annual purchases.

However, it is important to note that the company will introduce the changes gradually from November 1st, giving users at least 30 days’ notice before their scheduled migration date.


[ad_2]
Source link

Cisco Nexus 3000 and 9000 Series Switches Flaw

0
[ad_1]

A Denial-of-Service vulnerability has been discovered in the Cisco Nexus 3000 and 9000 series switches, which could allow a threat actor to cause a denial-of-service condition due to a flaw in the IS-IS (Intermediate System-to-Intermediate System) protocol.

ISIS is one of the family of IP routing protocols and can also act as an Interior Gateway Protocol (IGP), which is used to distribute IP routing information throughout a very large network that has a single routing policy.

The vulnerability exists due to the unexpected restart of the IS-IS process, causing an infected device to restart. Threat actors can exploit this vulnerability by sending a crafted IS-IS packet to an infected device that can cause the device to reload.

CVE-2023-20169: Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol Denial of Service Vulnerability

Additionally, there is insufficient input validation when parsing ingress IS-IS packets, leading to this denial of service condition on the affected devices. This vulnerability has been assigned with a CVE ID of CVE-2023-20169 and has a severity of 7.4 (High), as stated by NVD. 

However, there are prerequisites for threat actors to exploit this vulnerability. The threat actor must be layer 2 adjacent to the affected device for successful exploitation. 

Cisco has released a security advisory for this vulnerability, including a list of affected devices and a list of not vulnerable devices.

Affected Products & How to Detect

As mentioned by Cisco, the affected products include Nexus 3000 Series Switches and Nexus 9000 Series Switches in standalone NX-OS mode. In addition, Cisco has also provided steps to detect if a Switch has enabled IS-IS Protocol. 

“A device that is configured for IS-IS authentication can still be affected by this vulnerability. For more information, see Cisco Nexus 9000 Series NX-OS Unicast Routing Configuration Guide, Release 10.3(x): IS-IS Authentication,” reads the security advisory released by Cisco.

The list of products that Cisco has confirmed are not vulnerable can be checked in this Cisco security advisory section.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.


[ad_2]
Source link

Samsung Galaxy Z Flip 5 updated with Always On Display improvements

0
[ad_1]

Along with the Galaxy Z Fold 5, the Galaxy Z Flip 5 is Samsung’s most recent flagship. Although neither brings too many improvements over the previous models, they remain some of the best foldable handsets currently available on the market.

Regardless of whether or not they bring anything new over the predecessors, Samsung believes there’s always room for improvement. The updates that both phones have received in the last couple of weeks are evidence that Samsung is looking to iron out all the issues that have been found by users or its team of engineers, while also smoothing the user experience.

Over the weekend, Samsung released a small update for its Always On Display app, which allows those who use the company’s phones and tablets to customize how the display functions and what looks like.

The update has been specifically aimed at the Galaxy Z Flip 5, which is getting a few improvements that should further enhance user experience. Spotted by SamMobile, the latest Always On Display app update changes the Galaxy Z Flip 5’s cover screen so that when you use an informative/graphics type clock, the clock style does not change even while roaming.

Although this is not truly a new feature, it does make the already existing feature work as intended. Before the update, a bug made the clock style change in various scenarios, so you have to customize the cover screen again.

Another interesting change included in the update is related to memory usage, which has been improved in certain cases during Galaxy Z Flip 5 cover screen actions.

It’s not much, but the update does add a bit more functionality to the Always On Display app, even if that means just fixing a bug and improving some of the already existing features. Don’t forget to check for Always On Display version 8.3.30.4 to benefit from all the changes.


[ad_2]
Source link

IT Contractor Data Breach Affects 47,000 Met Police Personnel

0
[ad_1]

key findings

  • The data breach exposed the personal information of all 47,000 Met Police officers and staff, including names, photographs, ranks, vetting levels, and identification numbers.
  • The data breach was caused by a cyber attack on the IT systems of a contractor responsible for printing warrant cards and staff passes.
  • The National Crime Agency (NCA) has been called in to investigate the data breach, as fears mount that organized criminal networks or even terrorists could exploit the stolen data.
  • High-ranking officials and officers involved in top-secret operations have been affected by the breach, including Commissioner Sir Mark Rowley and Deputy Commissioner Dame Lynne Owens.
  • The breach has raised questions about the security of law enforcement agencies across the UK and has led to calls for improved data security measures.

The Metropolitan Police Force is currently dealing with an extensive data breach involving the personal information of its officers and staff. The breach has exposed the details of all 47,000 personnel, raising concerns about their safety and operational integrity.

The data breach was discovered after cybercriminals penetrated the IT systems of a contractor responsible for printing warrant cards and staff passes, and has left the Metropolitan Police Force on high alert.

The compromised information encompasses a range of sensitive data, including personnel names, photographs, ranks, vetting levels, and identification numbers. While personal details like addresses, phone numbers, and financial information were not accessed, the data breach has nevertheless sparked widespread concerns about the potential misuse of the exposed data.

Rick Prior, the vice-chair of the Metropolitan Police Federation, expressed deep concern over the breach, highlighting the vulnerability that the force’s officers and staff now face. Prior emphasized the crucial role that these personnel play in maintaining public safety and apprehending criminals, making the security of their personal information paramount.

While home to some of the best cybersecurity companies in the world, the state of cybersecurity in the country and employee training is becoming questionable with each passing day. In 2021, UK Police mistakenly deleted 150,000 arrest records due to a software glitch. The deleted data also included DNA and fingerprint records.

“To have their personal details leaked out into the public domain in this manner will cause colleagues incredible concern and anger. We share that sense of fury… this is a staggering security breach that should never have happened.”

Rick Prior – Metropolitan Police Federation

The breach has far-reaching implications beyond just personal information exposure. The National Crime Agency (NCA) has been called in to investigate, as fears mount that organized criminal networks or even terrorists could exploit the stolen data.

The breach’s severity becomes evident as it’s revealed that even high-ranking officials and officers involved in top-secret operations have been impacted. Names such as Commissioner Sir Mark Rowley and Deputy Commissioner Dame Lynne Owens are among those affected.

Counter-terrorism units and officers assigned to protect the Royal Family have also fallen victim to this data breach, amplifying anxieties about potential threats arising from the compromised data.

The gravity of the situation is underscored by the possibility of undercover officers having to be withdrawn from ongoing operations due to compromised identities, potentially undermining critical police work.

This breach follows a series of similar incidents affecting law enforcement agencies across the UK. Just recently, data on 10,000 Northern Ireland police personnel was inadvertently disclosed, further highlighting the urgent need for improved data security measures across the board.

The situation has drawn sharp criticism from experts like ex-Met commander John O’Connor, who called the data breach “utterly outrageous.”

  1. Hackers can manipulate Police body cam footages
  2. D.C. Police Department suffers ransomware attack
  3. Ukraine National Police website down after hacker intrusion
  4. Hackers leak 296 GB worth of data from US Police & Fusion centers
  5. Police lose evidence to Ryuk ransomware attack; suspects walk free

[ad_2]
Source link

Netflix continues to add subscribers in the U.S. after cracking down on password sharing

0
[ad_1]
Once Netflix started its plan to crack down on password-sharing in May, the video streamer started to add new subscribers. A report in BroadbandTV News cited stats from Antenna which revealed that after a 12.9% decline in the number of gross additions to its U.S. subscriber list in April, Netflix saw that figure rise 27.8% in May and an incredible 128.9% in June. July showed a 25.7% drop off in U.S. gross additions. 
Still, the company did manage to add 2.6 million U.S. subscribers in July after signing up 3.5 million in June. Since the beginning of the crackdown in May, Netflix has added 7.5 million U.S. subscribers which seems to indicate that the company has done a good job in convincing password borrowers that they still want to watch the platform’s content even if they have to pay for it with their own money.
It should be noted that in July, 23% of those subscribing to Netflix in the States chose the ad-supported tier of service called Standard with ads which is priced at $6.99 per month. Just a few movies and television shows are unavailable with this subscription tier and two supported devices can view content at a time, which is streamed in Full HD. In June, 19% of gross additions selected this tier. The percentage of U.S. gross additions that signed up for the Standard with ads service during July was the highest since Netflix started offering an ad-supported service in November.

Netflix no longer offers the basic ad-free service in the U.S. which means that besides the ad-supported tier, U.S. Netflix subscribers can choose between Standard and Premium. Priced at $15.49 monthly, Standard includes unlimited ad-free movies, TV shows, and mobile games and can be used by two supported devices at a time. Content is streamed in Full HD and one person who doesn’t live with the subscriber can be added for $7.99 per month.

The Premium service, which costs $19.99 per month, includes unlimited ad-free movies, TV shows, and mobile games and four supported devices can use the service at a time. Content is streamed in Ultra HD, Netflix spatial audio is included, and six supported devices can download content for offline viewing. Up to two extra members who don’t live with the subscriber can be added for $7.99 per month per subscriber. 

Discussing the elimination of its old Basic package, Netflix wrote, “We’ll be interested to see how this impacts the composition of Netflix subscriptions and sign-ups overall in the coming months.” For the quarter that ended June 30, Netflix doubled projections by adding 5.9 million subscribers worldwide bringing its total globally to 238.3 million.

Meanwhile, some of the new content on Netflix includes PainKiller, a series about the Sackler family and how it pushed doctors to prescribe its Oxycontin painkiller. The second season of Heartstopper also recently dropped on the platform.

[ad_2]
Source link

Smart lightbulb and app vulnerability puts your Wi-Fi password at risk

0
[ad_1]

We take a look at reports that a smart lightbulb and app vulnerability could potentially put your Wi-Fi password at risk.

New research highlights another potential danger from IoT devices, with a popular make of smart light bulbs placing your Wi-Fi network password at risk. Researchers from the University of London and Universita di Catania produced a paper explaining the dangers of common IoT products. In this case, how smart bulbs can be compromised to gain access to your home or office network.

If you use the TP-Link Tapo L530 E smart bulb and the TP-Link Tapo app, you will have some smart bulb related reading in your immediate future.

Bleeping Computer reports that no fewer than 10 million app installations exist via Google Play. From the app description:

The Tapo app helps you set up the Tapo smart devices within minutes and puts everything you need at the tip of your fingers

• Control your smart device from anywhere.

• Control the device via voice with Google Home and Amazon Echo.

• Preset Away mode to make it seem like someone is home.

• Set a countdown timer to automatically turn the device on or off.

• Schedule when to turn the device on or off automatically at times.

All fairly standard fare where smart home lighting is concerned. The bulbs can connect to your router, and the bulbs can be controlled via the relevant app. You may well have a similar setup in your own home. In this case however, Italian researchers have shone a light on more insecure issues and practices from smart products which make using them a potentially risky proposition.

Multiple high severity vulnerabilities exist which allow for password retrieval and device manipulation, with four issues in total.

One vulnerability, with a CVSS score of 7.6 out of 10) allows for attackers to retrieve verification keys through brute force, or by decompiling the Tapo app itself. The other high severity flaw, wtih a CVSS of 8.8, is related to incorrect authentication of the bulb, which means the device can be impersonated, allowing for Tapo password theft and device manipulation.

The other two issues, which are not as severe, related to lack of checks of received messages with regard to how old they are and a lack of randomness during encryption.

What is the potential for damage where the “severe” vulnerabilities are concerned? Well, in a worst case scenario someone could potentially swipe your Wi-Fi password via the Tapo app and then have access to all the devices on said network.

Bleeping Computer notes a few wrinkles in this attack plan. The most important of which is that the device would need to be in setup mode in order for the attack to strike gold. While you probably wouldn’t expect many people to have bulbs plugged in but not set up, the attacker can get around this. Namely: With a few clicks of the app, they can deauthenticate your light bulb thus forcing the need for a fresh setup. 

In terms of addressing these flaws, the researchers mention that they made use of TP-Link’s Vulnerability Research Program (VRP) to report all four issues. TP-Link responded that they have started work on fixes for both bulb and app. There is no specific date mentioned for this at time of writing. There are some workarounds suggested to “fix” these issues, but they’re aimed at the manufacturers as opposed to the users.

You can, and should, practice good security when dealing with any product making use of your home or office network. Strong passwords, multi-factor authentication, even turning off products that won’t be in use for a significant period of time.

Where the above TP-Link problems are concerned, users should keep the official website handy for security update notifications and ensure all apps and firmware are up to date whenever possible. You should also do this for all of your other smart appliances: Baby monitors, webcams, security systems, and utility service controls. Smart homes are here to stay, and it’s up to us to ensure we’re not providing easy inroads for attackers to exploit.


We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


[ad_2]
Source link

Update now! Google Chrome’s first weekly update has arrived

0
[ad_1]

The first of Chrome’s now weekly security updates fixes five vulnerabilities.

Google has published details about the first weekly update for the Chrome browser. Recently Google announced that it would start shipping weekly security updates for the Stable channel (the version most of us use). Regular Chrome releases will still come every four weeks, but to get security fixes out faster, updates to address security and other high impact bugs will be scheduled weekly.

This should also help in the reduction of a patch gap in the Chome release cycle. When a Chrome security bug is fixed, the fix is added to the public Chromium source code repository. The fix is then tested and evaluated before it goes to the Stable Channel. The gap is the time between the patch appearing in the Chromium repository and it being shipped in a Stable channel update.

The latest update has fixes for five vulnerabilities. Four of these vulnerabilities have been classified with a High importance and one as Medium. All these vulnerabilities have been reported by external researchers between August 1 and August 7, 2023.

The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVEs patched in these updates are:

CVE-2023-4430, a use after free (UAF) vulnerability in Vulkan, in Google Chrome prior to 116.0.5845.110, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Vulkan is a modern cross-platform graphics and compute API (application programming interface) that provides high-efficiency, low-level access to modern GPUs (graphics processing units) used in a wide variety of devices from PCs to smartphones.

UAF is a type of vulnerability that is the result of the incorrect use of dynamic memory during a program’s operation. If, after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program.

Heap corruption occurs when a program modifies the contents of a memory location outside of the memory allocated to the program.

CVE-2023-4429 is another use after free vulnerability, this time in Loader, in Google Chrome prior to 116.0.5845.110, which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2023-4428 is an out of bounds memory access in CSS, in Google Chrome prior to 116.0.5845.110, which allows a remote attacker to perform an out of bounds memory read via a crafted HTML page.

An out-of-bounds write or read flaw makes it possible to manipulate parts of the memory which are allocated to more critical functions.

CVE-2023-4427 is an out of bounds memory access in V8, Google’s open-source JavaScript engine, in Google Chrome prior to 116.0.5845.110, which allows a remote attacker to perform an out of bounds memory read via a crafted HTML page.

CVE-2023-4431 is the vulnerability listed as Medium severity. It’s an out of bounds memory access vulnerability in Fonts in Google Chrome prior to 116.0.5845.110, which allows a remote attacker to perform an out of bounds memory read via a crafted HTML page.

How to protect yourself

If you’re a Chrome user on Windows, Mac, or Linux, you should update  to version 116.0.5845.110/.111 at your earliest convenience.

The easiest way to update Chrome is to allow it to update automatically, which basically uses the same method as outlined below but does not require your attention. But you can end up lagging behind if you never close the browser or if something goes wrong—such as an extension stopping you from updating the browser.

So, it doesn’t hurt to check now and then. And now would be a good time, given the severity of the vulnerabilities in this batch. My preferred method is to have Chrome open the page chrome://settings/help which you can also find by clicking Settings > About Chrome.

If there is an update available, Chrome will notify you and start downloading it. Then all you have to do is relaunch the browser in order for the update to complete.

Google Chrome is up to date

Google Chrome is up to date

After the update, your version should be 116.0.5845.110 for Mac and Linux, and 116.0.5845.111 for Windows, or later.


We don’t just report on vulnerabilities—we identify them, and prioritize action.

Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in tow by using Malwarebytes Vulnerability and Patch Management.


[ad_2]
Source link

Android users can now send HD videos through WhatsApp

0
[ad_1]

After HD photos, WhatsApp now lets you send HD videos as well. The new feature started rolling out recently and should be available to everyone over the next few days. You should get it with the latest update for the app.

WhatsApp has been long working on the ability to send photos and videos in HD quality. The Meta-owned messaging app added support for HD photos to the beta version of the app in early June. After a couple of months of beta testing, the feature rolled out publicly on Android and iOS last week.

Around that time, Meta said that it would soon add support for sending HD videos via WhatsApp. As promised, the feature is now here. It works the same way as for photos. Once available, you will see an HD button in the top toolbar when sending a video over WhatsApp. Tap on this button and the video will go through in higher quality with less compression. The recipient will also see an HD label on the video.

WhatsApp HD videos sending feature screenshot

The latest WhatsApp update adds the ability to send HD videos

This feature is available for some of us here at Android Headlines. We can see that WhatsApp lets you send videos in 1280×720 resolution maximum. If your video is of higher resolution, the app will compress it to 720p. By default, videos shared via WhatsApp are compressed to 480p resolution. You must select the HD button every time before sending videos. Meta doesn’t let you make this a default behavior.

If you want to share full-quality photos and videos over WhatsApp, you can always do that by sending them as documents. The app doesn’t compress documents. However, media files are compressed by default to reduce the strain on servers. Compression also helps users save internet data and storage space on their devices. Higher-quality media have bigger file sizes and consume more data when sent over the internet.

Speaking of the size, WhatsApp shows the file size for each quality. You can compare the size of the compressed file to that of the HD quality before sending it. This is available for both photos and videos. If you use WhatsApp to communicate and share photos and videos with your friends and family, you might find this feature useful. You can click on the button below to download the latest version of the app from the Google Play Store.

DOWNLOAD WHATSAPP


[ad_2]
Source link

Teenage members of Lapsus$ ransomware gang convicted

0
[ad_1]

A wave of video game developer compromises has come to a court-based conclusion for those responsible, with several convictions the end result. Arion Kurtaj, and a second teen who cannot be named due to their age, are finding themselves to be in quite a lot of trouble after repeated and sustained attacks on multiple businesses.

The infamous Lapsus$ ransomware gang gained notoriety for a number of attacks against companies involved in game development, or companies closely associated with gaming, such as Nvidia. Other compromises involved major telecoms companies like EE and BT. In 2021, two of the teens now found to be responsible for the telecoms attacks breached their servers and went on to demand a $4m ransom.

No ransom was paid, despite the attackers claiming to have source code belonging to Orange, BT, and EE in text messages sent out to 26,000 EE customers. Even so, they were able to steal close to $126,000 from five victims by abusing the SIM data used to secure their cryptocurrency accounts.

At the time, the teens (aged 16 and 17) were arrested for this incident and then released while being kept under investigation. You would think someone in this situation would steer clear of trouble. Here, things played out very differently.

Both teens continued to work with the group, going on to score more successful compromises like Nvidia in the first few months of 2022. One particularly unusual aspect of this attack would be Lapsus$ demanding that Nvidia make all of their graphics card drivers open source, or else risk internal data being leaked.

Nvidia was also rightly concerned that something dubious could have been inserted into a software update. If something bad were to sneak into people’s graphics card drivers, total chaos would be the end result. In terms of reach, this could have been very bad indeed. Other audacious attacks on services like Okta and Globant underscored how dangerous this particular ransomware group was if given the chance to jump onto a network.

Both teens were re-arrested at the end of March 2022, as a result of potential involvement in some of the above crimes. Kurtaj had his personal data leaked online, and had to be moved into a secure location for his own safety.

At this point, you would think that it would be a game over. There is no way that somebody in this situation, with their details leaked, and their hands caught in the cookie jar, would keep going. Right?

Wrong.

According to the BBC, police searched his hotel room and caught him “red handed”. Law enforcement discovered that Kurtaj used an Amazon Fire Stick plugged into his hotel television. This meant he was able to access cloud computing services. The court was told that he’d helped take on Uber, Revolut, and (in what may be the most publicised attack) Rockstar Games.

He posted a message to Rockstar’s Slack channel to all employees which said “I am not a Rockstar employee, I am an attacker”. He also claimed to have downloaded all of the data for the upcoming Grand Theft Auto 6, with the threat of releasing source code if he was not contacted on Telegram within 24 hours. Elsewhere, no fewer than 90 clips of unfinished gameplay ended up on a fan forum.

As you may have expected by this point, Kurtaj was indeed arrested and detained until his trial.

The prosecution mentions that members of the group had a desire to show off and highlight their skills for all to see. In the case of Kurtaj, this desire led to various hacking incidents he surely had little to no hope of concealing as the arrests and re-arrests continued apace.

It’s possible an older and more experienced crew would have cut their losses and gone silent for a while. In this case, those responsible were lighting the digital equivalent of emergency flares every five minutes during what would otherwise be covert attacks. Indeed, prosecutors tied some of the incidents to the teens responsible via IP addresses associated with their email and Telegram accounts. This is very much something you wouldn’t expect them to be caught out by. An amateur mistake, or that sense of youthful invulnerability coming to the fore?

Either way, for both of the teens involved their wave of compromises is now over.

How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; disable or harden remote access like RDP and VPNs; use endpoint security software that can detect exploits and malware used to deliver ransomware.
  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
  • Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
  • Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link