Tag Archive for: early

Computer system breach ends work day early

/in


A computer system breach shut down operations for Hinds County employees Thursday. Hinds County Tax Collector Eddie Fair confirmed that internal servers were hacked and access to computers was not granted. Employees were sent home for the day while an investigation into what caused the service interruption is conducted. Residents in Hinds County will not be able to purchase car tags or receive any services. Hinds County Sheriff Tyree Jones said the breach did not affect our emergency services, 911 dispatch or the radio system. This is developing. Stay with WAPT for updates on when offices could reopen.

HINDS COUNTY, Miss. —

A computer system breach shut down operations for Hinds County employees Thursday.

Hinds County Tax Collector Eddie Fair confirmed that internal servers were hacked and access to computers was not granted. Employees were sent home for the day while an investigation into what caused the service interruption is conducted.

Residents in Hinds County will not be able to purchase car tags or receive any services.

Hinds County Sheriff Tyree Jones said the breach did not affect our emergency services, 911 dispatch or the radio system.

wapt

Hearst OwnedHinds County Sheriff’s Office

This is developing. Stay with WAPT for updates on when offices could reopen.

Source…

Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks

/in


Thomas Trutschel | Photothek | Getty Images

In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks.

Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by a murky upstart were indeed to blame.

But the software giant has offered few details — and would not comment on the attacks’ magnitude. It would not say how many customers were affected or describe the attackers, who it has named Storm-1359. A group that calls itself Anonymous Sudan claimed responsibility on its Telegram social media channel at the time. Some security researchers believe the group to be Russian.

Microsoft’s explanation in a blog post Friday evening followed a request by The Associated Press two days earlier. Slim on details, the post said the attacks “temporarily impacted availability” of some services. It said the attackers were focused on “disruption and publicity” and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.

Microsoft said there was no evidence any customer data was accessed or compromised.

While DDoS attacks are mainly a nuisance — making websites unreachable without penetrating them — security experts say they can disrupt the work of millions if they successfully interrupt the services of a software service giant like Microsoft on which so much global commerce depends.

It’s not clear if that’s what happened here.

“We really have no way to measure the impact if Microsoft doesn’t provide that info,” said Jake Williams, a prominent cybersecurity researcher and a former National Security Agency offensive hacker. Williams said he was not aware of Outlook previously being attacked at this scale.

“We know some resources were inaccessible for some, but not others. This often happens with DDoS of globally distributed systems,” Williams added. He said Microsoft’s apparent unwillingness to provide an…

Source…

Early Learnings From Advanced Hack and How Zero Trust Can Help

/in


Over the past year, there have been a number of successful ransomware attacks that have made online security a hot topic across the globe.

In fact, just recently it was reported that Advanced, a technology vendor that provides the architecture for services such as patient check-in and NHS 111, fell victim to a ransomware attack in August 2022. Whilst the investigation is still ongoing, Advanced predicts that it may take several months to get some of its services back online. Therefore, instead of focusing on patient care, doctors are having to manually process mounting piles of medical paperwork which is of course time consuming, arduous, and inefficient.

However, it appears that Advanced are taking the security lessons in their stride and looking to bounce back from this incident. According to a statement, Advanced said they were “rebuilding and restoring impacted systems in a separate and secure environment” by “implementing additional blocking rules and further restricting privileged accounts for Advanced staff” and “conducting 24/7 monitoring.” These are key principles of a Zero Trust Architecture. While Advanced probably had elements of Zero Trust beforehand, it is reassuring to see them reinforce this network architecture when faced with a paralysing ransomware attack. Here I explore how Zero Trust principles can be applied to organisations’ existing security architecture to prevent similar attacks and reduce risk.

HOW ZERO TRUST WORKS

Zero Trust is a network security model based on a philosophy that no user or device is trusted to access a resource until their identity and authorisation are verified. This process applies to those normally inside a private network, like an employee on a company computer working in the office, remotely from home or on their mobile device while at an offsite conference. It also applies to every person or device outside of the core network. It makes no difference if you have accessed the network before or how many times — your identity is not trusted until verified each time. The idea is that you should assume every machine, user, and server to be untrusted until proven otherwise.

While this may sound difficult to…

Source…

Commvault unveils early warning system, Metallic ThreatWise

/in


Commvault has announced the general availability of Metallic ThreatWise, an early warning system that proactively surfaces unknown and zero-day threats to minimise compromised data and business impact.

According to Enterprise Strategy Group, only 12% of the IT directors surveyed indicated confidence in having the proper tools and necessary location agnostic protection to secure data equally across on-premises and cloud.

With ThreatWise, Commvault is further defining data security with an early warning that no other vendor in this space provides. It uses decoys to proactively bait bad actors into engaging fake resources, spot threats in production environments, and arm businesses with tools to keep data safe. Simultaneously, Commvault is also extending its machine learning and critical threat detection and security capabilities to its broader platform.

 

“In surveying enterprise IT directors with direct knowledge and influence on their company’s data security strategies, the results we found were eye opening,” says  Jon Oltsik, Senior Principal Analyst and Fellow, Enterprise Strategy Group. 

“It is very clear that many IT teams do not have adequate tools in place to detect ransomware attacks on production environments early enough in the attack chain to neutralise stealthy cyber-attacks before they cause harm,” he says. 

“Ransomware has revolved around encryption for a long time, but newer extortion techniques like exfiltration go beyond rapidly spreading malware, and data recovery alone cannot help if sensitive business data is leaked to the Dark Web.”

Ranga Rajagopalan, Senior Vice President, Products, Commvault, says data recovery is important, but alone its not enough. 

“Just a few hours with an undetected bad actor in your systems can be catastrophic,” he says. 

“By integrating ThreatWise into the Metallic SaaS portfolio, we provide customers with a proactive, early warning system that bolsters their zero-loss strategy by intercepting a threat before it impacts your business.”

 

Metallic ThreatWise, along with Commvaults latest platform update features are available now. 

last month, Gartner named Commvault as a Leader in its 2022 Gartner Magic…

Source…