|
Concern mounts over government cyber agency's struggle to respond to hack fallout
To date, the White House has offered few public details about what is believed to be the most significant cyber operation targeting the US in years. The lack of clarity has only raised more questions. Private cybersecurity firms have provided their own independent analysis in recent weeks, but the findings disclosed publicly so far have only scratched the surface of what occurred and how to address the ongoing threat.
https://www.cnn.com/2021/01/02/politics/hack-goverment-cyber-struggle-respond-fallout/index.html
Cyber attack on U.S. government may have started earlier than initially thought - U.S. senator
U.S. investigators originally thought that the attack on government agencies and private industry targets began in March or April, including breaches of Treasury, State, Commerce and Energy Departments. State-backed Russian hackers were identified as the suspects. Russia has denied involvement.“The initial burrowing in may have started earlier,” Democratic Senator Mark Warner of Virginia, who serves as Vice-Chair of the Senate Intelligence Committee told Reuters in an interview.
https://www.reuters.com/article/instant-article/idCAKBN29501K-OCATC
Cyber-Attack on US Laboratory
Apex Laboratory opened in 1997 and is based in Farmingdale, New York. The company has provided medical testing services to hundreds of home health agencies and thousands of physicians in New York and South Florida. [...] However, Apex discovered last month that the cyber-criminals behind the attack had stolen "personal and health information for some patients" and posted it online on their blog. Information believed to have been taken includes patient names, dates of birth, test results, and, for some individuals, Social Security numbers and phone numbers.
https://www.infosecurity-magazine.com/news/cyberattack-on-us-laboratory/
Experts from threat intelligence firm Cyble have found documents relating to Covid-19 vaccine of European Medicines Agency in the Darkweb
In the last months, security experts reported the surge of the illegal market for Covid-19 vaccines on the Darkweb market. [...] The experts shared screenshots of the internal email where the portal link was shared, the login page for the portal to access the reports, and images of internal pages. The documents also include the alleged assessment report of COVID-19 vaccine along with the summary report of drug release and stability.
https://securityaffairs.co/wordpress/112856/data-breach/covid-19-ema-docs-dark-web.html
More 2021 cybersecurity predictions: ‘Every service without MFA will suffer a breach’
We have one big prediction for 2021: COVID-19 will continue to dominate the cybersecurity landscape as fallout from the pandemic causes wide-ranging disruption to our digital lives — at work and at home.
- IoT devices pose a security risk for homes and businesses
- Public sector organizations will struggle against ransomware.
- Corporate networks shoring up vulnerabilities caused by the shift to remote work.
- Security teams will embrace automation to work smarter, not harder.
https://www.itworldcanada.com/article/more-2021-cybersecurity-predictions-every-service-without-mfa-will-suffer-a-breach/439430
The anatomy of a modern day ransomware conglomerate
Rather than relying on lone hackers who mastermind massive data breaches, or dark web forums frequented only by Russian scammers, today’s cybercriminals function as part of a kind of cooperative shadow industry that rewards innovation and reputation. It’s like an informal professional network in Silicon Valley, only based on extorting schools rather than generating engagement.
https://www.cyberscoop.com/ransomware-attack-schools-hospitals-egregor-sophos/
Biden aide calls SolarWinds top priority as new details emerge
SolarWinds will pose an early test of Biden’s relationship with Capitol Hill, as federal agencies face intense congressional scrutiny about their digital defenses. On Saturday, Sen. Richard Blumenthal (D-Conn.) tweeted that the government should “immediately” begin “declassifying [and] disclosing difficult facts” about the breach, hinting at the transparency issues that Biden will have to weigh once he takes office.
https://www.politico.com/newsletters/weekly-cybersecurity/2021/01/04/biden-aide-calls-solarwinds-top-priority-as-new-details-emerge-792539
T-Mobile data breach: ‘Malicious, unauthorized’ hack exposes customer call information
The hack, which was first reported on December 29, affected around 200,000 customers. Leaked data “may have” included customer phone numbers and other call-related information the telco “collected as part of the normal operation of your wireless service”, said T-Mobile. No financial data or sensitive personal information such as Social Security numbers was accessed.
https://portswigger.net/daily-swig/t-mobile-data-breach-malicious-unauthorized-hack-exposes-customer-call-information
CMMC: The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program
To scale up auditing, the department issued an interim rule Sept. 30 sanctioning a nonprofit group, the CMMC Accreditation Body, or CMMC-AB, to “accredit and oversee multiple third-party assessment organizations (C3PAOs) which in turn, will conduct on-site assessments of DoD contractors throughout the multi-tier supply chain.” The group raised eyebrows from the start. Instead of a formal process, the CMMC-AB was populated by volunteers from a meeting DOD held with industry stakeholders about the program.
https://www.nextgov.com/cybersecurity/2021/01/cmmc-dramatic-year-pentagons-contractor-cybersecurity-program/171084/
Israeli Firms Thwart '$100m Cyberattack' by China-linked Hackers [Subscription]
Two Israeli cybersecurity firms claim to have thwarted an attempted cybercrime attack against five of the world’s leading online gaming and gambling firms. The attackers, which the firms say are Chinese or linked to a Chinese hacker group, demanded over $100 million in ransom after encrypting data from the different companies, according to a case report study published Monday by Profero and Security Joes.
https://www.haaretz.com/israel-news/tech-news/.premium-israeli-firms-thwart-100m-cyberattack-by-chinese-hackers-1.9421595
Army Reserve gets its first cyber general
Newly promoted Brig. Gen. Robert Powell will serve as a deputy commanding general of cyber for the 335th Signal Command, specializing in overseeing the unit’s cyber activities, according to a news release from the Army. Powell has a long history in the Army Signal Corps and cyber-related units, most recently commanding the U.S. Army Reserve Cyber Protection Brigade from 2016 to 2019.
https://www.fedscoop.com/army-reserves-first-cyber-general/
Over 200 million records of Chinese Citizens for Sale on the Darkweb
Gong’an County is a county in southern Hubei province, People’s Republic of China, bordering Hunan to the south. It is under the administration of Jingzhou City. A threat actor is offering sample data of alleged 999 household registrations of Chinese citizens from Gong’an county as a proof of the hack. Data belonging 7.3 million Chinese citizens are available for sale, the records include Id, Sex, Name, Birth, Mobile, Address, and Code number.
https://securityaffairs.co/wordpress/112966/deep-web/chinese-citizens-data-darkweb.html
How To Attract Women To Work In Cybersecurity
In this article, we’re not looking at what the causes of this major gender-discrepancy might be. Instead, we’re offering a few simple steps for businesses in the Cyber Security industry to take, which can help attract more female staff.
1. Run Webinars
2. Launch a podcast on the topic
3. Create a Video of Women in the Field
4. Recruit Female College Grads
https://digitalmarketingstream.com/women-in-cyber/
Hacked home cams used to livestream police raids in swatting attacks
Hackers have livestreamed police raids on innocent households after hijacking their victims' smart home devices and making a hoax call to the authorities, the FBI has warned. It said offenders had even spoken to responding officers via the hacked kit. [...] The FBI said it believed the latest twist on the "prank" was able to be carried out because the victims had reused passwords from other services when setting up their smart devices.
https://www.bbc.com/news/technology-55499164
Non-profit founded by Gates Foundation suffers massive exposure of student records
Get Schooled, a New York-based charity suffered a data exposure that left records related to hundreds of thousands of students in an unsecured AWS bucket that was open and accessible from the internet. [...] “Mistakes do happen, but in this case the vast majority of this data is irrelevant and in cases where there is some relevancy in terms of young people that still engage with Get Schooled, at most you’re largely talking about slight potential for spam increases.”
https://www.scmagazine.com/home/security-news/student-college-non-profit-founded-by-gates-foundation-suffers-student-records-breach/
British Court Rejects U.S. Request to Extradite WikiLeaks' Julian Assange
In a hearing at Westminster Magistrates' Court today, Judge Vanessa Baraitser denied the extradition on the grounds that Assange is a suicide risk and extradition to the U.S. prison system would be oppressive. "I find that the mental condition of Mr. Assange is such that it would be oppressive to extradite him to the United States of America," judge Baraitser said in a 132-page ruling.
https://thehackernews.com/2021/01/british-court-rejects-us-request-to.html
2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud
Upheaval in staffing needs and continued dependence on a remote workforce will create fertile attack vector for criminals looking to exploit insider threats. Forrester researchers believe the remote-workforce trend will drive uptick in insider threats. They explain, already 25 percent of data breaches are tied to insider threats and in 2021that percentage is expected to jump to 33 percent. Forcepoint warns in 2021 the growth of an “insider-as-a-service” model.
https://threatpost.com/2021-cybersecurity-trends/162629/
Ticketmaster admits it hacked rival company before it went out of business
Ticketmaster has agreed to pay a $10 million criminal fine after admitting its employees repeatedly used stolen passwords and other means to hack a rival ticket sales company. [...] In the settlement, Ticketmaster admitted that an employee who used to work for a rival company emailed the login credentials for multiple accounts the rival used to manage presale ticket sales. At a San Francisco meeting attended by at least 14 employees of Ticketmaster or its parent company Live Nation, the employee used one set of credentials to log in to an account to demonstrate how it worked.
https://arstechnica.com/information-technology/2021/01/ticketmaster-pays-10-million-criminal-fine-for-hacking-a-rival-company/
|
