Category Archives: News

Nord Security and Surfshark to Merge

Read Time:1 Minute, 50 Second

Nord Security and Surfshark to Merge

Lithuanian-based cybersecurity companies and rival virtual private network (VPN) providers Nord Security and Surfshark have finalized a merger agreement.

The companies said that the merger would “open new technical knowledge-sharing opportunities and enable more focused market diversification.” Both companies will continue to operate autonomously and maintain separate infrastructure and product roadmaps.

Since both companies are privately owned entities, the transaction details have not been disclosed. 

Nord Security was established in 2012 and now has 1,000 employees who support 15 million users worldwide. The company is known for its VPN service NordVPN, freemium VPN provider Atlas VPN, password manager NordPass, encrypted cloud storage NordLocker and the advanced network access security solution NordLayer.

According to a post on its website about the merger, Nord Security was impressed by the fast growth of Surfshark and the expertise and professionalism of its team. 

“The increasing complexity of cybersecurity and digital privacy is a growing challenge worldwide. We believe that this industry requires radical simplification and ease of access, both for consumers and businesses,” said Tom Okman, the co-founder of Nord Security.

Surfshark was developed with the assistance of Lithuanian business incubator Tesonet, which also helped NordVPN to grow.

He added: “Together, Nord Security and Surfshark create the largest internet security powerhouse in the market, ready to bring advanced solutions for customers.” 

Nord Security said that while both companies will work independently to improve their own products, they will consolidate their resources to reach mutual goals and innovate within the cybersecurity industry.

Smaller fish Surfshark launched in 2018 and employs around 200 people. The company delivers software solutions and was a founding member of the VPN Trust Initiative. It is known for its Surfshark One suite, which bundles an award-winning VPN, antivirus, private search tool and data leak detection system alert to provide cybersecurity protection.

“Consolidations in the global consumer cybersecurity market indicate the industry’s maturity. They also bring new competitive challenges,” said Vytautas Kaziukonis, founder and CEO of Surfshark.

They added: “Nord Security and Surfshark joining forces will set the ground to scale in different digital security dimensions, which is necessary to meet the growing requirements of our customers.”

Read More

Tennessee College Hit with Ransomware

Read Time:1 Minute, 44 Second

Tennessee College Hit with Ransomware

A cyber-attack on a community college in Tennessee may have exposed the personal data of students, staff and faculty. 

Attackers struck Pellissippi State Community College (PSCC) with ransomware on December 5 2021. The digital assault shut down online network connections to all five of its campuses during finals week, disrupting online exams. 

All the college’s connected PC workstations and most of its servers, including the operating system and files, were encrypted. The attackers also changed the passwords of every user.

“What I can say is that this is not going to be a quick fix,” said Pellissippi State vice president for academic affairs, Kellie Toon, at the time of the attack.

“There have been other schools hit and just by all indications in can take months to rebuild it. We can rebuild it. We will rebuild it … but it’s going to take time. ” 

The attack left staff and some of the college’s 11,000 students unable to access email or the Microsoft communications platform Teams. 

The college launched an investigation into the cyber-attack to gauge its impact. On February 1, PSCC began informing an unspecified number of individuals that their sensitive information may have been compromised in the attack. 

A notice on the college’s website states: “Our investigation confirmed that the attacker had access to our Active Directory database, which includes first and last name; PSCC username; PSCC email address; office location and phone number; job title and department (if an employee); P number (a unique number assigned to each student and employee used only at PSCC and not used to sign documents); General user ID number (a long random string of numbers used only by PSCC in its Banner system); and PSCC account password (hashed).”

The college added that cyber-criminals may have also been able to access “other personal data in our system.”

PSCC said that the individuals whose data may have been accessed and acquired in the attack included former and current students, faculty, staff and participants in Tennessee Consortium for International Studies (TNCIS) programs.

Read More

#Enigma2022: Security’s Role in Helping HealthTech Find Its Way

Read Time:2 Minute, 38 Second

#Enigma2022: Security’s Role in Helping HealthTech Find Its Way

Securing healthcare technologies is critical to human health and safety, not just in the medical setting but also with consumer HealthTech.

In an afternoon session on February 3 at the Engima 2022 conference, Joy Forsythe, director of security at Alto Pharmacy, explained that HealthTech is a growing area of healthcare products and services targeted at consumers that are available outside traditional medical establishments. HealthTech can include online medical services and both software and hardware-based human health monitoring technologies.

Forsythe pointed out that any information collected about a person’s health by a healthcare provider or medical professional that has a direct relationship with a patient is often considered in the US to be protected health information. The US Government rules to protect such information is referred to HIPAA (Health Insurance Portability and Accountability Act).

She noted that it’s not always clear what rules apply when it comes to HealthTech services and devices.

Forces Impacting Security in the Healthcare Ecosystem

Forsythe identified regulations as critical among the primary forces that impact security across the healthcare landscape.

While HIPAA outlines user privacy, other regulations include guidance on security practices issued by the US Department of Health and Human Services (HHS). For example, Forsythe noted that HSS has established that fax is considered a secure transmission method if the recipient’s fax number can be confirmed.

“Generally speaking in healthcare, if you verify that the fax number is correct, that’s considered secure,” she said. “If there’s a breach because of a fax that was sent to the correct phone number, the provider is not liable.”

While fax is an outdated decades-old technology, the HSS guidance on email for secure data transmission is less specific. As a result, Forsythe stressed, many healthcare entities in the US had banned email for sending personal health information.

Industry certification is another strong force that security needs to deal with for healthcare security.

“Certification is an attempt to standardize third-party risk assessments and simplify vendor management,” Forsythe said. “But certification often pushes outdated security controls, and they failed to reduce risk in modern environments.”

How HealthTech Can Improve Security

Not all HealthTech devices are bound by the same regulations in the US as technologies and services directly provided by medical professionals.

“Consumer wellness startups are not acting as healthcare providers, and they may not be subject to HIPAA for a while,” she commented. “They still have to abide by other privacy laws that are often less burdensome.”

The opportunity for security people in HealthTech is to actually really do the risk identification for the privacy rules that are in place, such as CCPA in California or GDPR in Europe.

It’s also important that HealthTech providers track which data is identifiable because that’s the data that matters for privacy. Additionally, she recommends that HealthTech providers enable an auditable record of all access to user data by services, employees and partners.

Forsythe concluded by emphasing the role that security can bring HealthTech: “I think there’s still a lot of opportunity for security to come into HealthTech organizations and make a difference in how they handle data.” 

Read More

The EARN IT Act Is Back

Read Time:45 Second

Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users:

A group of lawmakers led by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC) have re-introduced the EARN IT Act, an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition. Let’s be clear: the new EARN IT Act would pave the way for a massive new surveillance system, run by private companies, that would roll back some of the most important privacy and security features in technology used by people around the globe. It’s a framework for private actors to scan every message sent online and report violations to law enforcement. And it might not stop there. The EARN IT Act could ensure that anything hosted online — backups, websites, cloud photos, and more — is scanned.

Slashdot thread.

Read More

US Accuses Russia of Disinformation Plot to Justify Invasion of Ukraine

Read Time:1 Minute, 40 Second

US Accuses Russia of Disinformation Plot to Justify Invasion of Ukraine

The United States has accused Russia of a disinformation plot to serve as a pretext to an invasion of Ukraine.

This would be a video purporting to show a Ukrainian attack on Russian territory or against Russian-speaking people in Eastern Ukraine. According to the US government, the fabricated video would be highly graphic, including images of dead bodies.

On Thursday, Pentagon spokesman John Kirby told reporters: “We do have information that the Russians are likely to want to fabricate a pretext for an invasion.

“As part of this fake attack, we believe that Russia would produce a very graphic propaganda video, which would include corpses and actors that would be depicting mourners and images of destroyed locations.”

The US government added that it revealed the plans to help prevent conflict from breaking out in the region. However, no evidence was provided to support its claim, which Russia has denied.

The BBC reported that senior US officials believe the video is just one of a number of ideas Russia has to provide a pretext to invade Ukraine.

The claim has come amid mounting tension in the region, which has led to a massive build-up of Russian troops on its border with Ukraine.

Jake Moore, global cybersecurity advisor at ESET, noted that advancements in deepfake technologies are facilitating the use of fabricated videos, potentially to provoke war. “This reported use of deep fakery would highlight the extreme and dramatic turn in the nature of warfare that we are witnessing. Being able to drum up fear is often as powerful as the attack itself. In this new age of deepfake weaponry, it could worryingly not be too long before we have no idea what is real, making nation-state attacks even more difficult to protect from or predict,” he commented.

Russia has been accused of targeting Ukraine with numerous cyber-attacks in recent weeks, including forcing more than a dozen government websites offline.

Read More

NFT Wash Trading Made Scammers at Least $9m in 2021

Read Time:2 Minute, 5 Second

NFT Wash Trading Made Scammers at Least $9m in 2021

Cyber-criminals are making and laundering millions through non-fungible tokens (NFTs), according to new data from Chainalysis.

NFTs are technically unique records on a blockchain that are each linked to a piece of digital content. They can be minted and sold by the content creator to investors, fans and collectors.

Their popularity soared last year, according to Chainalysis.

The Singapore-based blockchain investigations and analytics firm tracked $44.2bn worth of cryptocurrency sent to ERC-721 and ERC-1155 contracts – the two types of Ethereum smart contracts associated with NFT marketplaces and collections. That’s up from just $106m in 2020.

However, this surging market for NFTs also attracted fraudsters and cyber-criminals.

Chainalysis claimed that so-called “wash trading” made scammers $8.9m last year.

Wash trading refers to a situation in which a seller is on both sides of a trade in order to mislead potential buyers about an asset’s value and liquidity.

“In the case of NFT wash trading, the goal would be to make one’s NFT appear more valuable than it really is by ‘selling it’ to a new wallet the original owner also controls,” Chainalysis explained.

“In theory, this would be relatively easy with NFTs, as many NFT trading platforms allow users to trade by simply connecting their wallet to the platform, with no need to identify themselves.”

The firm’s analysis revealed 110 profitable NFT wash trades last year. However, the actual figure for this volume and the profits made from the scams may be much higher, as Chainalysis only looked at activity using Ethereum and wrapped Ethereum (wETH) currencies.

The firm urged NFT marketplaces to clamp down on such activity.

“NFT wash trading exists in a murky legal area. While wash trading is prohibited in conventional securities and futures, wash trading involving NFTs has yet to be the subject of an enforcement action,” it said.

“However, that could change as regulators shift focus and apply existing anti-fraud authorities to new NFT markets. More generally, wash trading in NFTs can create an unfair marketplace for those who purchase artificially inflated tokens, and its existence can undermine trust in the NFT ecosystem, inhibiting future growth.”

The report also revealed a growing trend of NFTs being purchased to launder illicit funds. In Q3 and Q4 2021, Chainalysis tracked $2.4m in funds sent to NFT marketplaces from “scam-associated addresses” and addresses linked to sanctions activity, such as Chatex.

Read More

Startups to watch for 2022

Read Time:33 Second

The problems cybersecurity startups attempt to solve are often a bit ahead of the mainstream. They can move faster than most established companies to fill gaps or emerging needs. Startups can often innovative faster because they are unfettered by an installed base.

The downside, of course, is that startups often lack resources and maturity. It’s a risk for a company to commit to a startup’s product or platform, and it requires a different kind of customer/vendor relationship. The rewards, however, can be huge if it gives that company a competitive advantage or reduces stress on security resources.

To read this article in full, please click here

Read More

Cyber-Attacks Hobble Some of Europe’s Largest Ports

Read Time:1 Minute, 33 Second

Cyber-Attacks Hobble Some of Europe’s Largest Ports

Oil terminals in some of Europe’s biggest ports appear to have been disrupted by ransomware, according to reports.

A broker in the region told AFP that the attacks are disrupting the oil supply chain.

“There was a cyber-attack at various terminals, quite some terminals are disrupted,” Jelle Vreeman, senior broker at Riverlake in Rotterdam, told the newswire.

“Their software is being hijacked, and they can’t process barges. Basically, the operational system is down.”

The Amsterdam-Rotterdam-Antwerp oil hub, which spans ports across the Netherlands and Belgium, is believed to have borne the brunt of the attacks. AFP cited local Belgian reports that logistics and storage firm SEA-Tank Terminal is one of those impacted in Antwerp.

According to a separate report from The Associated Press, at least two energy companies in the Belgian ports of Antwerp and Ghent were hit by cyber-attacks, with the government’s Federal Computer Crime Unit opening an investigation.

This follows reports earlier this week that two German oil logistics firms were struck by ransomware: Oiltanking GmbH Group and Mabanaft Group.

Both companies were forced to declare force majeure, a legal clause used in emergencies when companies cannot fulfill their contractual obligations.

However, the head of Germany’s federal office for information security, Arne Schönbohm, is quoted as saying the incident is serious but “not grave.”

Anglo-Dutch oil giant Shell has already admitted it has been forced to reroute supplies due to the incident.

The news has uncomfortable echoes of the Colonial Pipeline attack in May 2021, which crippled oil supplies up and down the US east coast for days, leading to queues at gas stations.

This time the culprit, at least in the attacks in Germany, appears to be BlackCat (aka “alphv”), a relatively new ransomware-as-a-service variant.

Read More

Trustpilot Set to Sue Firms That Solicit Fake Reviews

Read Time:1 Minute, 56 Second

Trustpilot Set to Sue Firms That Solicit Fake Reviews

Trustpilot said today that it is planning legal action against businesses involved in soliciting fraudulent reviews on its site.

The Danish consumer reviews platform said it was forced to remove over two million fake reviews in 2020 alone, accounting for nearly 6% of those submitted to its site that year.

Although the firm is investing in automated fraud, enforcement and anomaly detection technologies, it said this will now be matched by a step-up in litigation efforts.

Repeat offenders will be hit with enforcement action. Trustpilot said it would seek to prevent them from soliciting fake reviews and try to recover any damages owed. If successful, these will be donated to organizations that protect consumers from online misinformation.

Other tools at Trustpilot’s disposal are cease and desist notices, termination of business, and public banners on offending firms’ profile pages indicating fraud.

“Consumers rely heavily on reviews to make more informed and confident purchasing decisions each and every day. Protecting and promoting trust is fundamental to Trustpilot’s mission,” said the digital firm’s chief trust officer, Carolyn Jameson.

“Whilst the vast majority of businesses use reviews constructively to help get them closer to their customers, we’re prepared to do everything within our power to clamp down on the small minority who do not behave as they should, and instead  use fake and misleading reviews to take advantage of consumers – often those consumers who are particularly vulnerable.”

Fake reviews are an increasing problem for platform providers, consumers and innocent vendors. A report out last year estimated that they could be responsible for as much as $152bn in purchases.

Also, last year, a misconfigured cloud database exposed a significant scheme by vendors using the Amazon marketplace to buy fake reviews from consumers. Vendors send reviewers a list of products to choose from, and if they leave a five-star review, the individual will get to keep the item.

At least 200,000 fake reviewers were implicated in this one scheme alone.

The situation has deteriorated to the point that regulators are stepping in. Last June, the UK’s Competition and Markets Authority (CMA) announced the opening of a formal probe into Amazon and Google over concerns that they’re not doing enough to protect consumers from fake reviews. 

Read More

NPM JavaScript registry suffers massive influx of malware, report says

Read Time:29 Second

The popular NPM JavaScript package manager and registry has been hit with an influx of malicious packages, the most harmful of which are related to data theft, crypto mining, botnets, and remote code execution, according to research from security company WhiteSource.

WhiteSource’s automated malware detection platform, WhiteSource Diffend, detected a total of 1,300 malicious packages on NPM, within a period of six months ended December 2021. 

All the malicious packages identified by WhiteSource were notified to NPM and were subsequently removed from the package registry.  

To read this article in full, please click here

Read More