Tag Archive for: plans

How Google Chrome Plans to Block Hacking Attempts on Users’ Network |


Google has been adding features to Chrome to keep users safe. In a bid to strengthen the security of the web browser, the company is working on a feature that will detect and block hacking attempts to gain control of the target’s network.
How Google Chrome will block hacking attempts
Web browsers act as the medium between a user and the internet, hence, it becomes important for it to have safety features to protect users from hackers and take control of your network. By gaining the control of the network, hackers can monitor all the unencrypted traffic to and fro from all the devices that are connected to that particular internet connection.
For example, if your Wi-Fi is hacked, cybercriminals can spy on all the computers, laptops and mobile phones connected to the Wi-Fi. This can also provide access to personal information like name, address, and even financial information.
The upcoming feature will scan connection attempts to user network devices and stop any suspicious activity. Before a website A navigates to another site B in the user’s private network, the feature will “check whether the request has been initiated from a secure context” and “whether B responds with a header that allows private network access.”
“The above checks are made to protect the user’s private network. Since this feature is the ‘warning-only’ mode, we do not fail the requests if any of the checks fails. Instead, a warning will be shown in the DevTools, to help developers prepare for the coming enforcement,” Google said on the Chrome Platform Status website.
Google Chrome Tracking Protection
Earlier this year, Google started to roll out the Tracking Protection feature that will limit cross-site tracking by restricting website access to third-party cookies by default. The move is aimed at making browsing on Chrome more safe and secure. Google plans to phase out third-party cookies for everyone in the second half of 2024.

Source…

Syncro Plans Cybersecurity Push in 2024


Managing complexity in the cybersecurity stack will be among the challenges for managed service providers going into 2024. There are so many point solutions from so many vendors, and end user companies are relying on their MSPs for protection.

But the complexity of the cybersecurity stack is not the only challenge ahead for MSPs. Managed service providers have weathered a year of inflation, higher prices, and other industry changes, too.

That’s according to PSA/RMM platform company Syncro’s CEO Emily Glass who recently spoke with ChannelE2E about what’s on her company’s technology roadmap for next year, what she’s hearing from MSPs, the results of her company’s recent pricing survey of MSPs and more.

Cybersecurity and MSPs

Cybersecurity continues to be at top of mind for MSPs and for Syncro, Glass told ChannelE2E.

The threat landscape is always changing. Plus, MSPs have the challenge of identifying the right vendors, managing those vendors, and then selling the solution to the end customer company.

Syncro operates a marketplace-type ecosystem to help MSPs navigate the many options they have for cybersecurity. The company has forged partnerships with vendors including Acronis and Proofpoint. Syncro has also introduced a number of innovations to its platform in 2023 to help its MSP partners with their cybersecurity such as an IP Allow list that lets MSPs lock down their logins to certain IP addresses. Syncro also offers single sign on capabilities. The company recently achieved SOC 2 compliance.

Looking ahead for 2024, Glass said that Syncro plans to introduce innovations around simplifying security solutions for MSPs. As the threat landscape has shaped, more solutions have come to market to protect against them. But that’s led to another problem.

“The solutions that are emerging to deal with cybersecurity threats are very fractured,” Glass said. “Syncro is looking to unite them, similar to what we did for PSA/RMM.”

Syncro offers a unified PSA (professional services automation) and RMM (remote monitoring and management) platform. The unified approach to these two core MSP business functions simplifies the operation of a managed services business.

“We believe that…

Source…

Infosys Ransomware Attack Affecting Nonqual Plans Nearing Fix


Nonqualified compensation benefit accounts held hostage by a ransomware attack may be nearing reactivation, according to a notice to providers obtained by PLANADVISER.

The cybersecurity event at Infosys McCamish Systems LLC that halted multiple national retirement and insurance provider platforms, starting on November 2, was the result of a ransomware attack, according to sources familiar with the issue and the note to providers. Infosys BPM Ltd., the Bangalore, India-based parent company of Infosys McCamish, has only called it a “cybersecurity event” and did not immediately respond to request for further comment on the fix.

“As we previously informed you, McCamish Systems, an Infosys subsidiary and a provider critical to our ability to process and update participant transactions, experienced a ransomware event on November 2,” stated a letter from nonqualified plan provider Newport, owned by Ascensus, to benefits clients on Tuesday. “IMS notified us that it has successfully restored and rebuilt its environment.”

Infosys on November 3 disclosed the cybersecurity event to the Securities and Exchange Commission as part of a Form 6-K filing.

On Thursday, T. Rowe Price, the Vanguard Group and Ascensus noted that a breach at the platform provider had halted account use for nonqualified compensation plans and, in the case of Principal Financial Group, group universal life insurance accounts. None provided further comment on the fix.

Infosys had hired a third-party security expert, Palto Alto Networks Inc.’s Unit 42, to investigate the attack. Unit 42 confirmed that the systems have “been hardened” and that the security firm has not observed any “indication of ongoing unauthorized access or activity,” according to the letter.

Participants with nonqualified plans do not yet have access to their accounts, with an update to come the week of November 27. As of now, no participant data has been exposed, according to this and prior correspondence from the providers.

“As previously communicated, we are taking a number of actions to protect your data and ensure that participant accounts will reflect up-to-date, accurate values, including…

Source…

US says Royal ransomware gang plans ‘Blacksuit’ rebrand


The U.S. government says Royal, one of the most active ransomware gangs in recent years, is preparing to rebrand or spinoff with a new name, Blacksuit.

In an update this week to a previously published joint advisory about the Royal ransomware gang, the FBI and U.S. cybersecurity agency CISA said that the Blacksuit ransomware variant “shares a number of identified coding characteristics similar to Royal,” confirming earlier findings by security researchers linking the two ransomware operations.

“There are indications that Royal may be preparing for a rebranding effort and/or a spinoff variant,” the government’s updated advisory reads.

CISA did not say why it released the new guidance linking the two ransomware operations, and a spokesperson did not immediately comment when reached by TechCrunch.

Royal is a prolific ransomware gang accused of hacking over 350 known victims worldwide with ransom demands exceeding $275 million. CISA and the FBI previously warned that Royal was targeting critical infrastructure sectors across the United States, including manufacturing, communications and healthcare organizations. The city of Dallas in Texas recently recovered from a ransomware attack it later attributed to Royal.

It’s not uncommon for ransomware gangs to create different ransomware variants, go quiet for long periods of time, or spin-off and splinter into entirely new groups, often in an effort to evade detection or arrest by law enforcement. But recently imposed sanctions by the U.S and U.K. governments are likely hampering the gang’s money-making efforts as victims refuse to pay the hackers’ ransoms for fear of violating strict U.S. sanctions laws.

The Conti connection

Security researchers previously found that Royal comprises ransomware actors from previous operations, including Conti, a prolific Russia-linked hacking group that disbanded in May 2022, shortly after a massive leak of the gang’s internal communications sparked by the gang sided with Russia in its unprovoked invasion of Ukraine.

After disbanding, Conti reportedly splintered into different gangs, some of whom formed the Royal ransomware gang months later. Royal soon began targeting hospitals and healthcare organizations and by…

Source…