Plus: Hacker exploiting activity surges by 150% in 2022
| Part of  Network | |
 Presented by  |
 The threat actor behind the Twilio cyberattack also targeted Cloudflare. Over 70 Cloudflare employees received texts similar to the ones that Twilio employees received when the company was breached. More: - The cyberattack attempt came from four unique T-Mobile numbers and attempted to redirect the targets by using a legitimate Cloudflare domain to a malware-infected landing page.
- The four numbers sent over 100 text messages in a span of 40 minutes.
- While threat actors managed to convince three Cloudflare employees to click on the phishing link, internal company security protocols were able to stop the employees from breaching the system.
- Cloudflare avoided a breach by implementing hard key confirmation, a security method that requires both users and administrators to approve a request on the network.
- The threat actor responsible for the breaching attempts in the Twilio case as well as this is believed to be the same one, but researchers do not have any further information at the moment.
| |
 CISA has released a warning for yet another Windows security flaw. The severe security flaw tracked as UnRar has been unpatched for more than one year. More: - UnRar, also tracked as CVE-2022-30333, is also a known bug in the UnRAR utility for Linux and Unix systems.
- If used, hackers could infect a targeted device with malware that can then be manipulated and controlled by the remote threat actor.
- The bug has a high severity score but is not the only one added to CISA's known vulnerabilities list.
- CISA has also added CVE-2022-34713 to its list, stating that the security flaw has been patched by Microsoft, but hackers have managed to breach victims by using both a web-based and email-based threat vector.
- This flaw is also called the DogWalk bug. Microsoft has not commented on these reports, while CISA has ordered all federal government agencies to update their security protocols by Aug. 30, 2022.
| |
 A message from QUANTUM Effective and Reliable Data Storage Protection that Scales on Your Terms and Budget. Data recovery is possible across the entire lifecycle - and air-gapped protection is both the safest and the lowest TCO. Successful Ransomware attacks can take months to fully recover from - especially when targeted campaigns wipe out clusters of servers. So why not choose a solution that protects and recovers at any point in your data’s lifecycle? With different tiers, you’re able to ensure availability of data without compromise. You’re able to balance cost while maximizing efficiency. No one can stop ransomware or fully prevent it from taking place - but you can make sure you’re protecting your customers and your data by ensuring that there is a fully air-gapped solution. Request A Demo
| |
 A health advisor has been fined after accessing patient health files without permission. The 36-year-old U.K.-based doctor was caught by the Information Commissioner's Office. More: - In 2019, the doctor accessed the personal data of patients that he knew personally, but he did not have any professional reason to do so and was unable to prove otherwise.
- 36-year-old Christopher O'Brien has been sentenced to a $3,600 fine that he has to pay to 12 patients.
- The Brit accessed the personal data of 14 patients in total, and some of the patients stated that the event has caused them to doubt the medical system in the country and has given them anxiety.
Zoom Out: - This is not the first time that public office professionals have been disciplined for similar cases. In the same year that O'Brien accessed the data, over 200 police members in the U.K. were reportedly caught misusing their security access and abusing their duty by looking at personal files of U.K. citizens.
| |
 Hacker exploiting activity has surged 150% in Q2 2022. Malware activity has also increased by 25%. More: - Hackers have managed to use tools such as Torpig Mebroot Botnet to steal credit card information from their targets, making financial crimes one of the most common cyberattacks in 2022.
- Researchers also highlighted Log4J bugs as a primary threat vector hackers used to breach their targets.
- Log4J is widely used by hackers due to the fact that it takes a long time to neutralize, as the bug is coded in Java. The programming language is a relatively old one and has a lot of variations in code that can take a long time to research.
- Manufacturing was the most targeted industry by hackers, while the LockBit Ranswomare gang was the most active hacker group.
| |
 Privya has raised $6M with the goal of helping protect privacy when an app is still being coded. The company is based in Tel Aviv, Israel. More: - The company claims that the way it can protect user privacy is by initially scanning an app's code, then having its proprietary system analyze the code and see if there are private details such as a name, address, sexual orientation, or location.
- Privya's product is able to see what kind of formation the code holds and, just as importantly where, does that information go once the app is deployed.
- The company believes that privacy laws similar to the European GDPR are going to be implemented by most countries, including the U.S., and therefore its unique business offering will serve the market well.
- The company's Seed funding round was led by Hyperwise Ventures.
| |
Quick Hits: - Over 3,000 fast-growing companies trust Vanta to automate their security monitoring and get ready for security audits in weeks instead of months.*
- Australian companies are more concerned about their cybersecurity than ever before, according to a new report. The most critical security issue, according to 89% of respondents, is remote work.
- Siemens AG, the German energy conglomerate, has partnered with cybersecurity company Awen Collective to develop a new security software solution that aims to improve security for SME manufacturers.
- Almost 60% of the companies in EU member country Romania plan to increase their cybersecurity budget. Over 90% of executives in the country are convinced that a cyberattack can severely damage their business.
- Stop stressing over ecomm content. Get hundreds of photos, videos, and product reviews ready in just a few weeks. 100% yours to use wherever, forever.*
*This is sponsored content.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 Ford. | |
With Quantum, we shift the focus from accumulating data to making it work for you. | |
| 767 Bryant St. #203, San Francisco, CA 94107
Copyright © 2022 Inside.com | |
| |
