|
SANDWORM ACTORS EXPLOITING VULNERABILITY IN EXIM MAIL TRANSFER AGENT
Russian cyber actors from the GRU Main Center for Special Technologies (GTsST), field post number 74455, have been exploiting a vulnerability in Exim Mail Transfer Agent (MTA) software since at least August 2019. The cyber actors responsible for this malicious cyber program are known publicly as Sandworm team. [...] Update Exim immediately by installing version 4.93 or newer to mitigate this and other vulnerabilities. Other vulnerabilities exist and are likely to be exploited, so the latest fully patched version should be used. Using a previous version of Exim leaves a system vulnerable to exploitation. System administrators should continually check software versions and update as new versions become available.
https://media.defense.gov/2020/May/28/2002306626/-1/-1/0/CSA%20Sandworm%20Actors%20Exploiting%20Vulnerability%20in%20Exim%20Transfer%20Agent%2020200528.pdf
States plead for cybersecurity funds as hacking threat surges
Cash-short state and local governments are pleading with Congress to send them funds to shore up their cybersecurity as hackers look to exploit the crisis by targeting overwhelmed government offices. Members of Congress have taken notice of cyber threats at the state and local level, both before and during the pandemic, and efforts are underway to address the challenges, though how much will be provided is uncertain amid a fight over the amount of additional coronavirus stimulus.
https://thehill.com/policy/cybersecurity/499262-states-plead-for-cybersecurity-funds-as-hacking-threat-surges
The 10 Most Cyber Crime Prone States
Right now, the top ten US states with the most cyber attacks according to Statistica.com are California, Florida, Ohio, Texas, New York, Illinois, New Jersey, Pennsylvania, Virginia, and Massachesetts. Here is a look at the three top states on this list in detail, what cyber crimes are going on, and why they are happening.
https://www.worldatlas.com/articles/the-10-most-cyber-crime-prone-states.html
More Cyber Training Does Not Mean Fewer Data Breaches
[The] percentage of employees who admitted to sending emails to the wrong person was the highest in organizations that provide security awareness training the most frequently. Nearly two thirds (63%) of employees who receive training every one to three months say they remember sending emails to the wrong person. This drops quite significantly to 43% in organizations that conduct training once a year or less often.
https://www.forbes.com/sites/soorajshah/2020/05/31/more-cyber-training-does-not-mean-fewer-data-breaches/#438347d2640c
Minneapolis Hit with DDoS Attack amid Social Unrest
A distributed denial-of-service attack temporarily disabled a number of the city's websites and systems early Thursday morning, resulting in "some staff and residents' inability to access" them, said city CIO Fadi Fadhil. The cyberattack, which flooded the city's servers with enough traffic to crash them, did not have a lasting impact, according to Fadhil.
https://www.govtech.com/security/Minneapolis-Hit-with-DDoS-Attack-amid-Social-Unrest.html
Secure at Sea: Is your vessel ready for IMO’s Cyber Security compliance?
The Maritime Safety Committee (MSC), at its 98th session in June 2017, adopted Resolution MSC.428(98). This specifically addresses maritime cyber risk management as part of the vessel’s Safety Management System (SMS). The resolution encourages flag administrations to ensure that cyber risks are appropriately addressed in existing safety management systems (as defined in the ISM Code) no later than the first annual verification of the company’s Document of Compliance after Jan. 1, 2021.
https://www.the-triton.com/2020/05/secure-at-sea-is-your-vessel-ready-for-imos-cyber-security-compliance/
COVID-19 SEES FINANCIAL SERVICES HAMMERED BY CYBER ATTACKS
Joel Camissar, regional director of MVISION Cloud Asia Pacific, McAfee told Adviser Innovation that the financial services sector saw a 571 per cent increase in cloud threats from January to April 2020. Most of these external attacks targeted collaboration services like Microsoft 365, and were large-scale attempts to access cloud accounts with stolen credentials. Insider threats remained the same, indicating that working from home has not negatively influenced employee loyalty. Access to the cloud by unmanaged, personal devices doubled, also adding another layer of risk for security professionals in financial services.
https://www.ifa.com.au/news/28046-covid-19-sees-financial-services-hammered-by-cyber-attacks
Career Choice Tip: Cybercrime is Mostly Boring
In examining these businesses, the academics stress that the romantic notions of those involved in cybercrime ignore the often mundane, rote aspects of the work that needs to be done to support online illicit economies. The researchers concluded that for many people involved, cybercrime amounts to little more than a boring office job sustaining the infrastructure on which these global markets rely, work that is little different in character from the activity of legitimate system administrators.
https://krebsonsecurity.com/2020/05/career-choice-tip-cybercrime-is-mostly-boring/
How COVID-19 is Shaping Information Security Training for Dispersed Teams [Podcast]
ClearanceJobs sat down with Dr. Jason Edwards, the Principal of Information Security at USAA. With 20 years of IT/Cybersecurity experience in sectors of military/government, insurance, digital security, banking, and energy, he has a diverse perspective on what cyber hygiene and preventive care best practices defense contractors should be implementing. He is also a 22-year veteran of the U.S. Army as both an enlisted soldier and officer.
https://news.clearancejobs.com/2020/05/29/how-covid-19-is-shaping-information-security-training-for-dispersed-teams/
Congress Fears US Is Losing Battle to Malware and Darkweb Cyberweapons
In response to a question from subcommittee chairman Emanuel Cleaver (D-MO) as to the vulnerability of fintech to hacking, cybersecurity strategist Tom Kellermann warned that the current system is vulnerable to new developments and increasingly remote workflows: “Financial institutions have the best security in the world, but because of telework and because of the customized malware or weaponry that are being developed in the darkweb, primarily the Russian-speaking darkweb. [...] They’ve learned ways around the perimeter defense of the network security espoused by the standards of regulators around the world.”
https://cointelegraph.com/news/congress-fears-us-is-losing-battle-to-malware-and-darkweb-cyberweapons
The Iranian Cyber Threat can no Longer be Underestimated
The unfolding of recent events teaches us a thing or two about Iran's improvement in the field of cyber. Iran may still be far behind Israel and other cyber superpowers, but it continues to evolve and develop new abilities. In addition, it is displaying a growing audacity in using these abilities against its sworn enemies — Israel, the U.S. and Saudi Arabia. Over recent years, the country has been making a clear effort to develop both defensive and offensive capabilities in virtual space, something which can be seen in the allocation of resources and the creation of a clear organizational structure to consolidate its efforts.
https://www.calcalistech.com/ctech/articles/0,7340,L-3827871,00.html
Special forces thwart cyber attack as hackers spread fake news to damage US-Polish relations
Polish news websites have come under cyber-attack aimed at damaging Poland’s military alliance with the United States. The attacks, which targeted several national and regional news sites, involved hackers posting articles ridiculing the effectiveness and preparedness of Polish soldiers and equipment. [...] The article was based on a fabricated interview with Lt. Gen. Christopher G. Cavolin, which had the title “US official had no mercy for Polish soldiers”.
https://www.thefirstnews.com/article/special-forces-thwart-cyber-attack-as-hackers-spread-fake-news-to-damage-us-polish-relations-13032
Iran Struck First. 'Israel' Retaliated Massively. Behind the Cyber War Rattling the Middle East
The Washington Post report said that just two sites were attacked in Israel, but Haaretz has learned that the scope was in fact much broader and included dozens of installations throughout the country, focusing on control centers for water tanks, pumps, pipeline valves and more. [...] The fact that the incident last month was carried out via servers in the United States and Europe indicates a sophisticated effort, even though it was not the first time it was tried.
https://www.haaretz.com/israel-news/iran-israel-cyber-war-middle-east-mossad-persian-gulf-port-1.8858292
Controversial Tech Firms Look to Profit From COVID-19
13 controversial companies are currently promoting their surveillance technologies in a bid to help slow the spread of COVID-19, including:
· 10 Chinese companies, including seven that are on the US Department of Commerce’s ‘Entity List’
· Russia’s NTech Labs and Israel’s AnyVision are promoting their facial recognition technologies
· Spain’s Mollitiam Industries is promoting Open Source Intelligence Solutions
https://www.top10vpn.com/research/investigations/controversial-tech-firms-profit-from-covid-19/
Apple Pays Hacker $100,000 For ‘Sign In With Apple’ Security Shocker
Fast forward to April 2020, and a security researcher from Delhi uncovered a critical Sign in with Apple vulnerability that could allow an attacker to potentially take over an account with just an email ID. A critical vulnerability that was deemed important enough that Apple paid him $100,000 (£81,000) through its bug bounty program by way of a reward.
https://www.forbes.com/sites/daveywinder/2020/05/31/apple-pays-hacker-100000-for-sign-in-with-apple-security-shocker/#50f961a67799
Shodan founder John Matherly on IoT security, dual-purpose hacking tools, and information overload
The free-to-use service can find IP cameras, TV sets, fridges, and coffee makers, as well as industrial infrastructure and control systems, plus conventional servers and routers. This makes it is one of the few, if not the only, tools that can truly map the internet of things. [...] Security was not part of the plan for Shodan: at least, not at first. “The use case I designed Shodan for was market intelligence, not security, risk, fraud detection or the many other things our data are used for today,” Matherly said.
https://portswigger.net/daily-swig/shodan-founder-john-matherly-on-iot-security-dual-purpose-hacking-tools-and-information-overload
Officials see extremist groups, disinformation in protests
As demonstrations spread from Minneapolis to the White House, New York City and overseas, federal law enforcement officials insisted far-left groups were stoking violence. Meanwhile, experts who track extremist groups also reported seeing evidence of the far-right at work. Investigators were also tracking online interference and looking into whether foreign agents were behind the effort. Officials have seen a surge of social media accounts with fewer than 200 followers created in the last month, a textbook sign of a disinformation effort.
https://apnews.com/32bc90566697388645f01675359dcad1
The gender gap in cybersecurity puts us all at risk for online crime
Female internet security professionals put a higher priority on internal training and education in security and risk management. Women are also stronger advocates for online training, which is a flexible, low-cost way of increasing employees’ awareness of security issues. Female internet security professionals are also adept at selecting partner organizations to develop secure software. Women tend to pay more attention to partner organizations’ qualifications and personnel, and they assess partners’ ability to meet contractual obligations. They also prefer partners that are willing to perform independent security tests.
https://www.fastcompany.com/90511054/the-gender-gap-in-cybersecurity-puts-us-all-at-risk-for-online-crime
North Korea accuses U.S. of hurting its image with cyber threat warning
It was the latest in a series of exchanges underscoring the friction between the two countries after denuclearization talks launched by U.S. President Donald Trump and North Korean leader Kim Jong Un stalled late last year. “We want to make it clear that our country has nothing to do with the so-called ‘cyber threat’ that the U.S. is talking about,” North Korea’s Foreign Ministry said in the statement.
https://www.reuters.com/article/us-usa-northkorea-cyber/north-korea-accuses-u-s-of-hurting-its-image-with-cyber-threat-warning-idUSKBN2351SQ
|
