Data Privacy Weekly: Your Industry News Series

01. SEC Mandates 4-Day Disclosure of Cyber Attacks by US Firms

New SEC rules mandate U.S. companies to disclose cyber attacks with a “material” impact within four days. SEC chair Gary Gensler emphasizes the need for consistent and comparable cybersecurity disclosure. The policy requires companies to reveal incident details, material risks, and remediation efforts.

However, disclosing specific technical information impeding response or remediation is not required. The move aims to enhance transparency, cyber defense, and data protection. Concerns are raised about the tight timeframe, as it may lead to inaccurate disclosures or security risks. Other countries have varying timeframes for reporting cyber incidents.

SEC Mandates 4-Day Disclosure of Cyber Attacks by US Firms
Russian Cybercriminal 'Megatraffer' Trafficking Fake Code-Signing Certificates

02. Russian Cybercriminal ‘Megatraffer’ Trafficking Fake Code-Signing Certificates

The investigation by Brian Krebs exposes the operations of Russian cybercriminal “Megatraffer,” who specializes in trafficking fake code-signing certificates. These certificates are crucial for ensuring the authenticity and security of software. Megatraffer’s scheme involves offering stolen or falsified certificates, making it easier for malware to spread undetected.

The cybercriminal has been active since 2015 and has expanded his business to various cybercriminal forums. He has also provided services to ransomware groups, including helping Conti with their malware. Intel 471, an American threat intelligence company, has identified Megatraffer as Konstantin Evgenievich Fetisov, an experienced cybercriminal involved in spam networks in the past.

03. TLS Error Causes Microsoft SharePoint Outage

Microsoft SharePoint experienced an embarrassing outage due to a TLS error. Around 8:00 pm BST, users reported difficulties accessing Outlook, Teams, and other Microsoft services, with 71% of complaints relating to Outlook. SharePoint accounted for about 18% of MS365 outage complaints. The problem arose from a wrongly added German TLS certificate to the main domain. Fortunately, Microsoft fixed the issue in about 10 minutes. However, reports of disruptions continued until 10:00 pm BST and resurfaced at 8:00 am BST the next day. Such incidents emphasize the vulnerability of online services and the importance of suitable backups.

TLS Error Causes Microsoft SharePoint Outage
Estée Lauder Faces Data Breach by Ransomware Groups

04. Estée Lauder Faces Data Breach by Ransomware Groups

Cosmetics giant Estée Lauder faces a data breach as two ransomware groups claim responsibility for stealing vast amounts of information. Estée Lauder confirmed the cybersecurity incident, stating that an unauthorized third party accessed some of its systems and obtained data. The extent of the compromised data is under assessment, and the company has engaged external cybersecurity experts and informed law enforcement. The Cl0p and BlackCat/Alphv ransomware gangs assert involvement, with the latter still claiming access despite intervention from Microsoft and Mandiant. This incident marks the second data breach for Estée Lauder, following a previous exposure of 440 million records in 2020.

05. Over 400,000 Corporate Credentials Stolen by Malware

Over 400,000 corporate credentials were stolen by info-stealing malware. Cybersecurity analysis of 20 million malware logs from the dark web and Telegram channels exposed significant infiltration into business environments. Info-stealers target careless internet users but also impact corporate environments when employees use personal devices for work.

The analysis found 375,000 logs containing access to business applications like Salesforce, Hubspot, Quickbooks, AWS, and more. Cybercriminals value corporate credentials for potential profits in deploying backdoors, ransomware, and other attacks. Businesses are advised to enforce password managers and multi-factor authentication and educate employees on avoiding common infection channels.

Over 400,000 Corporate Credentials Stolen by Malware

Explore the full range of services offered by Encryption Consulting.

Feel free to schedule a demo to gain a comprehensive understanding of all the services Encryption Consulting provides.

Request a demo