|
IT Security News Blast – 10-18-2021
This is the IT Security News Blast.
A brief situational awareness summary for key sectors, threats and vulnerabilities, noteworthy events. Security, Privacy, Surveillance. Sign up for the blast here:
https://www.criticalinsight.com/resources/daily-news
Supply chain cybersecurity breaches have hit alarming percentage of firms: survey
This is happening despite more awareness of the risks and the rising cybersecurity budgets to deal with it. But the complexity of the people, processes, and technologies needed to build a comprehensive defense against attacks means that money isn’t always spent effectively, Bixler said.
https://www.foxbusiness.com/technology/firms-surveyed-hit-supply-chain-cybersecurity-breach
Cyber Criminals Using Spoofed Unemployment Benefit Websites to Defraud U.S. Public
Cyber criminals have created these spoofed websites to collect personal and financial data from US victims. These spoofed websites imitate the appearance of and can be easily mistaken for legitimate websites offering unemployment benefits. [...] The fake websites prompt victims to enter sensitive personal and financial information.
https://www.hstoday.us/subject-matter-areas/cybersecurity/cyber-criminals-using-spoofed-unemployment-benefit-websites-to-defraud-u-s-public/
Layered Security Is Essential to Healthcare Systems' Incident Response Planning
“The threats are increasing exponentially for us,” Booth says. “Health records are prime targets for malicious actors. If they go after credit cards, they just get financial information. With health records, they get everything. It’s about the most integrated record anyone can get access to.”
https://healthtechmagazine.net/article/2021/10/layered-security-essential-healthcare-systems-incident-response-planning
72% increase in cyberattacks against healthcare sector over the weekend
Some 627 cyberattacks per organization were observed in Israel’s health sector – 72% more than the average on previous weekends, Check Point said. This is also more than in any other sector, where there was an average of 267 attacks per organization and no significant increase, the cyber security firm noted.
https://www.jpost.com/breaking-news/cyberattack-attempts-towards-israeli-hospitals-thwarted-govt-682221
Insurers with high credit ratings have better cyber security – report
It found a positive correlation between companies’ Fitch-assigned credit ratings and SSC’s cybersecurity grades. This implies that insurance companies that prioritize carefully managing their own credit risk also seem to be better at managing their cyber risk.
https://www.insurancebusinessmag.com/us/news/cyber/insurers-with-high-credit-ratings-have-better-cyber-security--report-313308.aspx
What do ‘inevitable’ cyber threats mean for investors and consumers?
“We could be looking at a ransomware-style attack which could target back-end (server) infrastructure, or a cross-branch front-office impact,” Mr Haskell-Dowland said, noting that the former would be much more visible to consumers. Recent major IT failures by banks and other financial institutions might provide a sneak peek into what this would look like for everyday consumers.
https://www.nestegg.com.au/invest-money/economy/what-do-inevitable-cyber-threats-mean-for-investors-and-consumers
U.S. Property Insurers Could be Facing $12.5B in Hidden Cyber Losses
A study conducted by CyberCube, AM Best and Aon found that the accumulation of cyber risk could trigger a one-in-100-year loss of $12.5 billion, which would be enough to cause a downward transition of the Best’s Capital Adequacy Ratio (BCAR) for 18 U.S. property insurance carriers.
https://www.insurancejournal.com/magazines/mag-features/2021/10/18/637199.htm
ICS Patch Tuesday: Siemens and Schneider Electric Address Over 50 Vulnerabilities
Siemens released patches and mitigations covering 15 vulnerabilities, including critical weaknesses that can allow a remote, unauthenticated attacker to cause a DoS condition or execute arbitrary code on the underlying operating system. The W1750D is a brand-labeled device from Aruba, and a majority of the flaws exist in the ArubaOS operating system.
https://www.securityweek.com/ics-patch-tuesday-siemens-and-schneider-electric-address-over-50-vulnerabilities
Ransomware gangs targeted 3 different US water treatment plants this year in previously unreported attacks, according to federal agencies
- Three US water treatment plants were hit with ransomware attacks this year, according to a new report.
- The previously unreported incidents came after a widely publicized attack on a Florida plant.
- Ransomware is on the rise globally, and attacks on public infrastructure could put lives at risk.
https://www.businessinsider.com/3-us-water-treatment-plants-attacked-by-ransomware-gangs-report-2021-10
How Can States, Feds Collaborate Better on Cybersecurity?
Illinois has examined not only how it receives information but also how it, in turn, disseminates it. Tate-Nadeau said fusion centers play a key role in helping the state receive reports from individual counties and send out warnings to remaining counties as well as alerts to federal partners. Quick communication is essential.
https://www.govtech.com/security/how-can-states-feds-collaborate-better-on-cybersecurity
More Cyberattacks Coming, 'Incompetent' US Government Unprepared
"When our companies are attacked and they pay ransom and these attacks cause shortages where they are in our meat and in our burger supply or in our gasoline, that weakens our society and undermines it, Koffler explained. "But during wartime, you better believe it. The Russians have a doctrine that cyber is able to hit in one spot that will be very, very precisely targeted that the entire system will collapse. At least that is what they expect."
https://www1.cbn.com/cbnnews/us/2021/october/more-cyberattacks-coming-incompetent-us-government-unprepared
CAN’T SAIL AWAY FROM CYBER ATTACKS: ‘SEA-HACKING’ FROM LAND
The vast bulk of the world’s critical economic and military traffic passes through a handful of narrow strategic waterways known as “maritime chokepoints.” While these waterways have always been prey to pirates, weather, and maritime accidents, these perils are now joined by maritime cyber attacks — whether conducted for ransom, malicious disruption, piracy, or as part of larger geopolitical conflicts.
https://warontherocks.com/2021/10/cant-sail-away-from-cyber-attacks-sea-hacking-from-land/
Sorry former Pentagon expert, but China is nowhere near winning the AI race
Many experts feel that China‘s massive investments in public sector research combined with its authoritarian approach to controlling what the public sector and academia do, could lead to a situation where China leapfrogs the US. This, however, is conjecture. The reality is that US companies don’t need government investments. Unlike the US government, Amazon isn’t in massive debt to its shareholders. Amazon is one of the most profitable enterprises in the history of humanity.
https://thenextweb.com/news/sorry-former-pentagon-expert-but-china-nowhere-near-winning-ai-race
White House Wants to Know How Biometrics Like Facial Recognition Are Being Used
The Office of Science and Technology Policy released a request for information seeking specifics about how federal agencies and the private sector are employing biometrics, whether for security and law enforcement—by far the most widely seen use—or other uses like making hiring decisions or predicting intent.
https://www.nextgov.com/emerging-tech/2021/10/white-house-wants-know-how-biometrics-facial-recognition-are-being-used/186033/
How Attackers Hack Humans
Information gleaned from the gold mine that is the Internet can be dangerous. From job review sites like Glassdoor, potential hackers are able to get detailed information on the mindset of soft targets. Employees who feel like they're overworked, underpaid, and underappreciated are potential insider targets.
https://www.darkreading.com/edge-articles/how-attackers-hack-humans
Bugs in Our Pockets: The Risks of Client-Side Scanning
Supporters of the technology argue that such scanning can uncover child sexual abuse material (CSAM) without putting people’s privacy at risk. The supporters reason that people whose phones don’t have CSAM will have nothing to fear; the scanning will be local and, if there is no targeted material on the device, no information will ever leak from it.
https://www.lawfareblog.com/bugs-our-pockets-risks-client-side-scanning
Olympus US systems hit by cyberattack over the weekend
Even though Olympus did not share any info on the attackers' identity, ransom notes found on impacted systems impacted revealed that BlackMatter ransomware operators coordinated the attack. The same ransom notes also pointed to a Tor website the BlackMatter group used in the past to communicate with their victims.
https://www.bleepingcomputer.com/news/security/olympus-us-systems-hit-by-cyberattack-over-the-weekend/
Attackers Behind Trickbot Expanding Malware Distribution Channels
The threat actor, tracked under the monikers ITG23 and Wizard Spider, has been found to partner with other cybercrime gangs known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, adding to a growing number of campaigns that the attackers are banking on to deliver proprietary malware, according to a report by IBM X-Force.
https://thehackernews.com/2021/10/attackers-behind-trickbot-expanding.html
Ad-blocking browser extension actually adds ads, say Imperva researchers
The extension does block ads, they write. But it also runs a background script that injects a snippet of JavaScript code into every new tab that users open. That code snippet talks to remote servers and downloads a payload that Imperva claims is connected to operators of an ad-injection scam.
https://www.theregister.com/2021/10/14/ad_blocker_injects_bad_ads/
|
