|
‘Way More Fun Than A Lot Of Jobs’: Colorado Girl Scouts Take On Cyber Challenge
They solved a hypothetical ransomware attack in a mission that was out of this world. “So there’s this oxygen tank on the moon and apparently someone hacked into it,” Cassidy Christian, a scout from Littleton, explained of the assignment. While their task was based on science fiction, the girls used real-life techniques — like coding, running trace routes and identifying phishing schemes — to determine who was behind the attack.
https://denver.cbslocal.com/2019/10/20/colorado-girl-scouts-cyber-challenge/
New America Releases Report on Health Cyber Risks
The authors’ recommendations focus on culture, technology, and the workforce. On culture, the report recommends that norms need to shift around healthcare cybersecurity, and suggests government standards as a way to achieve that shift. The report also recommends more multi-tiered information sharing, and a cybersecurity budget per patient ratio.
https://www.meritalk.com/articles/new-america-releases-report-on-health-cyber-risks/
Hackers Targeting Healthcare with Social Engineering, Email Spoofing
For each healthcare organizations targeted by malicious emails, 65 staff members were targeted during the campaign in the first quarter of 2019. The report showed that high-ranking employees were not always the main target. Hackers also sought those with access to the right data, people, or systems. “In other cases, it’s someone with a public-facing email address,” researchers wrote. “These can include shared accounts and email aliases, which are usually permanent, forward email to several recipients, and hard to secure with multifactor authentication.”
https://healthitsecurity.com/news/hackers-targeting-healthcare-with-social-engineering-email-spoofing
Baltimore to Buy $20 Million in Insurance in Case of Another Cyber Attack
“As the world changes and as criminal acts change, you have to adjust,” City Council President Brandon Scott said. “This is an adjustment well worth it to protect the citizens of Baltimore and most importantly protect their taxpayer dollars in the event this happens again.” Sometimes insurers will advise cities to pay ransom demands as the path of least resistance, a step Baltimore refused to take in May after hackers froze thousands of city computers and demanded about $76,000 in bitcoin to unlock them.
https://www.wsj.com/articles/baltimore-to-buy-20-million-in-insurance-in-case-of-another-cyber-attack-11571246605
ETFs in Focus as Cyber Security Market Momentum Picks Up
Given the severity of the situation, global expenditures on IT security are expected to increase 8.7% year over year in 2019, per Gartner’s forecast. In fact, Cybersecurity Ventures expects the worldwide expenditure on cybersecurity to surpass $1 trillion cumulatively from 2017 to 2021. Per a Grand View Research report, the global cyber security market is expected to reach a worth of around $241.1 billion at a CAGR of 11% from 2019 to 2025.
https://www.zacks.com/stock/news/571845/etfs-in-focus-as-cyber-security-market-momentum-picks-up
Dtrack Malware Detected in Financial Institutions in India: Kaspersky
Explaining about Dtrack, Kaspersky's Security Researcher Konstantin Zykov, in a recent event in Delhi, had said: "The large amount of Dtrack samples we found demonstrated that Lazarus is one of the most active APT (Advanced Persistent Threat) groups, constantly developing and evolving threats in a bid to affect large-scale industries and seeking to evade detection." "Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets."
https://gadgets.ndtv.com/internet/news/dtrack-malware-detected-in-financial-institutions-in-india-kaspersky-2119559
Cyberhackers targeting banking systems, municipalities for bigger payouts, US Secret Service says
“The bad guy will take the email, change the wiring instructions and then continue the email to the person who was expecting to receive it,” Gemperle said. The new wiring routing number will go to a fraudulent account. Many times, the transfers will take place on Thursdays or Fridays, so that crooks can have more than 72 hours to complete the illegal transfer before it is caught.
https://www.ksat.com/news/cyber-hackers-targeting-banking-systems-municipalities-for-bigger-payouts-us-secret-service-says
Banks deny compensation when hackers steal customers' money
In an email, Scotiabank said his claim was denied because the transaction was authorized from an internet address where he has "extensive history." Security experts tell Go Public that hackers can access a bank account from a victim's IP address by taking over an infected computer and logging in as if they were that person. Lidhar says Scotiabank wouldn't explain how the fraud happened, adding that only he has access to his account. "They're trying to blame me," he said. "And they haven't told me anything about who it went to."
https://www.cbc.ca/news/business/banks-deny-compensation-online-fraud-security-1.5322982
Chinese Hackers Targeted International Aerospace Firms for Years
In a new report (PDF), Crowdstrike’s security researchers explain how a mixture of cyber actors helped China fill technology and intelligence gaps that eventually resulted in significant advancements in the production of dual-use turbine engines. “Beijing uses a multifaceted system of forced technology transfer, joint ventures, physical theft of intellectual property from insiders, and cyber-enabled espionage to acquire the information it needs,” the report reveals.
https://www.securityweek.com/chinese-hackers-targeted-international-aerospace-firms-years
Reassessing U.S. Cyber Operations Against Iran and the Use of Force
A definitive answer to this question is difficult to identify. On the one hand, traditionally, intention has been a factor considered when determining whether a conventional, kinetic operation amounts to a use of force, as well as whether it is also sufficiently serious to cross the higher threshold of an armed attack within the meaning of article 51 of the Charter, that is, whether a use of force is serious enough to engage the victim state’s entitlement to respond with force in self-defense.
https://www.justsecurity.org/66628/reassessing-u-s-cyber-operations-against-iran-and-the-use-of-force/
Germany's cyber-security agency recommends Firefox as most secure browser
The BSI tested Mozilla Firefox 68 (ESR), Google Chrome 76, Microsoft Internet Explorer 11, and Microsoft Edge 44. The tests did not include other browsers like Safari, Brave, Opera, or Vivaldi. [...] The BSI normally uses this guide to advise government agencies and companies from the private sector on what browsers are safe to use.
https://www.zdnet.com/article/germanys-cyber-security-agency-recommends-firefox-as-most-secure-browser/
House subcommittee calls for action on environmental, cyber threats to military bases
Stefanik also noted a 2017 Congressional directive, asking the Defense Department to assess the digital threat to military bases and begin strengthening their defenses. "We are still incredibly vulnerable to attack," she said. "I fear we have not yet identified the scale and scope of our problems, let alone begun to mitigate our most concerning shortfalls."
https://www.upi.com/Defense-News/2019/10/18/House-subcommittee-calls-for-action-on-environmental-cyber-threats-to-military-bases/9451571418288/
CF on Cyber: Key Takeaways from the California AG’s Proposed CCPA Regulations [Podcast]
On October 11, 2019, the California AG published its long-awaited proposed regulations to implement the CCPA. This podcast describes a few key points from those draft regulations, including as they relate to online privacy notices, verifying consumer requests, and financial incentive offerings. The full text of the notice of proposed rulemaking, the regulations, and the initial statement of reasons is worth reading in full.
https://www.jdsupra.com/legalnews/cf-on-cyber-key-takeaways-from-the-cali-45581/
At an Outback Steakhouse Franchise, Surveillance Blooms
According to Presto CEO Rajat Suri, Presto Vision takes advantage of preexisting surveillance cameras that many restaurants already have installed. The system uses machine learning to analyze footage of restaurant staff at work and interacting with guests. It aims to track metrics like how often a server tends to their tables or how long it takes for food to come out. At the end of a shift, managers receive an email of the compiled statistics, which they can then use to identify problems and infer whether servers, hostesses, and kitchen staff are adequately doing their jobs.
https://www.wired.com/story/outback-steakhouse-presto-vision-surveillance/
Former Twitter CISO shares his advice for IT security hiring and cybersecurity
So instead from a security perspective, what I found effective at both Twitter and Mozilla, was moving towards this model of empowerment. And it's very much along the idea of like security champions that I think a lot of people have had success with, but what we want to do is empower the teams to make good decisions within a reasonable bound of risks, and give them the tools so they can do that safely. It's kind of the paved path approach.
https://www.zdnet.com/article/former-twitter-ciso-shares-his-advice-for-it-security-hiring-and-cybersecurity/
New Android Warning: 40M Users Installed Video App Hiding Devious Malware—Delete Now
The app this time is SnapTube, a video downloader that lets users select YouTube and Facebook videos to play offline. The app’s developers claim more than 40 million users, and it has been installed many more times that that. The problem, it seems, is that while users are enjoying those videos, the app’s software is busy doing other things in the background—essentially defrauding both users and advertisers to generate material financial returns.
https://www.forbes.com/sites/zakdoffman/2019/10/18/new-android-warning-40m-users-installed-video-app-hiding-devious-malwaredelete-now/#7269311d2c8c
Cryptojacking worm compromised over 2,000 Docker hosts
Dubbed Graboid by the researchers, the worm carries out cryptojacking inside containers, spreads a few host at a time, and mines Monero in short bursts. “It randomly picks three targets at each iteration. It installs the worm on the first target, stops the miner on the second target, and starts the miner on the third target,” the researchers shared. [...] The two malicious Docker images have been downloaded more than 16,500 times, but have since been removed from Docker Hub, along with another cryptojacking image by the same user.
https://www.helpnetsecurity.com/2019/10/18/cryptojacking-worm-docker/
Six steps for implementing zero trust access
- Use Multi-Factor Authentication (MFA)
- Verify all endpoint devices
- Implement Principle of Least Privilege (PoLP)
- Monitor and audit everything
- Adopt attribute-based controls
- Involve the entire end-user community
https://www.helpnetsecurity.com/2019/10/18/implementing-zero-trust-access/
Pentagon ‘Dumps’ 1970s Floppy Disks Securing Nuclear Missile Launches
It has not been an easy decision. As Lt. Col. Jason Rossi, who commands the Air Force’s 595th Strategic Communications Squadron and oversees the system explained, “you can't hack something that doesn't have an IP address. It's a very unique system—it is old and it is very good." In the era of default connectivity, you can see the point. And while the military relies on gapped networks, there is no better security than something tried and tested, that cannot be networked or electronically compromised.
https://www.forbes.com/sites/zakdoffman/2019/10/19/us-military-to-replace-1970s-floppy-disks-controlling-nuclear-missiles/#585753c6d81b
|
