|
Texas school district phished for $2.3 million
The Manor Independent School District fell victim to an apparent phishing scam to the tune of $2.3 million. Officials for the Texas school system did not release many details other than to say in a January 10 statement posted on Facebook that the incident was caused by a phishing email and that the local police and FBI are currently working the case. The Manor Police Department told CNN the scam included three separate fraudulent transactions that took place in November.
https://www.scmagazine.com/home/email-security/texas-school-district-phished-for-2-3-million/
U.S. Government Issues Powerful Security Alert: Upgrade VPN Or Expect Cyber-Attacks
The CISA alert provides a telling timeline that outlines how the Pulse Secure VPN critical vulnerability, CVE-2019-11510, became such a hot security potato. [...] "Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS)," that advisory warned, "this includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway."
https://www.forbes.com/sites/daveywinder/2020/01/13/us-government-critical-security-alert-upgrade-vpn-or-expect-continued-cyber-attacks/#42709d116f70
Cybersecurity Impact of Microsoft’s End to Windows 2007 Support
But many healthcare providers fail to patch even publicly known vulnerabilities, despite the sector having the largest percentage of devices running on the outdated platform compared to other industries. [...] “Absolutely nothing will happen on January 15: all known vulnerabilities have been patched by Microsoft,” Hewitt said. “However, the next vulnerability to be discovered will not receive a patch from Microsoft.”
https://healthitsecurity.com/news/cybersecurity-impact-of-microsofts-end-to-windows-2007-support
U.S. Healthcare Data Breach Cost $4 Billion in 2019. 2020 Won’t Be Any Better
“Minutes, even seconds, of delay can seriously affect the patient death rate. According to one recent study by Health Services Research, hospitals that have suffered ransomware attacks have recorded a rise in fatal heart attacks compared to units that haven’t been under fire by hackers. Specifically, medical institutions hit by ransomware showed an increase of 36 deaths per 10,000 heart attacks per year. Furthermore, patients received an electrocardiogram 2.7 minutes later than the average, putting lives at risk in emergencies,” he wrote.
https://securityboulevard.com/2020/01/u-s-healthcare-data-breach-cost-4-billion-in-2019-2020-wont-be-any-better/
Travelex staff go back to basics as ransomware cripples systems
The spread of the ransomware, which Travelex said it had successfully contained, forced the company to take all its systems offline, causing chaos for New Year holidaymakers and business travellers seeking online currency services. The company, which has a presence in more than 70 countries, is currently only able to serve customers face-to-face at its 1,200 on-airport and off-airport locations worldwide.
https://www.reuters.com/article/us-britain-travelex/travelex-staff-go-back-to-basics-as-ransomware-cripples-systems-idUSKBN1Z70VS
Cyberspace is the next front in Iran-US conflict – and private companies may bear the brunt
Though it’s impossible to predict with certainty the behavior of the Iranian regime and their many proxies, their cyberattacks likely will continue to go well beyond governmental systems, which are reasonably well defended. Iran and its supporters likely will focus on easier targets operated by private companies. A recent U.S. Department of Homeland Security alert highlights Iran’s capacity and willingness to engage in multiple types of destructive cyberattacks over the last decade.
https://gcn.com/articles/2020/01/13/iran-cybersecurity-critical-infrastructure.aspx
Cyber Cold War: U.S. Military Targeting Russian Data as 2020 Presidential Election Beckons
In the face of potential interference from Russia, the U.S. Cyber Command is honing its cyber-warfare capabilities. As reported by The Washington Post, it’s developing technology that could breach the data of Russian elites. According to current and former U.S. officials, Cyber Command is developing the methods mostly as a threat. By making a credible showing that sensitive personal information could be leaked, the DOD command unit is warning Russia against any cyber-interference in November’s election.
https://www.ccn.com/us-military-targeting-russian-data-2020-presidential-election-beckons/
Cyber protection for F-15SAs contracted by Saudi Arabia
SAUDI ARABIA. Advanced Electronics was awarded a $17 million contract modification to provide logistics support for the F-15SA cyber protection system for the Royal Saudi Air Force. The deal modifies a previous $29.9 million contract for cyber protection and related facilities, awarded in 2017. It funds three years of in-kingdom contractor logistics support for the cyber protection system, as well as mobilization, de-mobilization, transportation, and housing expenses for support personnel.
http://mil-embedded.com/news/cyber-protection-for-f-15sas-contracted-by-saudi-arabia/
Cybersecurity Threats Call for a Global Response
Finally, knowing that attacks will come, countries need to be ready for them. Crisis preparation and response protocols should be developed at both the national and cross-border level, so as to be able to respond and recover operations as soon as possible. Crisis exercises have become crucial in building resilience and the ability to respond, by revealing gaps and weaknesses in processes and decision making.
https://blogs.imf.org/2020/01/13/cybersecurity-threats-call-for-a-global-response/
Barr Asks Apple to Unlock Pensacola Killer’s Phones, Setting Up Clash
Mr. Barr’s appeal was an escalation of an ongoing fight between the Justice Department and Apple pitting personal privacy against public safety. “This situation perfectly illustrates why it is critical that the public be able to get access to digital evidence,” Mr. Barr said, calling on technology companies to find a solution and complaining that Apple had provided no “substantive assistance.”
https://www.nytimes.com/2020/01/13/us/politics/pensacola-shooting-iphones.html
Understanding Canadian cybersecurity laws: the foundations
Current applicable federal laws
The Privacy Act (R.S.C., 1985, c. P-21)
(II) Access to Information Act (R.S.C., 1985, c. A-1)
(III) Criminal Code of Canada (R.S.C., 1985, c. C-46)
(IV) The Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5)
(V) Canada’s Anti-Spam Law (CASL) (S.C. 2010, c. 23)
https://www.itworldcanada.com/blog/understanding-canadian-cybersecurity-laws-the-foundations/425979
Companies Use 'Dark Patterns' to Mislead Users About Privacy Law, Study Shows
Researchers found that 32.5 percent of the EU websites studied in the survey use something called “implied consent”—which assumes you agree to being tracked if you don’t take a specific action (like click on an opt out banner within a certain time frame). [...] The researchers also found that numerous companies use “dark pattern” GUI designs in their privacy notification systems, which are specifically intended to trick users into signing up for more data tracking than they might otherwise want[.]
https://www.vice.com/en_us/article/g5xg74/companies-use-dark-patterns-to-mislead-users-about-privacy-law-study-shows
Cyber Future Foundation Convenes Third Annual Cyber Future Dialogue in Davos, Switzerland
The problems considered at the Dialogue include those that the World Economic Forum describes as "Cyber security threats outpacing the abilities of governments and companies." This, according to CFF is not only security in cyberspace, but includes the a gamut of elements with considerations for cyber risk, cyber war and peace, cyber privacy, cyber safety, cyber socio economic impact as well as emerging technologies, whose cyber impacts may not have been given adequate consideration leading to adverse consequences both for individuals as well as organizations and countries.
https://www.benzinga.com/pressreleases/20/01/p15116651/cyber-future-foundation-convenes-third-annual-cyber-future-dialogue-in-davos-switzerland
Snake alert! This ransomware is not a game…
This malware actually writes this file, called Fix-Your-Files.txt, into what Windows calls the ‘public desktop’, usually in the directory C:\Users\Public, where it shows up in the background for every user on the system. If the malware isn’t run with administrator privileges, then although it will be able to overwrite all your files, it won’t be able to write to the Public folder, and will end up in a special folder called \Users\[yourname]\AppData\Local\VirtualStore, where you’re likely to miss it.
https://nakedsecurity.sophos.com/2020/01/13/snake-alert-this-ransomware-is-not-a-game/
Microsoft Enables Security Defaults in Azure Active Directory
Microsoft introduced new secure default settings dubbed 'Security Defaults' to Azure Active Directory (Azure AD), now available for all license levels, including trial tenants. Since introducing the Security Defaults feature that replaces baseline protection policies, Microsoft says that it has already been enabled for over 60k newly created tenants, with another roughly 5k also having opted in. This move's end goal is to make sure that all organizations using Azure AD have a basic level of security-enabled at no extra cost according to Microsoft.
https://www.bleepingcomputer.com/news/microsoft/microsoft-enables-security-defaults-in-azure-active-directory/
Phishing for Apples, Bobbing for Links
Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures remains among the most-targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or stolen. Today’s piece looks at the well-crafted links used in some of these lures.
https://krebsonsecurity.com/2020/01/phishing-for-apples-bobbing-for-links/
Cisco issues critical security warnings its Data Center Network Manager
Cisco this week issued software to address multiple critical authentication exposures in its Data Center Network Manager (DCNM) software for its Nexus data center switches. [...] Cisco said that there were three exposures, which it rated as a 9.8 out of 10 on the Common Vulnerability Scoring System, in the DCNM authentication mechanisms that could let a remote attacker bypass authentication and execute arbitrary actions with administrative privileges on vulnerable devices.
https://www.networkworld.com/article/3512041/cisco-issues-critical-security-warnings-its-data-center-network-manager.html
Will This Be the Year of the Branded Cybercriminal?
Moreover, with the commoditization of cybercrime-as-a-service, organizations are naturally seeking differentiation to make their services stand out in a crowded market. Instead of selling services or data listings on an individual basis, threat actors will put more effort into building lasting business-like enterprises — investing more in branding, customer support and even intuitive user interfaces.
https://www.darkreading.com/vulnerabilities---threats/will-this-be-the-year-of-the-branded-cybercriminal/a/d-id/1336707
Does Iran Have Secret Armed Dolphin Assassins?
As the U.S. military prepares to deal with the fallout from the killing of Iranian General Qassem Soleimani earlier this month, we can expect Iran and Iranian-backed militias to retaliate in any number of ways, from traditional missile strikes to cyber attacks on our oil and gas facilities, banks, electrical grids, and more. But we might not want to count out the possibility of the country employing its fleet of killer Communist dolphins, which may or may not still exist.
https://www.popularmechanics.com/military/weapons/a30500130/iran-military-dolphins/
|
