Facebook has no plans to notify individuals whose information was exposed because the company claims it does not know who was affected. Despite the patch in September 2019, 419 million records contain…
Posts tagged "Million"
IOTW: A Popular Video Game Was Hacked, Compromising 46 Million Records
The gaming industry has been a desirable target for cyber criminals as of late, with popular games and gaming companies like Among Us, Capcom, and Minecraft falling victim to hackers and scammers.
Tencent invests $40 million in Indian music streaming app Gaana – a Hotshot move
India had banned several Chinese made apps that were linked to Tencent, its investments in Gaana came within hours of the latest ban of 118 apps by the federal government.
Incident Of The Week: Garmin Pays $10 Million To Ransomware Hackers Who Rendered…
On July 23, Garmin users went to Twitter to express their concern over inaccessible website features. Four days later, Garmin released an official statement confirming that a cyber attack had taken pl…
Apple to pay up to $500 million for deliberately slowing older iPhones
Towards the end of 2017, Apple fessed up, admitting that it had been deliberately and secretly slowing older models of iPhone in order to eke out extra life from their aging batteries. Understandably, the company’s customers weren’t happy and the stealthy throttling led to several lawsuits.
Now, the Cupertino firm has filed a settlement in a California court, agreeing to pay up to $ 500 million (with a minimum of $ 310 million) in the form of payments to affected US customers.
This includes $ 25 to anyone who owned one of the affected iPhones (listed below) and sums of either $ 1,500 or $ 3,500 to members of the class action lawsuit.
These amounts will vary depending on how many people claim, as individual payouts will decrease if they exceed the maximum total of $ 500 million. However, if fewer people claim, the $ 310 million will go further for each individual (after $ 93 million is taken off for legal fees, of course).
Affected smartphones are considered any of the following, so long as they were running iOS 10.2.1 or later or, in the case of iPhone 7 and 7 Plus, it could have been running iOS 11.2 or later so long as it was doing so before December 21, 2017.
- iPhone 6
- iPhone 6 Plus
- iPhone 6s
- iPhone 6s Plus
- iPhone 7
- iPhone 7 Plus
- iPhone SE
The case against Apple claimed that, due to the processor speeds slowing, consumers were being led to believe their current smartphone was nearing its end of life earlier than it actually was.
This prompted them to upgrade to a newer model, at considerable cost, when they could have simply replaced the battery had they known that was the cause of the issue.
The settlement allows Apple to deny that it did anything wrong in the legal sense, and the individual compensation has been described as “fair, reasonable, and adequate” by lawyers representing the consumers, according to Reuters.
FBI: Over $140 million handed over to ransomware attackers
By analyzing bitcoin wallets and ransom notes, the FBI has determined that cybercrime victims paid over $ 140m to ransomware operators over the past six years.
At this year's RSA security conference, FBI Special Agent Joel DeCapua presented in his findings during two sessions in which he explained how he was able to use bitcoin wallets and ransom notes collected by the FBI, shared by private partners or found on VirusTotal to figure out how much victims paid in ransom payments.
According to DeCapua, between October 2013 and November 2019, approximately $ 144,350,000 was paid in bitcoins to ransomware actors. However, this figure does not include operation costs related to these attacks but just the ransom payments that were made.
- New York wants to ban paying ransomware demands
- Donald Trump ransomware spreads dangerous malware
- FBI warns that hackers are targeting software supply chain providers
When it came to the most profitable ransomware families, Ryuk brought in the most money for ransomware operators at $ 61.26m followed by Crysis/Dharma at $ 24.48m and Bitpaymer at $ 8.04m. It's worth noting that the actual amount of payments made over these six years is likely much higher as the FBI does not have access to all of the data surrounding ransomware attacks, as many businesses keep them secret to prevent hurting their stock prices.
Defending against ransomware
During his sessions at RSA, DeCapua also provided some tips on how companies and individuals can avoid falling victim to ransomware attacks.
DeCapua revealed that the Windows Remote Desktop Protocol (RDP) is the most common method that ransomware attackers are able to gain access to a network before deploying ransomware. In fact, RDP accounts for 70-80 percent of network breaches which is why he recommends that organizations use Network Level Authentication (NLA) for additional protection.
With NLA, clients are required to authenticate themselves with the network before they can actually connect to the remote desktop server. This provides increased security against preauthentication exploits though, DeCapua also suggested that unique and complex passwords should be used for RDP accounts.
Additionally, DeCapua suggests that businesses and individuals be careful of phishing attacks, install software and operating system updates, use complex passwords, monitor their networks and have a contingency plan with backups to prevent falling victim to a ransomware attack.
- We've also highlighted the best antivirus software
Via BleepingComputer
$450 Million Cybersecurity Investment Fund Formed
An increase in threats and cyber-attacks against enterprise systems, data and personnel requires an investment in innovative organizations to provide defensive solutions. ForgePoint Capital has announ…
Incident Of The Week: Security Researcher Uncovers 440 Million Records From Esté…
A security researcher discovered an exposed database containing 440 million records belonging to beauty manufacturer Estée Lauder. The data for a middleware system was publicly accessible. In this Inc…
Incident Of The Week: Misconfigured Servers Result In 250 Million Microsoft Cust…
A misconfiguration applied to five Elasticsearch database servers in December 2019 led to the exposure of 250 million customer support records for software maker Microsoft. How should less sophisticat…
Incident Of The Week: Zynga Security Breach Affects 170 Million User Accounts
Mobile game developer Zynga disclosed unauthorized access to 170 million user records. With personal data at stake, an openness and level of transparency is needed by businesses when communicating wit…