|
IT Security News Blast – 9-16-2021
Looking for election threats in all the wrong places
It’s likely that future elections will have more of a cyber component, but not with the goal of changing vote counts, as is commonly believed, said Mike Hamilton, chief information security officer at Critical Insight and former CISO for Seattle. The goal will be introducing uncertainty.
https://gcn.com/articles/2021/09/13/election-security.aspx
How Walgreens’ sloppy Covid-19 test registration system exposed patient data
If you got a Covid-19 test at Walgreens, your personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. In some cases, even the results of these tests could be gleaned from that data.
https://www.vox.com/recode/22623871/walgreens-covid-test-site-data-vulnerability
Clinic: EHR Data Too Damaged to Recover Post-Attack
"Upon discovering the extent of the damage, we engaged additional forensics and recovery services as part of our exhaustive efforts to do everything we could to try and recover the data," the practice says. "Unfortunately, these efforts to date have been unsuccessful and patient electronic records before May 21 are unrecoverable."
https://www.govinfosecurity.com/clinic-ehr-data-too-damaged-to-recover-post-attack-a-17530
Health Care Providers Are Turning to Cyber Insurance
The GAO concluded that developing cyber insurance products can be difficult because insurers do not have much historical data on cyberattack-related costs. Determining what is covered can be hard for clients because key terms do not have standard definitions.
https://www.renalandurologynews.com/home/departments/hipaa-compliance/physicians-are-buying-cyber-insurance-to-cover-financial-losses-from-cyberattacks/
Rare bright cyber spot: ACSC reports total incidents down 28%
"The highest proportion of incidents the ACSC responded to related to low-level malicious activity such as targeted reconnaissance, phishing, or non-sensitive data loss, accounting for more than half of the cybersecurity incidents," the report said.
https://www.zdnet.com/article/rare-bright-cyber-spot-acsc-reports-total-incidents-down-28/
Cost of ransomware attack in financial sector exceeds $2m
The cost of a ransomware attack to a financial services organisation now clocks in at an average of $2m (£1.44m), exceeding the global average of $1.85m (£1.33m) by a small margin, however, the financial sector is also one of the most resilient industries when it comes to facing down ransomware hits, and is significantly less likely to pay to recover their data.
https://www.computerweekly.com/news/252506646/Cost-of-ransomware-attack-in-financial-sector-exceeds-2m
Firms facing mounting AI data governance pressures
Organisations are already seeing pressure mount around data protection as regulators crack down on privacy laws. Earlier this year, China enacted its first comprehensive data protection law – the Personal Information Protection Law – that will become effective on November 1.
https://www.financialdirector.co.uk/2021/09/15/firms-facing-mounting-ai-data-governance-pressures/
Why Data Security and Legal Should Be Friends
Both security professionals and lawyers need to train the rest of the company to function in the safest possible fashion while allowing the most freedom operate for other company units. Both data security and legal need to educate the rest of the company about the rules associated with their business function and must develop policies and procedures for minimizing risk.
https://www.jdsupra.com/legalnews/why-data-security-and-legal-should-be-2787124/
StateRAMP Rolls out Initial List of Authorized Cybersecurity Vendors
State and local governments can work with StateRAMP to understand and manage the risk profiles of their third-party providers utilizing or offering software as a service (SaaS), platform as a service (PaaS), or infrastructure as a service (IaaS) to manage the government’s data.
https://www.meritalk.com/articles/stateramp-rolls-out-initial-list-of-authorized-cybersecurity-vendors/
Union Wants Civilian Cyber Reserve Proposal Dropped from Defense Bill
Amendment 295 would allow an executive agent at U.S. Cyber Command to bypass the Office of Personnel Management in appointing individuals to cybersecurity positions for periods no greater than 180 days for the purpose of helping to respond to cybersecurity incidents.
https://www.nextgov.com/cybersecurity/2021/09/union-wants-civilian-cyber-reserve-proposal-dropped-defense-bill/185385/
General Promises US 'Surge' Against Foreign Cyberattacks
In an interview Tuesday with The Associated Press, Gen. Paul Nakasone broadly described “an intense focus” by government specialists to better find and share information about cyberattacks and “impose costs when necessary.” Those costs include publicly linking adversarial countries to high-profile attacks and exposing the means by which those attacks were carried out, he said.
https://www.military.com/daily-news/2021/09/15/general-promises-us-surge-against-foreign-cyberattacks.html
Biden announces joint deal with U.K. and Australia to counter China
The trio, now known by the acronym AUKUS, will make it easier for the three countries to share information and know-how in key technological areas like artificial intelligence, cyber, quantum, underwater systems, and long-range strike capabilities.
https://www.politico.com/news/2021/09/15/biden-deal-uk-australia-defense-tech-sharing-511877
China responsible for two thirds of state-sponsored cyber attacks
In a report on the threat landscape over the past year, global cyber security firm Crowdstrike found China was behind 67 per cent of state-sponsored attacks. Iran was responsible for 7 per cent, North Korea 5 per cent, Russia 1 per cent, while another 20 per cent were suspected state-sponsored attacks, but their source was unknown.
https://www.smh.com.au/politics/federal/china-responsible-for-two-thirds-of-state-sponsored-cyber-attacks-20210915-p58rt2.html
‘Significant threat:’ cyber attacks increasingly targeting critical infrastructure
The Australian Cyber Security Centre (ACSC) disclosed the incidents in a report published yesterday, warning of “significant targeting, both domestically and globally, of essential services.” These incidents have “underscored the vulnerability of critical infrastructure to significant disruption in essential services, lost revenue and the potential of harm or loss of life.”
https://taipeitimes.com/News/feat/archives/2021/09/16/2003764442
How Belarus’s ‘Cyber Partisans’ exposed secrets of Lukashenko’s crackdowns [Subscription]
The vast trove amassed by a group calling itself “Cyber Partisans” appears to be part of one of the biggest and most organized hacks by opposition activists against a government, analysts say. The records — ranging from tapped phone calls to internal documents — offer a sweeping look at Belarus’s efforts to crush political dissent and could be part of potential future judicial reckonings over jailings and other abuses that have been widely condemned by the West.
https://www.washingtonpost.com/world/europe/belarus-hack-cyber-partisans-lukashenko/2021/09/14/5ad56006-fabd-11eb-911c-524bc8b68f17_story.html
Microsoft accounts can go passwordless, making “password123” a thing of the past
[Starting] today, users can completely remove their passwords from their Microsoft accounts and opt to rely on Microsoft Authenticator or some other form of verification to sign in on new devices. Microsoft added passwordless login support for work and school accounts back in March, but this is the first time the feature has been offered for regular, old individual Microsoft accounts.
https://arstechnica.com/gadgets/2021/09/starting-today-you-can-remove-your-password-from-your-microsoft-account/
Microsoft Patches Actively Exploited Windows Zero-Day Bug
The flaws were found in Microsoft Windows and Windows components, Microsoft Edge (Chromium, iOS, and Android), Azure, Office and Office Components, SharePoint Server, Microsoft Windows DNS and the Windows Subsystem for Linux.
https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/
Critical Flaws Discovered in Azure App That Microsoft Secretly Installed on Linux VMs
Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems.
https://thehackernews.com/2021/09/critical-flaws-discovered-in-azure-app.html
Pair of Google Chrome Zero-Day Bugs Actively Exploited
As part of the internet giant’s latest stable channel release (version 93.0.4577.82 for Windows, Mac and Linux), it fixed 11 total vulnerabilities, all of them rated high-severity. The two zero days are tracked as CVE-2021-30632 and CVE-2021-30633.
https://threatpost.com/google-chrome-zero-day-exploited/169442/
Your social media ‘engagement’ is making you vulnerable to manipulation
We found that players are more likely to like or share and less likely to flag articles from low-credibility sources when players can see that many other users have engaged with those articles. Exposure to the engagement metrics thus creates a vulnerability. The wisdom of the crowds fails because it is built on the false assumption that the crowd is made up of diverse, independent sources.
https://thenextweb.com/news/social-media-engagement-vulnerable-manipulation-syndication
|
