|
Reacting to the Marriott Data Breach
When Marriott acknowledged its data breach, two things happened at CI Security. First, non-cyber security professionals wanted our expertise. Second, companies called and urgently asked for penetration tests. We all got into the cyber security business to help people. Consumers were angry and confused about what happened to Marriott. Many still hold on to the belief that breaches can be completely stopped. We took calls from and answered questions for CNN and Q13 Fox News.
https://ci.security/news/article/reacting-to-the-marriott-data-breach
Marriott Starwood Data Breach Highlights Silent Cyber Risk in Acquisitions
For Marriott, the acquisition was fraught from the beginning, with Starwood disclosing a security breach just days after the deal was announced. Loyalty members also worried that Marriott was less hip, less customer-friendly, and would use its size to take away cherished benefits. When integration started in August, members complained that they were losing status, having problems redeeming rewards and enduring long waits for customer service. [...] “The only way a company the size of Marriott can have a breach this big, for this long is that nobody’s looking for it,” Krebs said.
https://www.insurancejournal.com/news/national/2018/12/03/510811.htm
Quora Breach -- How To Find And Delete Your Account
In order to delete your account quickly, go to the account privacy settings and select "Delete Account". It will ask you for your password in order to confirm the deletion. If the account was created via Google or Facebook, as many are – users will first need to create a password by clicking the "Change Password" link near the top of the page, then click on "create an account password". Once you confirm, the account will be deactivated immediately and the deletion process will begin
https://www.forbes.com/sites/kateoflahertyuk/2018/12/04/quora-breach-how-to-find-and-delete-your-account/#68954dc26e95
Exclusive: Emails of top NRCC officials stolen in major 2018 hack
The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident.
https://www.politico.com/story/2018/12/04/exclusive-emails-of-top-nrcc-officials-stolen-in-major-2018-hack-1043309
#2018InReview Healthcare Cybersecurity
Overcoming cyber threats requires a comprehensive security strategy, which requires skilled talent. There are two ways to procure the required talent: one is to bring cybersecurity professionals into the healthcare industry and train them in the particular challenges and compliance needs—the context—of the industry. The other is to train those already working within the healthcare industry on cybersecurity topics. Given the scarcity of cybersecurity talent, organizations may choose to pursue a combination of the two.
https://www.infosecurity-magazine.com/opinions/2018-review-healthcare/
Why hospitals are the next frontier of cybersecurity
[Despite] increasing efforts and awareness, a number of technological, cultural and regulatory issues complicate healthcare cybersecurity. Security solutions built for the typical business enterprise fall short when they’re applied to the complex world of hospital IT, leaving an urgent, unfilled need for industry-specific innovation. The next frontier of cybersecurity will be in advancing traditional enterprise security to solve the systemic, pressing challenges facing hospitals today – especially as it relates to the emerging Internet of Things (IoT).
https://www.helpnetsecurity.com/2018/12/04/hospitals-cybersecurity/
Cyber is a ‘great big challenge’ for today’s insurance brokers
“Large corporations have got their heads around protecting their businesses from cyberattack for a decade or more, but small businesses in the US are only now waking up to the risks they’re facing. Selling cyber to small business clients is about getting the rate right, the limits right, and articulating the product in such a way that they can understand it. Small business owners will easily shy away from a product if they don’t truly understand what they’re buying and how it works.”
https://www.insurancebusinessmag.com/us/news/cyber/cyber-is-a-great-big-challenge-for-todays-insurance-brokers-117860.aspx
Recognising and Preventing Multi-Cloud Security Risks Within the Financial Services Sector
Traditional security solutions are simply no longer sufficient to protect a digital-dependent organisation. The threat of cloud-based malware means that in order to effectively secure both cloud solutions and network integrity, network elements need to be combined into a unified security fabric that can secure endpoints and clouds, while adding effective segmentation across the physical and digital network elements.
https://www.finextra.com/blogposting/16377/recognising-and-preventing-multi-cloud-security-risks-within-the-financial-services-sector
Mastercard and Microsoft say they're developing a universal identity management solution
The partnership aims to develop a universal service that lets users prove their identity. The companies say it would work for everything including opening a new bank account, applying for a loan, online shopping, filing taxes, applying for a passport and simply logging into to online accounts. “We will share more about product specifics in early 2019 but we see the need for a system that could drive convenience, security and simplicity for users interacting digitally across many vertical markets while removing unnecessary time and costs from the identity verification process,”
https://www.cyberscoop.com/identity-management-microsoft-mastercard-partnership/
More on that spearphishing campaign against State, think tanks, others
“Our sensors revealed that the campaign primarily targeted public sector institutions and non-governmental organizations like think tanks and research centers, but also included educational institutions and private-sector corporations in the oil and gas, chemical, and hospitality industries,” Microsoft’s research and threat intelligence teams said in the blog post. The company acknowledged that other firms had attributed the campaign to APT 29, the Russian intelligence service also known as Cozy Bear, but it said it “does not yet believe that enough evidence exists to attribute this campaign” to that group.
https://www.politico.com/newsletters/morning-cybersecurity/2018/12/04/more-on-that-spearphishing-campaign-against-state-think-tanks-others-440016
Nation-states, terrorists place critical infrastructure in their cross-hairs
These attacks will be designed to spread maximum chaos, fear and confusion. The stricken city, or cities, will be brought to a standstill, with both lives and businesses placed in jeopardy. Those at home will be unable and unwilling to go to work, or – without power or communications – unable to work from home. Those already in the office will be trapped with nowhere to escape to, as attacks hit them from every angle. Existing business continuity plans will be useless; they will not have been prepared to cater for an eventuality when every system is down while individuals are in physical danger. People will panic. Work will be off the agenda.
https://www.scmagazine.com/home/opinions/nation-states-terrorists-place-critical-infrastructure-in-their-cross-hairs/
Securing America’s Connected Infrastructure Can’t Wait
In 2015, then-Director of National Intelligence James Clapper [...] foresaw “an ongoing series of low-to-moderate level cyber attacks from a variety of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security.” It seems the prediction is being borne out. In October 2016, Mirai malware impacted large portions of the internet, launching a distributed denial of service attack that exploited security weaknesses in devices like home routers, webcams, and DVR systems. The result was a coordinated flood of web traffic that overwhelmed internet services along the east coast — and while it didn’t compromise industrial systems, it provided a glimpse into the dangers of insecure Internet of Things devices.
https://warontherocks.com/2018/12/securing-americas-connected-infrastructure-cant-wait/
The Fight Against Disinformation in the U.S.: A Landscape Analysis
In the chaos, polarization has emerged and pushed society to question, “what is true?” In his talk at the Institute of Politics at the University of Chicago in February 2017, Silverman defines how he sees truth being assessed: “Whoever has the most people and activates them the most effectively determines what truth is.” Digital content is all about the number of viewers available to click. The difference from the age of the written word is that this digital content is so much easier to produce and the market for creating and consuming it is global in scale.
https://shorensteincenter.org/the-fight-against-disinformation-in-the-u-s-a-landscape-analysis/
Dozens of signatories added to Paris cyber agreement
The “Paris Call for Trust and Security in Cyberspace," unveiled by French President Emmanuel Macron during the Paris Peace Forum on Nov. 13, has now earned more than 450 signatories. [...] The U.S. has declined to add its name to the list, making it one of a handful of Western countries to distance itself from the document. Australia was initially not among the participating nations, but has since signed the agreement. The signing parties, which include global nonprofits and tech companies, agreed on principles meant to limit offensive and defensive cyber weapons. Signatories also committed to acting to prevent foreign election interference and to protect civilians from cyberattacks.
https://thehill.com/policy/cybersecurity/419508-dozens-of-signatories-added-to-paris-cyber-agreement
Oath Will Pay $5 Million to Settle Charges of Violating Children's Privacy
According to the New York attorney general’s office, AOL used its ad exchange program to place targeted ads on hundreds of sites directed at users under the age of 13. It reportedly did so using visitors’ personal data, including geolocation and cookies. This would be a violation of COPPA, which requires companies to receive explicit permission from parents before collecting online information from children under 13 or ad-targeting children based on their online activity.
https://gizmodo.com/oath-will-pay-5-million-to-settle-charges-of-violating-1830851817
Marriott Cyberattackers May Be Playing Longer Game With Stolen Information
“The involvement of payment card data indicates that there might be a financial criminal motive, and that’s usually what we see—but it’s not entirely clear that it was limited to that because usually, if there’s a financial motivation, you take the credit card information and get out,” Boshell said. On the other hand, Zohar Pinhasi, CEO of the cybersecurity firm MonsterCloud, didn’t find that situation to be unusual at all. His business deals regularly with clients who have their personal information stolen and then used as blackmail material by bad actors.
https://www.law.com/legaltechnews/2018/12/04/marriott-cyber-attackers-may-be-playing-longer-game-with-stolen-information/
Hackers step out of the shadows with bigger, bolder attacks
"All these groups like APT28 or Lazarus, they're putting less effort into hiding their operations. It's probably because everyone knows these attacks will happen and they just want to get to specific data or have a specific influence," says Maya Horowitz, director of threat intelligence and research at Check Point Software. "In the past, they used to go under the radar, they used to have their own opsec so that no one would know that there's any attack and nobody would talk about cyber and APTs. Now part of the process is just to create chaos -- so if it's revealed, maybe it's even better, because it makes people scared."
https://www.zdnet.com/article/cyber-security-hackers-step-out-of-the-shadows-with-bigger-bolder-attacks/
Kubernetes' first major security hole discovered
And the bug, CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It's a CVSS 9.8 critical security hole. With a specially crafted network request, any user can establish a connection through the Kubernetes application programming interface (API) server to a backend server. Once established, an attacker can send arbitrary requests over the network connection directly to that backend. Adding insult to injury, these requests are authenticated with the Kubernetes API server's Transport Layer Security (TLS) credentials.
https://www.zdnet.com/article/kubernetes-first-major-security-hole-discovered/
Private data of more than 82 million US citizens left exposed
The information contained in the server included “first name, last name, employers, job title, email, address, state, zip, phone number, and IP address,” explains Diachenko. On the whole, the three IPs offered public access to the unsecure private database of nearly 56,934,021 million records but some had an additional index of records, which offered extra information such as “carrier route, latitude/longitude, census tract, phone number, web address, email, employees count, revenue numbers, NAICS codes, SIC codes.”
https://www.hackread.com/private-data-of-more-than-82-million-us-citizens-stand-exposed/
Recruiting in the age of the cyber security skills gap: challenges to overcome
1. People may prefer working at tech-centric companies
2. The skills gap is already substantial
3. Communication skills are critical but lacking
4. The tech industry has higher-than-average turnover rates
https://www.information-age.com/recruiting-in-the-age-of-the-cyber-security-skills-gap-123476988/
New Ransomware Spreading Rapidly in China Infected Over 100,000 PCs
It also includes an additional ability to steal users' account passwords for Alipay, NetEase 163 email service, Baidu Cloud Disk, Jingdong (JD.com), Taobao, Tmall , AliWangWang, and QQ websites. A Supply Chain Attack — According to Chinese cybersecurity and anti-virus firm Velvet Security, attackers added malicious code into the "EasyLanguage" programming software used by a large number of application developers. The maliciously modified programming software was designed to inject ransomware code into every application and software product compiled through it—another example of a software supply-chain attack to spread the virus rapidly.
https://thehackernews.com/2018/12/china-ransomware-wechat.html
|
