Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 10-21-2020

3 Updates Criminals Have Made to Ransomware

In the past year, ransomware has gotten faster, stealthier, and strikes harder. In a new paper from F5, they detail what the criminals are doing differently, how business are responding, and several strategies you can use. They also got some expertise from CI Security’s D-CISO.

https://www.linkedin.com/feed/update/urn:li:activity:6724328857169731584

 

This new malware uses remote overlay attacks to hijack your bank account

The new malware variant, dubbed Vizom by IBM, is being utilized in an active campaign across Brazil designed to compromise bank accounts via online financial services. [...] Vizom spreads through spam-based phishing campaigns and disguises itself as popular videoconferencing software, tools that have become crucial to businesses and social events due to the coronavirus pandemic.

https://www.zdnet.com/article/this-new-malware-uses-remote-overlay-attacks-to-hijack-your-bank-account/

 

Healthcare: Elite Data

We can’t change our blood type, our prescription lens, or a fondness for jumping from high things, once to the detriment of an important foot bone. Worse still, we can’t always change our mental health status or invisible injuries, such as anxiety. This permanence is what makes healthcare data elite data. We, as the victims, can’t always offset the consequences by reporting and disputing.

https://securityboulevard.com/2020/10/healthcare-elite-data/

 

Who Can We Trust to Safeguard Healthcare Data?

The number of reported healthcare data breaches and of breached records fell between January and June, but cyberattacks are expected to surge through to the end of the year, according to cybersecurity firm CI Security. That's because patient medical records "are worth as much as 10 times more than credit card numbers on the Dark Web," CI Security maintains. "Healthcare organizations will require more cybersecurity vigilance than ever before."

https://www.technewsworld.com/story/86887.html

 

Cyber-Attack on Mississippi Schools Costs $300,000

Following the attack, the school took its IT systems offline and engaged a cybersecurity firm to help recover data encrypted by threat actors. Classes at the school are operating as normally as possible under existing COVID-19 restrictions. The school board voted to pay a company $300,000 to recover the data that was encrypted by malware.

https://www.infosecurity-magazine.com/news/cyberattack-on-mississippi-schools/

 

Working from home leads 'sharp rise in cyber attacks' in Germany

The pandemic shifted targets for cyber attackers from individuals to major corporations, governments and critical infrastructure, according to an Interpol report published in August. The relative lack of security infrastructure of home working will mean "cyber criminals continue to ramp up their activities and develop more advanced and sophisticated modi operandi," the worldwide anti-crime organisation said.

https://www.thelocal.de/20201020/home-office-leads-sharp-rise-in-cyber-attacks-in-germany

 

Personal Cyber Insurance For The Growing Risk Of Cyberattacks

In some cases, your insurance company might approve ransom payment for cyber extortion cases. But don’t pay it without getting your insurance company’s approval. The FBI recommends not paying ransom as it does not guarantee release of a decryption key and, in some cases, the cyber criminals demand more ransom after the first payment.

https://www.forbes.com/advisor/homeowners-insurance/personal-cyber-insurance/

 

Zurich North America shares top cyber concerns for risk managers

“Unprecedented change in the world requires us to think differently and act with agility. This survey reveals that customer expectations are changing as their level of sophistication about cyber risks have grown,” said Zurich North America head of professional liability and cyber Michelle Chia.

https://www.insurancebusinessmag.com/us/news/cyber/zurich-north-america-shares-top-cyber-concerns-for-risk-managers-236703.aspx

 

States Have Improved Election Cybersecurity, but Still Can Do More

Meanwhile, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency is continuing to coordinate with state and local agencies on election security threats, especially from nation-state actors and cybercriminals. CISA is confident in election security protections that have been put in place but remains on high alert.

https://statetechmagazine.com/article/2020/10/states-have-improved-election-cybersecurity-still-can-do-more

 

Industry alert pins state, local government hacking on suspected Russian group

The FBI and the U.S. Cybersecurity and Infrastructure Security Agency on Oct. 9 publicized a hacking campaign in which attackers breached some “elections support systems,” or IT infrastructure that state and local officials use for a range of functions. Those systems are not involved in tallying votes, and the advisory from U.S. officials noted that there was no evidence that the “integrity of elections data has been compromised.”

https://www.cyberscoop.com/russia-temp-isotope-election-security-mandiant/

 

Already facing grueling year, National Guard revs up for election and aftermath

The National Guard, already facing one of its busiest years, is prepping for election-related missions that include cybersecurity for local electoral authorities, ballot counting in at least one state and backup for police or if unrest erupts after the vote. The preparations come as the United States heads into one of its most contentious presidential elections, which is taking place in the middle of a global pandemic and amid persistent suggestions by President Trump that he may dispute the results if he loses.

https://www.washingtonpost.com/national-security/election-national-guard/2020/10/19/a7c118ae-0fd3-11eb-bfcf-b1893e2c51b4_story.html

 

Microsoft says it took down 94% of TrickBot's command and control servers

In an update posted today on its takedown efforts, Microsoft confirmed a second wave of takedown actions against TrickBot. The OS maker said it has slowly chipped away at TrickBot infrastructure over the past week and has taken down 94% of the botnet's C&C servers, including the original servers and new ones brought online after the first takedown.

https://www.zdnet.com/article/microsoft-says-it-took-down-94-of-trickbots-command-and-control-servers/

 

Phishing for secrets: Russian cyber experts believe defense industry is being attacked by North Korea

This may come as a surprise to some, as Russia is one of very few countries with no hostility towards Pyongyang, which has very few allies on the world stage. Speaking to Moscow daily Kommersant, experts explained that hacker group Kimsuky had attempted to collect confidential information from aerospace and defense companies through phishing attacks.

https://www.rt[.]com/russia/503896-north-korea-attack-russian-military/

 

NSA publishes list of top vulnerabilities currently targeted by Chinese hackers

All 25 security bugs are well known and have patches available from their vendors, ready to be installed. Exploits for many vulnerabilities are also publicly available. Some have been exploited by more than just Chinese hackers, being also incorporated into the arsenal of ransomware gangs, low-level malware groups, and nation-state actors from other countries (i.e., Russia and Iran).

https://www.zdnet.com/article/nsa-publishes-list-of-top-25-vulnerabilities-currently-targeted-by-chinese-hackers/

 

Self-driving cars can be fooled by displaying virtual objects

Examples of how this was done include a virtual road sign along with an image of a pedestrian displayed using a projector or a digital billboard. This led Tesla to stop in 0.42 seconds whereas Mobileye 360 stopped in 0.125 seconds at a much quicker rate. This can be used maliciously by attackers in order to cause traffic jams and abrupt stops which could result in accidents.

https://www.hackread.com/self-driving-fooled-displaying-virtual-objects/

 

Adblockers installed 300,000 times are malicious and should be removed now

Many Nano extension users in this forum reported that their infected browsers were also accessing user accounts that weren’t already open in their browsers. This has led to speculation that the updated extensions are accessing authentication cookies and using them to gain access to the user accounts. Hill said he reviewed some of the added code and found that it was uploading data.

https://arstechnica.com/information-technology/2020/10/popular-chromium-ad-blockers-caught-stealing-user-data-and-accessing-accounts/

 

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio

There are 16 critical bugs, all of which allow arbitrary code execution in the context of the current user. They affect Adobe Illustrator, Adobe Animate, Adobe After Effects, Adobe Photoshop, Adobe Premiere Pro, Adobe Media Encoder, Adobe InDesign and the Adobe Creative Cloud Desktop Application.

https://threatpost.com/adobe-critical-code-execution-bugs/160369/

 

Cybersecurity is the New Market for Lemons, Research Supports

Based on over 100 comprehensive interviews with business and cybersecurity leaders from large enterprises, together with vendors, assessment organizations, government agencies, industry associations and regulators, Debate Security’s research shines a light on why technology vendors are not incentivized to deliver products that are more effective at reducing cyber risk.

https://www.valdostadailytimes.com/news/business/cybersecurity-is-the-new-market-for-lemons-research-supports/article_18cca8e4-3553-5646-bd5f-b0cb71bbac7a.html

 

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe