|
US govt orders federal agencies to patch dangerous Zerologon bug by Monday
The DHS order was issued via an emergency directive, a rarely-used legal mechanism through which US government officials can force federal agencies into taking various actions. [...] The vulnerability is considered extremely dangerous, as it allows threat actors that have a foothold on an internal network to hijack Windows Servers running as domain controllers and effectively take over the entire network.
https://www.zdnet.com/article/us-govt-orders-federal-agencies-to-patch-dangerous-zerologon-bug-by-monday/
Iranian hacker group developed Android malware to steal 2FA SMS codes
The backdoor could steal the victim's contacts list and SMS messages, silently record the victim via the microphone, and show phishing pages. But the backdoor also contained routines that were specifically focused on stealing 2FA codes. Check Point said the malware would intercept and forward to the attackers any SMS message that contained the "G-" string, usually employed to prefix 2FA codes for Google accounts sent to users via SMS.
https://www.zdnet.com/article/iranian-hacker-group-developed-android-malware-to-steal-2fa-sms-codes/
Fewer than half of healthcare institutions met national cybersecurity standards last year
Looking at historical client data, CynergisTek found declines in four of the five core functions outlined in the National Institute of Standards and Technology's framework for companies to protect themselves against cyber attacks: identify, protect, respond and recover. The last core function, detect, remained flat across three years.
https://www.healthcaredive.com/news/CynergisTek-healthcare-cybersecurity-compliance-2019/585442/
Ransomware attack strikes University Hospital New Jersey
In the case of the hospital, it was reported the institution has suffered a massive 48,000 document data breach after a ransomware operation leaked their stolen data. Furthermore it was found that the SunCrypt ransomware operation has leaked the data have leaked a 1.7 GB archive containing over 48,000 documents.
http://www.digitaljournal.com/tech-and-science/technology/ransomware-attack-strikes-university-hospital-new-jersey/article/578229
Medical group announces data breach of patient information at Montana hospitals
When asked why patients weren't promptly notified of the data breach, Sloup said that SCL Health, working in partnership with Blackbaud on its investigation, took time to establish a "clear understanding of the information and potential people impacted." "Thousands of nonprofit organizations who work with Blackbaud were impacted by the breach, and SCL Health has been among the early groups to issue communications to anyone potentially impacted," Sloup said.
https://mtstandard.com/news/state-and-regional/medical-group-announces-data-breach-of-patient-information-at-montana-hospitals/article_681f7d82-5e19-576f-9eb4-8585099cac5b.html
Attacks Using Cerberus Banking Trojan Surge
The posting of the source code has led to a surge in attempts steal money from Russian and European consumers[.] Another result has been the enhancement of the Trojan's capabilities. The malware has been upgraded to stealthily send and steal SMS codes as well as use a bank's website as an overlay to hide malicious domains and steal credentials. Kaspersky found the malware can read text messages that use one-time passwords and steal two-factor authentication passcodes - even those using Google Authenticator.
https://www.bankinfosecurity.com/attacks-using-cerberus-banking-trojan-surge-a-15025
Cyber and Payments are Priority Areas for Policy Changes
Furthermore, when core firms and financial market infrastructures plan measures to bolster operational resilience, they need to consider both prevention and cure: “Firms should start from the premise that an operational incident will occur and cause disruption to vital services. It is not a question of if, but when. Regulatory authorities expect that firms should have robust and reliable arrangements in place to deal with this inevitable disruption”.
https://www.jdsupra.com/legalnews/cyber-and-payments-are-priority-areas-97970/
GAO Prods Treasury to Better Track Financial Sector Cyber Risk Mitigation
It also urged the agency to update with new metrics its plans for measuring the sector’s progress, along with information about how the sector’s efforts at risk mitigation will meet goals and requirements including those set forth in the National Cyber Strategy Implementation Plan. In a new report, GAO said that Treasury “generally agreed” with the watchdog agency’s recommendations.
https://www.meritalk.com/articles/gao-prods-treasury-to-better-track-financial-sector-cyber-risk-mitigation/
North Korea likely paid Russian hackers for access to bank networks
Working with hackers linked to Russia could allow DPRK-linked groups to focus their efforts on more important tasks, according to researchers at security firm Intel 471. The collaboration reportedly shows the “trusted relationships” North Korean hackers have built with elite Russian-speaking cybercriminals.
https://www.nknews.org/2020/09/north-korea-likely-paid-russian-hackers-for-access-to-bank-networks/
New Ops Group Tries a Better Approach to Cyber Warfare
Howell’s cyber national mission teams in the 867th COG “defend the nation by identifying adversary activity, blocking [attacks], and maneuvering to defeat them,” according to the Defense Department. The services began training their teams in 2013, and all 133 teams became fully operational in 2018.
https://www.airforcemag.com/new-ops-group-tries-a-better-approach-to-cyber-warfare/
Combating the Iranian Cyber Threat
The efforts were reflective of the FBI’s new cyber strategy, which is to impose risk and consequences on cyber adversaries—making it harder for both cyber criminals and foreign governments to use malicious cyber activity to achieve their objectives. The new strategy also emphasizes the role the FBI plays as an indispensable partner to federal counterparts, foreign partners, and private-sector partners.
https://www.fbi.gov/news/stories/iran-at-center-of-cyber-crime-charges-in-three-cases-091820
Iranian Hackers Found Way Into Encrypted Apps, Researchers Say
The reports, which were reviewed by The New York Times in advance of their release, say that the hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging to the targets, overcoming obstacles created by encrypted applications such as Telegram and, according to Miaan, even gaining access to information on WhatsApp.
https://www.nytimes.com/2020/09/18/world/middleeast/iran-hacking-encryption.html
The OKIDB story: China profiling millions around the world
Both an established company and a partner of state security entities with its founder, perceiving other powers to be much further ahead, encouraging the Chinese state to increase its surveillance capabilities. He fits within the grey area of having a perceived economic distance to the CCP but remaining part of its autocratic infrastructure. What is clear is his intent, financially rewarded by the CCP, to push their concept of a surveillance state into our free and open Internet.
https://www.sundayguardianlive.com/opinion/okidb-story-china-profiling-millions-around-world
Companies can track your phone’s movements to target ads
Companies like NumberEight, or competitors Sentiance and Neura, use sensor data to categorize users. Instead of building a profile to target, say, women over 35, a service could target ads to “early risers” (as indicated by sensors noting when the phone is picked up after hours of rest) or adapt its user interface for after-work commuters (as indicated when sensors note riding a train after 5 pm). The feedback from the sensors provides “context” on the user’s physical behavior.
https://arstechnica.com/information-technology/2020/09/companies-can-track-your-phones-movements-to-target-ads/
iOS 14: How To Use Apple’s Game-Changing New iPhone Privacy Features
My first impressions are, it’s a welcome upgrade to the brilliant security and privacy features already available since iOS 13—which give you far more control over who can track you on your iPhone. But iOS 14 takes that one step further with the much more granular controls that we need in our everyday lives as privacy on the iPhone becomes even more important.
https://www.forbes.com/sites/kateoflahertyuk/2020/09/20/ios-14-how-to-use-game-changing-new-iphone-privacy-features/#3f25756d19f1
Lame-duck versions of TikTok and WeChat are definitely a problem, security experts say
“TikTok and many other organizations use third party libraries and other pieces of code, and there’s vulnerabilities that happen all the time … as TikTok gets older and older, because you can’t update, the larger percentage chance you have of critical exposures not being addressed.”
https://www.cyberscoop.com/tiktok-wechat-ban-security-issues/
Spammers use hexadecimal IP addresses to evade detection
The group has been sending emails that contain links to their spam sites, but instead of domain names like "spam-website.com," the emails contain weird-looking URLs like https://0xD83AC74E. [...] Trustwave says the group's operations have significantly increased since adopting this trick, as they have been able to land more messages in users' inboxes.
https://www.zdnet.com/article/spammers-use-hexadecimal-ip-addresses-to-evade-detection/
Amazon.com staffers alleged to have taken bribes, manipulated marketplace and leaked data including search algorithms
In its indictment filed late last week, the DoJ asserts that defendants paid over US$100,000 to “complicit Amazon employees and contractors.” The indictment alleges at least ten Amazonians took the crooked coin and “baselessly and fraudulently conferred tens of millions of dollars of competitive benefits on hundreds of 3P seller accounts that the Defendants purported to represent”.
https://www.theregister.com/2020/09/21/amazon_fraud_ring_charged/
|
