Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 4-15-2021

Mike’s Office Hours: Get your InfoSec Questions Answered
Come get some free advice, see what other folks are asking, and stay for the news & jokes. You're invited to join me on Tuesday, April 20 at 11:30 PDT for an open-ended Q&A hour. All InfoSec topics are on the table and if no one comes with big questions, we'll be chatting about the latest news. Bring some good questions and let’s dive in.
https://cybersecurity.ci.security/mikes-office-hours-get-your-infosec-questions-answered-invite
 
Cash-Strapped Local Governments Turn to Students for Cybersecurity Help
The Public Infrastructure Security Cyber Education System, or Pisces, is working with colleges in the U.S. to provide network monitoring and threat detection to small public-sector organizations, who often don’t have the resources to patrol their own networks to identify when hackers may be inside their defenses. [...] Mr. Hamilton said that the project is planning to expand nationally, and has signed up Alabama A&M University as a participating college.
https://www.wsj.com/articles/cash-strapped-local-governments-turn-to-students-for-cybersecurity-help-11618392600
 
The FBI is remotely hacking hundreds of computers to protect them from Hafnium
In what’s believed to be an unprecedented move, the FBI is trying to protect hundreds of computers infected by the Hafnium hack by hacking them itself, using the original hackers’ own tools. [...] “The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path),” explains the US Justice Department.
https://www.theverge.com/2021/4/13/22382821/fbi-doj-hafnium-remote-access-removal-hack
 
A Tale of 3 Data 'Leaks': Clubhouse, LinkedIn, Facebook
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
https://www.bankinfosecurity.com/tale-3-data-leaks-clubhouse-linkedin-facebook-a-16384
 
Fake Johns Hopkins Medicine Facebook account spreads false job listings
The account impersonating Johns Hopkins Medicine was created last November. At least 10 posts have been made, and there have been at least four claiming to share job openings at the health system, according to AFT Fact Check, which cites data provided by social media-monitoring tool CrowdTangle.
https://www.beckershospitalreview.com/workforce/fake-johns-hopkins-medicine-facebook-account-spreads-false-job-listings.html
 
Is cyber insurance a good investment? What healthcare CISOs and CIOs should know
Cyber insurance can be critical for healthcare organizations as efforts to recover quickly from security incidents are a must in order to avoid severe impacts on the ability to diagnose and treat patients. Cyber insurance provides the impacted organizations with the necessary resources to recover to normal operations quickly.
https://www.healthcareitnews.com/news/cyber-insurance-good-investment-what-healthcare-cisos-and-cios-should-know
 
Millions of connected devices have security flaws, study shows
Millions of “internet of things” devices using software from groups including Siemens and Microsoft contain security flaws that could be used to compromise government servers or hospitals, new research has found. [...] While it is unclear whether hackers have ever made use of the flaws, researchers described it as only a “matter of time” before they are exploited unless urgent action is taken to update systems — a warning backed by the US Cybersecurity and Infrastructure Security Agency (CISA). 
https://www.ft.com/content/0bf92003-926d-4dee-87d7-b01f7c3e9621
 
DOL Unveils Cybersecurity Guidance for Recordkeepers, Fiduciaries
The DOL's Employee Benefits Security Administration issued guidance April 14 on cybersecurity best practices for recordkeepers, plan sponsors and fiduciaries, participants and beneficiaries. [...] The guidance comes in three forms: cybersecurity program best practices for recordkeepers and other service providers, tips for plan sponsors on selecting a service provider, and general online security tips.
https://www.napa-net.org/news-info/daily-news/dol-unveils-cybersecurity-guidance-recordkeepers-fiduciaries
 
Two Key Areas of Cybersecurity Vulnerability in Manufacturing
79% of companies have implemented smart technologies on their processing lines, 64% on their assembly lines, and 60% at end-of-line packaging, according to recent survey data. [...] Industry 4.0 and IIoT technologies provide the opportunity for manufacturing companies to utilize the power of smart machines and real-time data analysis. Each wirelessly connected I/O (input/output) point creates new vulnerabilities of entry for cybercriminals.
https://www.automationworld.com/home/article/21378300/cybersecurity-vulnerabilites-in-manufacturing-two-key-areas
 
Intelligence leaders push for mandatory breach notification law
“The reality is that adversaries try to use U.S. infrastructure for a variety of reasons,” Wray testified. “The private sector controls 90 percent of the infrastructure and an even higher percentage of our PII [personally identifiable information] and innovation. It has the key dots as part of the overall connecting of the dots phenomenon.”
https://thehill.com/policy/cybersecurity/548289-officials-push-for-breach-notification-deterrence-measures-following
 
We need more federal guidance on mobile IT security
Not only are many more proprietary and/or sensitive communications now being transmitted over public telecommunications lines, but a vastly greater proportion of government work must now be conducted using the employees’ own personal hardware and software.
https://fcw.com/articles/2021/04/12/mobile-security-guidance.aspx
 
US military to blend electronic warfare with cyber capabilities
“I think that the capabilities inherent in the jamming pod are going to open up a wide, wide array of not only jamming techniques, ranges, effective radiated power, but also taking us into other areas that we’ve never really had the ability to do before.”
https://www.c4isrnet.com/electronic-warfare/2021/04/14/us-military-to-blend-electronic-warfare-with-cyber-capabilities/
 
Cyber sabotage isn't the way to resolve the Iran nuclear issue
This observation suggests that it's actually Israel and not Iran that should pay more attention to its own actions. Instead of placing its trust in the same United Nations that's responsible for Israel's own existence, it was accused of unilaterally going behind the back of its international partners to engage in what Iran dramatically described as "nuclear terrorism."
https://news.cgtn.com/news/2021-04-14/Cyber-sabotage-isn-t-the-way-to-resolve-the-Iran-nuclear-issue-Zr0QEJAsVi/index.html
 
China Poses Biggest Threat to U.S., Intelligence Report Says
The report does not predict a military confrontation with either Russia or China, but it suggests that so-called gray-zone battles for power, which are meant to fall short of inciting all-out war, will intensify with intelligence operations, cyberattacks and global drives for influence.
https://www.nytimes.com/2021/04/13/us/politics/china-national-security-intelligence-report.html
 
A Post-Data Privacy World and Data-Rights Management
Ultimately, the issue of data privacy will start to evolve into a “data-rights management” movement, meaning that it will become more about how the personal data is used and what monetization results from the data. Questions that are arising now include how will citizens be incentivized, even paid, for the use of their data if it’s going to be used for marketing purposes? Are we entering a world of ‘renting’ our data?
https://threatpost.com/data-privacy-data-rights-management/165402/
 
Inference attacks: How much information can machine learning models leak?
The widespread adoption of machine learning models in different applications has given rise to a new range of privacy and security concerns. Among them are ‘inference attacks’, whereby attackers cause a target machine learning model to leak information about its training data. However, these attacks are not very well understood and we need to readjust our definitions and expectations of how they can affect our privacy.
https://portswigger.net/daily-swig/inference-attacks-how-much-information-can-machine-learning-models-leak
 
Joker malware infects over 500,000 Huawei Android devices
More than 500,000 Huawei users have downloaded from the company’s official Android store applications infected with Joker malware that subscribes to premium mobile services. Researchers found ten seemingly harmless apps in AppGallery that contained code for connecting to malicious command and control server to receive configurations and additional components.
https://www.bleepingcomputer.com/news/security/joker-malware-infects-over-500-000-huawei-android-devices/
 
CISA Urges Caution for Security Researchers Targeted in Attack Campaign
In a notice on the attacks, CISA recommends cybersecurity practitioners review reports and updates from Google, Microsoft, and CISA on the attack campaign. The notification also encourages researchers to use sandbox environments that are isolated from trusted systems or networks when examining untrusted code or websites.
https://www.darkreading.com/perimeter/cisa-urges-caution-for-security-researchers-targeted-in-attack-campaign/d/d-id/1340680
 
Spy agency GCHQ told me Gmail's more secure than Microsoft 365, insists British MP as facepalming security bods tell him to zip it
Conservative MP Tom Tugendhat has publicly claimed GCHQ sources told him Gmail was more secure than Parliament’s own Microsoft Office 365 deployment – but both Parliament and a GCHQ offshoot have told him to stop being silly.
https://www.theregister.com/2021/04/14/tom_tugendhat_email_security_outburst/

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


We host NEVER BORING free security awareness training every other Friday.
Register and/or send your colleagues and friends. Let's educate users together! 

Add this Email to Your Address Book





unsubscribe