Tag: google
Big tech goes nuclear
America’s leading technology companies are now engaged in their own nuclear power race. Advertising and search giant Google has announced that it has signed the world’s first corporate agreement to purchase nuclear energy from multiple small modular reactors (SMR), to be developed by Kairos Power. By investing in its own nuclear energy facilities, Google has now joined the ranks of Amazon, Microsoft, and Oracle in investing heavily in nuclear facilities to power the rollout of new services based around their prematurely launched artificial intelligence (AI) services. According to a recent report from US Madison Avenue investment bankers, Jeffries: “If it feels like Graphics Processing Units (GPUs) are suddenly everywhere, it’s because they are. GPUs drive computation across a wide range of industries and applications, from big data analytics to machine learning [AI].”
Cybercriminals crack MFA defenses
Cybercriminals are now using social engineering techniques developed to crack passwords to break through multi-factor authentication (MFA) defenses, such as sending a code to another device, such as the user’s smartphone. According to the UK’s National Cyber Security Centre (NCSC) report, Not all types of MFA are created equal...: “Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA. We’ve seen the success of attacks against MFA-protected accounts increasing over the past couple of years.”
Cybercriminals capitalize on CrowdStrike outage
Organized cybercriminal gangs have lost little time in attempting to cash in on the ongoing CrowdStrike/Windows outage currently affecting banks, airlines and businesses. According to the UK’s National Security Cyber Centre: “An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation. This may be aimed at both organizations and individuals.”
Exclusive: Expanding AI data centers have become tempting targets
Big Tech’s rapidly-expanding server farms are becoming increasingly tempting targets for ransomware gangs. In their Gadarene rush to be first with AI-based services, companies such as Google and Microsoft are not only abandoning any previous pretences about reducing their greenhouse emissions and energy consumption, they are also inadvertently building increasingly tempting targets for organized cybercriminals and nation-state threat actors. The online industry’s vast data centers and server farms run on similar operational technology (OT) systems to other industrial facilities. Originally designed to run offline, these systems are notoriously difficult to secure, particularly when they need to interface with newer information technology (IT) systems.
Law Enforcement Ramp-Up Efforts to Capture ‘Emotet’ Mastermind – June 3rd
The law enforcement agencies behind Operation Endgame are seeking information about Odd, who is allegedly behind the ‘Emotet’ malware. Initially a banking trojan, the 'Emotet' malware evolved into a tool that delivers an array of payloads, including TrickBot, IcedID, QakBot, and others.
Android Malware Posing as WhatsApp, Instagram, and Snapchat – May 15th
The SonicWall Capture Labs team reported on threat actors developing malicious, fake Android apps to impersonate Google, Instagram, Snapchat, WhatsApp, and X. When downloaded by victims and once permissions have been granted to use them, illegitimate apps aim to steal sensitive data from Android devices, such as contacts, text messages, call logs, and passwords.
Zscaler Clarifies, Only The Test Server Was Compromised – May 14th
In conclusion, in its investigations on hacking claims, Zscaler found that only an isolated test environment was compromised. The investigation arrived after a hacker named 'IntelBroker' confirmed that he breached Zscaler, offering to sell their data for $20K. The incident investigation is now also being conducted with Europol.
Rubrik listing underlines strength of cyber sector
The cyber sector has received another boost with the initial public offering (IPO) of shares in Microsoft-backed cloud-based cybersecurity firm Rubrik, valuing the company at around $6.5 billion. Last week also saw that US private equity (PE) firm Thoma Bravo is to take UK cybersecurity company Darktrace private in a deal valuing the firm at over $5 billion. Orders for Rubrik’s IPO were reported to be oversubscribed for 20 times the 23.5 million shares on offer, with half of the shares allocated to top institutional investors. This investor appetite for the cyber stock is being seen as a testimony to the robustness of the cybersecurity sector, as Rubrik posted operating losses of $307 million last year. But it is the company’s current growth curve that seems to have spurred on investors, with annual recurring revenues reported at $784 million as of the end of 2023, up 47% on the year before.
Ransomware drives corporate cyber-crime
Cybercriminals are getting greedier. According to Google subsidiary Mandiant’s M-Trends 2024 Special Report, the proportion of financially motivated intrusions grew from more than a quarter of all investigations (26 percent) in 2022 to over a third (36 percent) in 2023. Ransomware-related intrusions represented almost two-thirds of financially motivated intrusions and 23 percent of all 2023 intrusions; the remaining financially motivated intrusions included business email compromise (BEC) fraud and cryptocurrency theft. In 70 percent of cases, organizations learned of ransomware-related intrusions from external sources. In three-quarters of those cases, organizations were notified of a ransomware incident by an attacker ransom message. The remaining quarter came from external partners, such as law enforcement or cybersecurity companies. “This is consistent with the extortion business model in which attackers intentionally and abruptly notify organizations of a ransomware intrusion and demand payment,” says Mandiant.
Cyber Consultant Claims Universities are More Vulnerable to Cyber Attacks – April 8th
Highlighting the severity of the University of Winnipeg data breach, Cybersecurity consultant Kathy Knight asserts that the education sector is one of the most vulnerable to cyber attacks, potentially leading to significant data loss and privacy breaches. “The thing about universities is they’re very big, complex institutions … and they collect a lot of information and data that is very attractive to cyber criminals. So that puts them really, at the top of the list, in terms of attack targets,” she said.
Google to Remove Billions of Personal Data to Settle Privacy Case – April 2nd
Google agreed to remove billions of personal records amid the previously announced lawsuit, accusing the tech giant of illegal surveillance. The personal records belong to approximately 136 million Google Chrome users. To add to the settlement, Google will add more disclosures of the terms for their 'incognito mode' feature.
‘INC Ransom’ Group Threatens to Release NHS Data – March 28th
The 'INC Ransom' ransomware group publicly threatened to release three terabytes of NHS Scotland sensitive patient and staff data, after publishing a smaller sample size proving the viability of the threat. NHS Dumfries and Galloway's efforts to prevent the attack from being repeated are underway in collaboration with Police Scotland and the National Cyber Security Centre (NCSC).