FBI takes down Hive ransomware group in an undercover operation

Read Time:34 Second

The US Department of Justice (DOJ) along with international partners have taken down the Hive ransomware group. The operation that began in July 2022 resulted in the FBI penetrating Hive’s computer networks, capturing its decryption keys, and offering them to victims worldwide, preventing victims from having to pay the $130 million in ransom demanded, DOJ said in a release on Thursday. 

“Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world,” Attorney General Merrick B. Garland, said in the release.  

To read this article in full, please click here

Read More

Identifying and securing your business’s dark data assets in the cloud

Read Time:4 Minute, 11 Second

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

The world runs on data. That has always been true, but the power of data has perhaps never been greater than it is today. We live in the great age of information — where a seemingly infinite repository of knowledge lies at our fingertips.

But data is not, of course, only to be consumed for personal use. Indeed, the greatest impact of data is on the world of business. Data is the fuel that keeps the engines of enterprise humming.

The truth, though, is that businesses, on average, use less than half the data they accumulate. The rest is lost somewhere in the ether, where it becomes so-called “dark data” that puts your customers, your employees, and your company at risk.

What Is dark data?

One of the most significant challenges in dealing with dark data is that many business managers, even at the highest level, don’t know what it is or how to manage it. That’s a problem because all companies generate tremendous amounts of dark data simply while doing business each day.

Dark data refers to information collected through ordinary business transactions that does not serve a specific business function outside of the immediate transaction. It is information that is generated through ordinary business processes and remains even after its immediate purposes have been served.

This information might include customer email or mailing addresses, phone numbers, or purchase logs.

Because the data has no real business utility, it is often left forgotten, unorganized, and insecurely stored. And this is the true threat that dark data poses, because, even when it serves no legitimate function for your business, it can readily be exploited by bad actors for various cybercrimes, from identity theft to financial fraud.

Finding and identifying dark data 

Understanding that dark data exists and is a problem is a necessary but not sufficient step in mitigating the risk. It’s also imperative that business leaders understand where to find it, how to identify it, and what to do about it.

When it comes to finding, identifying, and managing dark data, your best strategy is going to be data mapping. With data mapping, you’ll be able to determine what data is being generated, when, how, and where. Tracing the sources of your data is often the first step in determining where it goes after it has been generated.

This, in turn, enables you to locate all the once-hidden information that has been lurking around your network, particularly in the cloud. And that means you will be better able to identify which data points have eluded your cloud data management processes and related controls.

Organizing and securing dark data in the cloud

After you’ve found and accurately identified the immense repository of dark data that is likely clogging your system (and potentially costing your company millions of dollars in storage fees each year), it’s time to get organized.

As we’ve seen, dark data can pose a significant risk to your network security and undermine your data security compliance. There is a great likelihood that much of this data is sensitive or private and should be secured but isn’t.

Organizing once “dark” data means subjecting it to rigorous analysis to understand exactly where the data should fall within the scope of your company’s system governance processes. The key is to ensure, for example, that you’re protecting your once hidden data from insider threats, such as access or exploitation by employees who do not possess the appropriate permissions.

Properly organizing your hidden data is also critical for installing an added layer of protection around your company’s sensitive information. For instance, cloud data storage, though providing significant security, is by no means invulnerable.

Cloud systems are at risk of data breaches unless proper procedures are instituted to limit access and amplify security. This might include measures to optimize cloud security such as the use of multifactor authentication processes or the encryption of the most sensitive of your now-organized dark data.

The takeaway

Dark data is an omnipresent but relatively little recognized threat to businesses, workers, and consumers today. It is the inevitable result of ordinary processes of doing business, and yet many business leaders, including highly trained tech specialists, do not know what it is or how to manage it.

Dark data is information that is generated through ordinary business transactions but that has no practical business utility beyond that immediate transaction. The data that result does not disappear, however. Rather, they linger and are often forgotten until they are found and exploited for nefarious purposes by bad actors. Learning to find, identify, and organize dark data, especially when it is stored in the cloud, is critical to protecting companies and consumers against a range of threats, including financial fraud and identity theft. 

Read More

CVE-2020-36659

Read Time:16 Second

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix.

Read More

CVE-2020-36658

Read Time:16 Second

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix.

Read More