Planning
for ransomware...
https://www.bankinfosecurity.com/city-pays-ransom-despite-pre-ransomware-outbreak-hack-alert-a-14427
City
Pays Ransom Despite Pre-Ransomware Outbreak Hack Alert
… Ten
days after receiving an alert that hackers were inside its
systems, the city was hit by crypto-locking malware, disrupting the
city's email systems and leading to an ongoing network outage.
…
Now
the city council has approved plans to pay their attacker nearly
$300,000 in cryptocurrency in return for the twin promises of
receiving a decryption key and not seeing any city data get leaked,
if indeed any got stolen, the Florence-based Times
Daily reports.
… While
the city took a number of measures after receiving the May 26 alert,
Price tells Krebs that the IT department was still seeking
emergency funding to do a more thorough investigation.
… Clearly,
the city of Florence story looks like a missed opportunity by
officials to react quickly enough.
"It
would appear that they had a clear window of opportunity to respond
in a robust and timely manner to the initial breach and prevent the
ransom phase of the campaign," says incident response expert
David Stubley, who heads Edinburgh, Scotland-based security testing
firm and consultancy 7 Elements. "Unfortunately, it shows an
example of why you need to respond robustly to a breach of a host and
understand the capabilities of the actor and the malware."
While
the city said that after the tip-off, it had found and isolated the
one infected Windows system, that wasn't enough. Stubley said the
investigation should have carried on much further.
"Once
you understand the capabilities of the actor and the tooling in use,
it is vital to assess other assets within the network as actors will
look to move laterally and gain access to other systems," he
says. "As such, removing
just the first compromised device may not prevent sustained access to
the network."
Why
hackers hack.
Hacker
Bypasses GE's Ridiculous Refrigerator DRM
The
technique allows you to use 'unauthorized' water filters, which cost
a quarter as much as GE's official filters.
Earlier
this year, we brought you the sordid tale of the GE refrigerator that
won’t dispense filtered water unless consumers
pay extra for “official” filters from the company.
This sort of digital rights management and artificial,
software-enforced monopoly is a scourge on consumer rights. Now,
finally, a fed up customer has found a way to bypass GE’s
refrigerator DRM, and has posted instructions online.
Depends
on how work-at-home is managed.
Risk
of Data Loss Surges in the Era of Coronavirus
… This
is according to a
new data trends report by
cybersecurity solutions firm Digital Guardian, which revealed that
hundreds of terabytes of potentially sensitive corporate data might
be at risk due to being stored in employee homes on USB drives.
… Among
its findings, Digital Guardian showed that employees have been
copying company data onto USB drives more than twice as often as
they’d done prior to the outbreak of the coronavirus pandemic in
March, with a majority of that data being classified. Also
noteworthy is that data egress though email, USB, and cloud services
were similarly found to have surged during the pandemic, with much of
that data also being classified. To top things off, sizeable
increases in malicious activity on both corporate networks and
servers, and in incident-response investigations, were uncovered by
the report.
Tools.
Adobe
Photoshop Camera Is Now Available for Free
Adobe
has launched Photoshop Camera, a free camera app available on Android
and iOS. Photoshop Camera brings some of the magic of Photoshop to
your smartphone, allowing you to capture, edit, and share photos, as
well as apply a range of fancy filters.
… Photoshop
Camera comes with a handful of filters (which Adobe calls lenses),
but you can find and download new ones in a matter of seconds. The
filters range from subtle ones which change the lighting, to ones
which replace the background with different effects.
You
can see what effect a filter will have on a shot before you click the
shutter button. And you can make changes after capturing an image,
all while preserving the original shot. You can then share the
images on social media, or export them to other Adobe products.