D3Damon/Getty Images All PCs that were designed for Windows 10 or Windows 11 support strong data encryption. On devices running any edition of Windows 10 or Windows 11, you can use a feature called device encryption, which works only on the system drive. PCs running the Pro, Enterprise, or Education editions of Windows include a […] More

In a letter to New Hampshire Attorney General John Formella, audio equipment company Bose revealed that it was hit with a ransomware attack on March 7. 

The letter does not say what kind of ransomware or identify which group was behind the attack, but it explains that the company “experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across Bose’s environment.”By April 29, Bose and forensic analysts determined that those behind the attack managed to access internal administrative human resources files that contained the social security numbers, addresses, and compensation information of some employees, including six people who live in New Hampshire. The company said it could not confirm that the people behind the take did not take files or information out of the system. It is unclear if a ransom was paid. Bose is now working with a private company and the FBI to search the dark web for any leaked information but hasn’t found any indication that its data has been leaked, according to the letter. The company has now implemented “enhanced malware/ransomware protection” on endpoints and servers, blocked malicious files used during the attack, put in place monitoring tools to watch for subsequent attacks, and more. The six employees living in New Hampshire were offered free identity protection services through IdentityForce for just 12 months while being told to “remain vigilant” and monitor their own accounts in a letter sent out to those affected on May 19.  

Cybersecurity experts said the public notifications forced on companies hit with ransomware attacks were important as other organizations try to protect themselves from similar attacks.Saryu Nayyar, CEO of Gurucul, commended Bose for publicly disclosing the attack but noted that the timeline of events the company described in the letter was problematic. “It’s important to share what thieves are doing as they are doing it to engage the necessary authorities and cyber defense experts to lessen the ripple effect of the attack. The notification letter was pretty thorough, however, the timelines are concerning. It took Bose 1.5 months to discover which data was accessed and potentially exfiltrated. It took another 3 weeks for the company to notify the affected individuals, which is a lifetime for an attacker to use that data for malice,” she said. Other experts also noted the lengthy response time from Bose, which may have endangered the people affected by the breach. Pathlock president Kevin Dunne said Bose could have reacted faster and taken more responsibility for the attack while also laying out a clear plan for how they would prevent these future attacks from happening. “There is a lesson learned from this attack for all enterprises — keep your business-critical data in the applications where it can be managed and monitored, not in spreadsheets or other unmanaged databases,” Dunne said. “Employee data is sensitive data just like customer, financial, or IP-related data. Enterprises should invest in an HRM system and make sure that they have good access control and data loss prevention in place to limit the risk of potential damage from employee data loss.”He added that there is a great divide in attitudes when it comes to stakeholders involved in a cybersecurity attack.  Some companies, he explained, are overly cautious when reporting attacks on their systems because they want to avoid attracting further attacks or tipping their hand to ransomware groups that prey on a company’s need to solve a problem quickly.  But the employees affected by the attack will want to be notified as quickly as possible so they can monitor for any unusual activity in their compromised accounts, Dunne added. “Shareholders are often torn, as making information about a breach public can often sink a stock price dramatically, but on the flip side, expectations can be managed better when the public is informed as early as possible about a breach,” he told ZDNet. Jack Mannino, CEO at nVisium, said different states and industries have different requirements for reporting incidents. But he urged any attacked companies to be proactive about notifying victims in order to limit the scrutiny that inevitably comes after a breach. Some experts, like Shared Assessments CISO Tom Garrubba, said there was a misperception among some companies that they only have to disclose breach information if they are publicly traded or operate in a regulated environment. “Regardless of your industry, trying to keep such cards close to the chest can hinder the long-term ability of improving your cyber hygiene to fend off future events. By believing lightning doesn’t strike twice, therefore, the organization may refuse to properly fund needed improvements to your cyber hygiene,” he said. “This poses a false sense of security that by dodging the bullet of ‘going public’ the attitude may be one of ‘it won’t happen again’ since no one really knows about it. And if it does happen again and details leak of a previous breach? You may then see a rot in both your consumer base along with your business dealings as your reputation tarnishes. The overall key to success in this instance is transparency. It truly is a ‘currency’ in this world.”  More

It’s September, which means fall seasonal sales and early holiday savings are on the horizon. Labor Day is in the rearview, but plenty of the biggest sales of the year will be creeping up soon, and Amazon’s October Prime Day (usually formally called Prime Big Deal Days) event is one you can’t miss. The retailer has yet to officially confirm the sale or share specific dates, but trust that an announcement should be coming soon. Amazon typically unveils its fall sale dates in mid-September, and last year the fall Prime Big Deal Days event ran from Oct. 8-9. Also: 3 money-saving tricks I use every time I shop online – and you should tooZDNET will monitor for all-time low prices and big price drops on categories our editors test and love. That’s why we’ve compiled everything we know about the event on this page, including early deals on smart home gear, mobile accessories, and more. Here’s what we know so far. Follow ZDNET: Add us as a preferred source More

By Ink Drop — Shutterstock
Under Twitch’s latest content policy update, the streaming platform said it will ban “harmful misinformation actors” from using its service.”We’re proud that Twitch can bring people together — but we do not believe that individuals who use online services to spread false, harmful information, have a place in our community,” the company said in a blog post. According to the company, it will apply a ban on users whose online presence is dedicated to persistently sharing widely disproven and broadly shared harmful misinformation topics, such as conspiracies that promote violence, whether it is on Twitch or not.”We will only enforce against actors who meet all three of these criteria, and our off-service investigations team will be conducting thorough reviews into each case,” the company said. Some content covered under the policy includes COVID-19 vaccines or harmful health information, and content that “undermines the integrity of a civic or political process” such as electronic fraud, and terrorist or extremist propaganda.  Twitch assured that it’s unlikely the update will have an impact on most of its streamers or viewers, and that harmful misinformation is not prevalent on its platform. But the company wanted to take the precautionary step to curb any potential harm. “Our goal is to prohibit individuals whose online presence is dedicated to spreading harmful, false, information from using Twitch,” the company added. Meanwhile, Reddit joins a growing list of platforms that have taken a stance against Russian state-backed media outlets amid Russia’s invasion of Ukraine. Reddit said in a blog post it will ban users globally from posting links to Russian state media outlets like Russia Today, Sputnik, and their foreign language affiliates.Additionally, it will continue to not accept advertisements that target Russia or originate from any Russian-based government or private entity, Reddit stated.Others that have also decided to remove content, restrict discoverability, or stop actively promoting content from Russia include Meta, Twitter, Google, Microsoft, YouTube, and many more. RELATED COVERAGE More

Cloud security company RiskIQ has been bought by Microsoft for $500 million, according to Bloomberg.  RiskIQ said last year that its cybersecurity programs are used by 30% of the Fortune 500 and more than 6,000 total organizations across the world, including the US Postal Service, BMW, Facebook and American Express. In a blog post, Microsoft cloud security vice president Eric Doerr said they were acquiring the company to help customers “build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence.”In the last year, Microsoft has purchased IoT security firms CyberX and ReFirm Labs to boost its cybersecurity offerings. Microsoft paid the $500 million in cash, Bloomberg reported. The tech giant has brought in more than $10 billion in revenue from security products over the last year.  “As organizations pursue this digital transformation and embrace the concept of Zero Trust, their applications, infrastructure, and even IoT applications are increasingly running across multiple clouds and hybrid cloud environments,” Doerr said. “Effectively the internet is becoming their new network, and it’s increasingly critical to understand the full scope of their assets to reduce their attack surface. RiskIQ helps customers discover and assess the security of their entire enterprise attack surface—in the Microsoft cloud, AWS, other clouds, on-premises, and from their supply chain.”Doerr touted RiskIQ’s PassiveTotal community that crowd-sources threat intelligence from around the globe. 

He said organizations can use RiskIQ threat intelligence “to gain context into the source of attacks, tools and systems, and indicators of compromise to detect and neutralize attacks quickly.””The combination of RiskIQ’s attack surface management and threat intelligence empowers security teams to assemble, graph, and identify connections between their digital attack surface and attacker infrastructure and activities to help provide increased protection and faster response,” Doerr explained.RiskIQ co-founder and CEO Elias Manousos said RiskIQ’s Attack Surface and Threat Intelligence solutions will be added to the Microsoft Security portfolio, which include Microsoft 365 Defender, Microsoft Azure Defender, and Microsoft Azure Sentinel.In his own blog post, Manousos said that the company works with “hundreds of the Global 2,000” and that their “community has grown to more than 100,000 security professionals.””We’ll continue to support, nurture, and grow this community with Microsoft. We’ll also continue to grow and work with the valued members of our Interlock Partner Program. We’re joining Microsoft to extend and accelerate our reach and impact and are more committed than ever to executing our mission,” Manousos said. “We’ll work closely with our customers as we integrate RiskIQ’s complementary data and solutions with Microsoft’s Security portfolio to enable best-in-class solution attack surface visibility, threat detection, and response.”RiskIQ raised $83 million from Battery Ventures, Georgian, Summitt Partners, MassMutual Ventures, National Grid Partners and Akkadian Ventures in capital funding before the Microsoft acquisition, according to Crunchbase.  More