Uber hit by cyberattack, hacker may be an 18-year old/Global cybersecurity market to reach $334B by 2026/President Biden signs executive order to screen U.S. foreign investments

Plus:Hackers are attempting to mine crypto by breaching Oracle WebLogic

Inside.com Part of   Network September 16, 2022

Presented by

Uber has confirmed that it has been hit by a cyber attack. The company has stated that the incident is being investigated.  More: While the company has not shared many details, researchers believe that the threat actor was able to gain access by using social hacking to lead an employee into sharing critical information on the enterprise communication app Slack. The hackers used that information to gain admin-level privileges to Amazon Web Services and Google Cloud, two data hosting services that Uber uses. Due to the breach, Uber was forced to shut down its internal online communication system. Researchers claim that the company directs its employees to use 2 Factor Authentication, but hackers managed to overcome this authentication method by creating a fake domain and leading a user with log-in credentials toward the fake landing page. Uber stated that it has communicated with law authorities and is expecting further updates soon. According to unofficial reports, the threat actor may be an 18-year-old man. Zoom Out: Uber was also breached in 2016, an event that led to the company's former Head of Security being investigated for hiding key evidence. The company allegedly paid 100$ to the hackers who stole its data in 2016 in order to avoid the event from being published

The global cybersecurity market is set to be worth $334B by 2026, growing at 8.2% YoY. The global healthcare cybersecurity vertical alone is expected to grow to over $30B. More: The cybersecurity market currently stood at over $220B in 2021.  Since the war in Ukraine, the industry has seen increased growth. This is being credited to both companies and governments becoming more aware of the importance that this industry has on their day-to-day operations. The Asia Pacific and North America regions together represented over 50% of the total cyber security market value in 2021. Cybersecurity startups raised a record-breaking amount of money in 2021, with a similar trend continuing in 2022. Companies such as Microsoft have launched new cybersecurity services in an attempt to cater to the growing demand.

A message from WIND RIVER 10 RTOS features you'll wish you knew about sooner! Modern real-time operating systems come with updated features that can make development faster and easier.   Join us as we explore the features available in the newest version of VxWorks®, as well as how to take advantage of them to streamline the software development cycle. You will learn: What features are available in the newest edition of VxWorks How to set up and use these new features How they can improve the development process for embedded engineers Register Now!

President Biden has signed an executive order that will help national security agencies screen foreign investments in the U.S. Biden has ordered a special panel to check for specific alarming signals in business deals conducted between U.S. and Chinese companies. More: The executive order is meant to protect U.S. supply chains, data, and technologies like semiconductors, artificial intelligence, and biotechnology. Biden stated that this executive order intends to protect the U.S. from having its technology exploited in a way that is against the country's values and interests. This legislation is not intended to expand the scope of responsibility that CFIUS has but rather to re-establish its main area of focus. CFIUS is led by the Treasury Department. Zoom Out: Cybersecurity guidelines have become a point of focus for many governments. The European Parliament yesterday proposed new legislation that would oblige companies that manufacture toys, smart fridges, vehicles, and other IoT devices to ensure more security for their users and present clear instructions on how to proceed in case of a security emergency.  CISA yesterday added six new vulnerabilities to its list of known bugs, adding to the hundreds of other bugs that the agency has added this year alone. Other countries have also accused the U.S. of conducting cybersecurity operations. China has recently criticized the U.S. government for allegedly stealing information from Chinese universities and aeronautics organizations.

Hackers have been tracked trying to mine cryptocurrency by hacking Oracle WebLogic servers. The threat actor is exploiting an old security bug tracked as CVE-2020-14882. More: One of the threat actors believed to be leading the hacking campaign is the Kinsing hacker group. The group is using PowerShell Scripts to load a multi-stage attack. First, the scrip disables the Security-Enhanced Linux, then the watchdog timers and iptables, and finally, the cloud service provider’s agents. The flaw being exploited has a CVSS score of 9.8, making it a critical security bug. If hackers are able to execute the attack, then they could steal data or gain remote control of the entire device. Zoom Out: According to reports, the number of malware variants being used for cryptojacking has increased in 2022, signaling that hackers are interested in cryptocurrency more than ever before.

A message from QUANTUM Save Your Data Before It Needs Saving - Air-Gapped Protection: Reliable and Cost-Effective Paying a ransom may sound like the best case scenario: get your data back, make your customers feel worth it. But actually, it can affect your business in other ways and may, in some cases, be illegal. Make sure your systems are protected across the entire data lifecycle - and never pay a ransom again. You’re able to balance cost while maximizing efficiency. No one can stop ransomware or fully prevent it from taking place - but you can make sure you’re protecting your customers and your data by ensuring that there is a fully air-gapped solution. Request A Demo

Cybersecurity company Senteon has raised an undisclosed seed round from Purdue Startup Fund. The company provides software that helps small and medium-sized businesses better prevent and thwart cyberattacks. More: Other participants in the round include Valor Ventures, Lytical Ventures, and SaaS Venture Capital. The company, founded by Purdue Research Foundation alumni, aims to use the funds to improve its go-to-market strategy. As part of the deal, Sean Higgins will join the company's board. Higgins is the co-founder and CTO of cybersecurity company Herjavec Group.

Quick Hits: Organize your startup business the right way with ClickUp. Create tasks and projects for each business division.* After being hit with numerous cyberattacks that shut down its internal email communication, the government of Kosovo has decided to create the National Agency for Cybersecurity. Microsoft has stated that a recently tracked security flaw that affects Teams authentication tokens has been noticed but that patching it is going to take a longer time because the company does not see it as an immediate threat. The Department of Homeland Security has announced a $1B cybersecurity fund that will be used to give financial support to states and local governments across the U.S. According to a new report, the market worth of Artificial Intelligence in the cybersecurity industry will reach $91B by 2032, up from its $16.5B worth in 2021. *This is sponsored content.

Upcoming events at Inside: September 21 - Hired's Navigating Market Uncertainty: The State of Tech Hiring Webinar (Register Here) * September 21 - AMA with Kristen Ruby (Founder of Ruby Media Group) (Register Here) September 22 - "Top 10 Overlooked VxWorks Features" with Brian Kuhl (Register Here) * September 28 - AMA with Leigh-Ann Buchanan (Founder of aīre ventures) (Register Here) October 05 - AMA with Ram Bartov (Chief Accounting Officer at TripActions)* (Register Here) October 11 - AMA with Mike Malone (Smallstep) (Register Here) October 12 - AMA with Bill Glenn (Executive Chairman at Crenshaw Associates) (Register Here) October 19 - AMA with Zecca Lehn (Responsibly VC) (Register Here) October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here) *This is a sponsored listing.

Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. Editor Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords.

For nearly 35 years, VxWorks has been used to ensure the security, safety, and reliability you need to design and build mission-critical embedded systems that simply must work.

With Quantum, we shift the focus from accumulating data to making it work for you.

767 Bryant St. #203, San Francisco, CA 94107 Copyright © 2022 Inside.com

Did someone forward this email to you? Head over to inside.com to get your very own free subscription! You received this email because you subscribed to Inside Security. Click here to unsubscribe from Inside Security list or manage your subscriptions.