Ransomware Payments Bill 2021 was introduced in the Australian House of Representatives on Monday which, if passed, would require organizations to inform ACSC before a payment is made to a criminal organization in response to a ransomware attack. The ACSC would be required to de-identify the information for the purpose of informing the public and private sector about the current threat environment.
Tim Cook said that the proposed EU tech rules threaten the security and privacy of iPhones. He partially agrees with the rules, but expressed concern as legislation may allow apps to be downloaded by users from outside of the Apple store. This could ruin the security parameters that have been set by Apple, thereby putting users’ security at risk. Lawmaker Andreas Schwab said he wanted to strengthen the legislation and narrow the scope to just big companies.
Seqrite, a Quick Heal company, has released Hawkk, a cloud-based cybersecurity management platform that allows organisations to manage different security products from a single dashboard. Seqrite plans to introduce more next-gen tech to the platform, including EDR, zero trust, data privacy, and network security, according to the company. Seqrite claimed to have stopped 13,000 attacks by the year 2020 including ransomware, APTs and targeted attacks.
Cybersecurity researchers have discovered a scam of a free gift campaign in the name of Tata Motors. It is collecting users’ data and has been traced back to China. The gift offer has been kept attractive to lure people. On the main page, it shows the picture of Tata Safari and congratulates the users asking them to take a survey. The real IP address has been masked using Cloudflare tech. It is being hosted on a third-party domain and not the official website of Tata Motors.
An APT group attacked a local govt office using Fortinet vulnerabilities. The FBI didn’t name the office but has issued a warning as Fortinet’s vulnerabilities being exploited by cybercriminals. APT actors created an account by the name of ‘elie’ to increase activity on networks. In April FBI had warned that the ports 4443, 8443, and 10443 for Fortinet FortiOS CVE-2018-13379, and enumerated devices for FortiOS CVE-2020- 12812 and FortiOS CVE-2019-5591, had been compromised.
A Kaspersky DDoS Prevention report said that in the Q1 of 2021, the DDoS attack witnessed a drop of 29 % when compared to Q1 of 2020. However, a 47 % increase is seen in the Q4 of 2020. The growth is due to the abnormal spike in Jan which accounted for 43 % of the total number of attacks in the three months, the rest of the two months remained normal. The report painted the overall DDoS situation as stable.
A Kaspersky report shed light on the fact that 67% of Indians think it is okay to delay software updates. 41% of users postpone their updates for popular reasons — being busy at work (32%), not wanting to stop using their device (22%) while 24% do not wish to close the apps in use. The report warned users that delaying updates only gives more time to hackers to access their devices. Kaspersky said that updates were like immunity boosts given to devices.