|
Critical Vulnerabilities Found in Remote Access Software
Describing the importance of the systems in which the flaws were spotted, Otorio stated: "These systems allow operations professionals access to manage, service and maintain industry machines remotely from anywhere in the world. Together, they serve thousands of sites in industries such as automotive, energy, oil & gas, metal, packaging, maritime and more."
https://www.infosecurity-magazine.com/news/flaws-found-in-remote-access/
U.S. Treasury Warns Cyber Insurers Against Paying Ransomware Demands
The U.S. Treasury Department is warning that individuals or businesses that help facilitate ransomware payments may be violating anti-money laundering and sanctions regulations. The warnings came in a pair of advisories, one from the Financial Crimes Enforcement Network (FinCEN) and the other from the Office of Foreign Assets Control (OFAC).
https://www.insurancejournal.com/news/national/2020/10/01/584906.htm
Cache Creek Casino Closed Due To Cyber Attack
“The privacy of our guests and employees is our highest priority and we want to make certain they have some peace-of-mind. We are working closely with independent experts who regularly investigate incidents of this type to determine any risks to data security. Attacks like these are significant and can take weeks to research thoroughly,” the statement reads.
https://sacramento.cbslocal.com/2020/10/01/cache-creek-closed-cyber-attack/
'It's not a good week for healthcare': Health system IT execs react to recent ransomware attacks
"Today, most every health system is combatting the COVID-19 pandemic in some way. This pandemic has our staff stressed and tired. These two combinations can affect the attention to details when using technology tools such as email; processes such as patching equipment; periodic maintenance on clinical equipment etc. This generates risk for any health system," said Brian Jones, CIO of Billings (Mont.) Clinic.
https://www.beckershospitalreview.com/cybersecurity/it-s-not-a-good-week-for-healthcare-health-system-it-execs-react-to-recent-ransomware-attacks.html
Modern Healthcare: Feds Charge Hundreds Of Individuals In $6 Billion Healthcare Fraud
More than 340 individuals were charged with submitting $6 billion in fraudulent claims to federal healthcare programs and private insurers for telehealth consultations and substance abuse treatment, among other services, the Justice Department announced Wednesday, describing it as the largest healthcare fraud "takedown" in history.
https://khn.org/morning-breakout/feds-charge-345-people-with-health-care-fraud/
Treasury Dept: Ransomware Payment Facilitation Could Be Sanction Risk
“Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations,” OFAC officials wrote.
https://healthitsecurity.com/news/treasury-dept-ransomware-payment-facilitation-could-be-sanction-risk
ICYMI - Replay and Blog - Panel Discussion Following Tyler Technology Breach
CI Security convened a panel of experts yesterday to go over what we know about the recent Tyler Technologies breach, the potential impacts to their local government customers, and what those security teams must do now to protect and defend their networks and data. Our expert panelists shared insights from their experiences with Tyler Technologies, which is helping to piece together what really happened and what we have to be vigilant for now as we head into election season.
Replay: https://www.youtube.com/watch?v=79hNZTBrLxs&feature=youtu.be
Blog: https://ci.security/resources/news/article/tyler-technologies-and-the-threat-to-local-government
Shipping’s cyber defences fail attack test
Ironically, the incidents come just months ahead of new IMO resolution which enters into force next January, requiring shipping companies to address cyber risks in safety management systems. “Given the news from CMA CGM in the same week, whether that is merely a coincidence will certainly be open to speculation,” said one senior IMO official. “We do not have any evidence of linkage at this point though,” he said.
https://lloydslist.maritimeintelligence.informa.com/LL1134110/Shippings-cyber-defences-fail-attack-test
The Espionage Threat to U.S. Businesses
Many authoritarian governments are doing everything they can, including using their spy services, to build successful businesses and grow their economies. Indeed, even some nonauthoritarian governments are taking this approach. The reason for this is simple: A large number of nation-states view privately owned companies within their jurisdictions as extensions of their governments.
https://www.lawfareblog.com/espionage-threat-us-businesses
OCIE Warns of Increased ‘Credential Stuffing’ Cyberattacks on Investment Advisers, Broker-Dealers
The Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) has published a risk alert, warning SEC-registered investment advisers, brokers and dealers about the increasing use of a form of cyberattack known as “credential stuffing.” The alert is intended to encourage financial institutions to take a proactive approach to protect themselves and their clients from emerging cyberthreats.
https://www.jdsupra.com/legalnews/ocie-warns-of-increased-credential-44436/
Long-Awaited Bill for State and Local Cyber Support Passes House
The legislation, H.R. 5823, the State and Local Cybersecurity Improvement Act, would establish a $400 million DHS grant program each year from 2021 to 2025 that would incentivize states to increase their own cybersecurity funding. The bill also requires DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to develop a strategy to improve the cybersecurity of state, local, tribal, and territorial governments.
https://www.meritalk.com/articles/long-awaited-bill-for-state-and-local-cyber-support-passes-house/
DOD, DHS expose hacking campaign in Russia, Ukraine, India, Malaysia
The Department of Defense and the Department of Homeland Security are calling out an unspecified “sophisticated cyber actor” Thursday for using malware to launch cyberattacks against targets in India, Kazakhstan, Kyrgyzstan, Malaysia, Russia and Ukraine. The malware, which the military’s Cyber Command has dubbed “SlothfulMedia,” is an information-stealer capable of logging keystrokes of victims and modifying files, according to an analysis shared early with CyberScoop.
https://www.cyberscoop.com/dod-dhs-cyber-command-cisa-hacking-russia-ukraine-india-malaysia/
Twitter says FBI tip prompted takedown of 130 fake accounts during debate
The takedowns are the latest in a series of announcements from U.S. social media giants about their efforts to block foreign information operations and other inauthentic behavior ahead of the 2020 elections. Russia, China and Iran are considered to be the primary sources of such activity, each with its own distinct set of interests.
https://www.cyberscoop.com/twitter-debate-fake-accounts-fbi/
To hunt hackers, FBI works more closely with spy agencies
The FBI believes the effort will improve targeting and prosecution of hackers who attack American organizations, even as many continue to escape capture abroad. The decision comes after a year in which the United States’ Internet Crime Complaint Center said it received a total of 467,361 complaints, resulting in more than $3.5 billion in losses to individuals and businesses. The FBI’s strategy reorganizes the agency’s anti cybercrime and foreign cyberespionage workforces.
https://www.reuters.com/article/usa-cyber-fbi/to-hunt-hackers-fbi-works-more-closely-with-spy-agencies-idINL1N2GQ1SQ
How hackers took over Facebook accounts to steal $4 million, promote scams
The details, revealed Thursday, demonstrate how attackers breached hundreds of thousands of Facebook accounts, scouring for users with payment methods attached to their profile, such as PayPal. The attackers would disable users’ notifications, and abuse their access to the victim account to place advertisements for diet pills and counterfeit products.
https://www.cyberscoop.com/facebook-silentfade-malware-fraud-millions/
More than 12 Data Points are Publicly Available on 60% of Internet Users
Here are the top trends in online exposure per data entry point:
• 19.79% for home or physical address • 17.05% for gender • 13.30% for names • 11.85% for URLs • 9.21% for jobs • 7.32% for usernames • 6.53% for dates of birth • 5.45% for email addresses • 5.44% for education • 2.24% for phone numbers
https://securityboulevard.com/2020/09/more-than-12-data-points-are-publicly-available-on-60-of-internet-users/
70% of consumers would cut ties with doctors over unprotected health data
While many still assume personal data is under lock and key, 18 percent of Americans are beginning to question whether personal health data is being adequately protected by healthcare providers. In fact, 47.5 percent stated they were unlikely to use telehealth services again should a breach occur, sounding the alarm for a burgeoning telehealth industry predicted to be worth over $260B by 2026.
https://www.helpnetsecurity.com/2020/10/01/unprotected-health-data-privacy-concerns/
CFAA 101: A Computer Fraud & Abuse Act Primer for InfoSec Pros
• "unauthorized access"/"exceeds authorized access": What the CFAA does say is that "unauthorized access" is "hacking." Similarly, the phrase "exceeds authorized access" means "to access a computer with authorization and to use such access to obtain or alter information in the computer that the accessor is not entitled so to obtain or alter." This phrase is a central component of the case that will be heard in the Supreme Court next month.
https://www.darkreading.com/edge/theedge/cfaa-101-a-computer-fraud-and-abuse-act-primer-for-infosec-pros-/b/d-id/1339019
Cloud biz Blackbaud admits ransomware crims may have captured folks' bank info, months after saying that everything's fine
That is the clear opposite of statements it made two months after the hack, when Blackbaud said: "The cybercriminal did not access credit card information, bank account information, or social security numbers. Because protecting our customers' data is our top priority, we paid the cybercriminal's demand with confirmation that the copy they removed had been destroyed."
https://www.theregister.com/2020/10/01/blackbaud_ransomeware_data/
|
