Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 11-18-2020

Tomorrow: Healthcare Managed Security Services Forum, Thursday, Nov. 19 - 5 VIP Tickets left!
The Healthcare Managed Security Services Forum will be held virtually Tomorrow (11/19/2020), and we have 5 VIP passes for any CI Security friends interested in attending ($50 value). At 9:30 AM PT, I will be presenting a keynote on “Going it Alone vs. Extending your Team” for 30 minutes. Immediately thereafter (10 AM PT/1 PM ET), Healthcare Executive Strategist Drex DeFord will be moderating a panel of healthcare security experts, including long-time ally CISO Ben Smith, on the topic of “Catch intruders in minutes not months.” Interested? Use the link below – the first five to RSVP will be admitted as VIP guests with CI Security.
https://www.eventbrite.co.uk/e/healthcare-managed-security-services-forum-tickets-122406026721?discount=CIVIP
 
Over 80,000 ID Cards and Fingerprint Scans Exposed in Cloud Leak
A US-based used electronics retailer has exposed over 2.6 million files, including ID cards and biometric images, after a misconfigured AWS S3 bucket was discovered. [...] A random scan for server vulnerabilities led to the discovery of the wide open S3 bucket on October 12 2020. The company itself appeared to be shuttered, with an invalid contact email and its website offline, but Website Planet contacted AWS two days later and the issue was eventually remediated.
https://www.infosecurity-magazine.com/news/80000-id-cards-fingerprint-exposed/
 
Lessons Learned from the Universal Health Services Cyber Attack
Sometimes you can catch a problem before it happens. If you are a health care provider and use Salesforce, as do many of our clients, we recommend using data monitoring products tailored to that program such as Salesforce Shield or FairWarning. Products like these have settings designed to notify administrators if there is any unusual or unauthorized activity, helping prevent breaches from ever happening. But no software is perfect. Every system needs a human element with team members focused on various responsibilities to prevent breaches as well as proper and early reporting when a breach occurs.
https://www.medicaleconomics.com/view/lessons-learned-from-the-universal-health-services-cyber-attack
 
Russia denies Microsoft claims of healthcare cyber attacks
Moscow on Tuesday vehemently rejected claims by Microsoft that Russia was behind cyber attacks on companies researching coronavirus vaccines and treatments, saying it was being made a scapegoat. Russian Deputy Foreign Minister Sergei Ryabkov told state news agency RIA Novosti it had become “politically fashionable” to pin the blame for cyber attacks on Moscow. [...] Ryabkov also claimed that Russian companies themselves were frequently becoming targets of foreign cyber attacks.
https://www.macaubusiness.com/russia-denies-microsoft-claims-of-healthcare-cyber-attacks/
 
Cyberthreat against hospitals 'persistent' with quick activation, feds warn
"Based upon the accelerated attack cycle identified in this notice, it is recommended that organizational leaders incorporate in their incident response contingency plans a very short time to react to a compromise and make possible critical containment decisions, such as shutting down key IT services and networks," said John Riggi, American Hospital Association senior advisor for cyber and risk in an AHA news report.
https://www.beckershospitalreview.com/cybersecurity/cyberthreat-against-hospitals-persistent-with-quick-activation-feds-warn.html
 
Check, Please! Adding up the Costs of a Financial Data Breach
Costs will be wide-ranging depending on the scale of each breach, but at a minimum, there will be financial penalties, costs for audits to understand why the incident happened and what additional protocols and solutions need to be implemented to prevent it from happening in the future. There could also be huge costs involved for reimbursing customers who may have been affected by the breach in turn.
https://securityboulevard.com/2020/11/check-please-adding-up-the-costs-of-a-financial-data-breach/
 
COVID-19 Amps Up Financial Vertical’s Cybersecurity Risk
[Concern] about VPN exploitation skyrocketed, with 94% of respondents naming it a top cybersecurity risk, Netwrix found. Worry about supply chain compromise also soared, from 50% to 97%. And the number of organizations prioritizing deliberate data theft more than doubled, from 30% pre-pandemic to 70% now. At the same time, fear about accidental data sharing dropped from 80% to 50%.
https://www.channelfutures.com/mssp-insider/covid-19-amps-up-financial-verticals-cybersecurity-risk
 
5 ways banks can guard against internal cyber threats
“Banks’ primary concern is they don't want to be on the front page of any newspaper” said Shareth Ben, executive director of insider-threat and cyber-threat analytics at Securonix. He worked with Morgan Stanley after a 2014 insider breach in which one of its financial advisers posted information about 350,000 clients on the website Pastebin. [...] Experts recommend five deterrent measures: closely monitor privileged users, track data flows with special analytics tools, toughen security policies, offer employees more technical and personal support and teach them about security.
https://www.americanbanker.com/news/5-ways-banks-can-guard-against-internal-cyber-threats
 
Cybercrime is maturing. Here are 6 ways organizations can keep up
Combine various approaches to increase cyber resilience: a proper combination of risk and crisis management helps companies to prepare for any emergency situations and mitigate the consequences successfully. A risk-oriented approach involves the introduction of pre-emptive measures and the definition of potential threats, while crisis management practices and recovery roadmaps make it possible to effectively respond to a crisis.
https://www.weforum.org/agenda/2020/11/how-to-protect-companies-from-cybercrime/
 
Cyberattack disruption could last for months, says council
"Some of our services may be unavailable or disrupted for months," the council said, but added that some previously affected services have either been fully or partially restored, or the council's teams have created new or temporary ways for residents to access them. "In non-critical areas some of our services have been slower than usual, and we are not currently able to respond to all requests and enquiries as well as we normally would," the council said.
https://www.zdnet.com/article/cyber-attack-disruption-could-last-for-months-says-council/
 
Two Challenges Government Cybersecurity Needs to Address
And as significant as that cost is for most state and local governments, it doesn't begin to account for the disruption to citizen services and damage to citizen confidence when a government organization is out of commission for days or weeks. Many of the state government security breaches over the past decade — and even the recent wave of ransomware events targeting state and local governments — can be directly attributed to funding gaps associated with tech debt.
https://www.governing.com/security/Two-Challenges-Government-Cybersecurity-Needs-to-Address.html
 
Army Hires Company To Develop Cyber Defenses For Its Strykers After They Were Hacked
It remains unclear exactly how the Stryker Dragoon, also referred to as the Infantry Carrier Vehicle-Dragoon (ICV-D), or other variants in that family of vehicles are vulnerable to cyber attacks and how Shift5's kit will help protect against or otherwise mitigate those threats.
https://www.thedrive.com/the-war-zone/37684/army-hires-company-to-develop-cyber-defenses-for-its-strykers-after-they-were-hacked
 
Russian economy set to lose $44 billion to cyber crime in 2020 - Sberbank
Sberbank, Russia’s largest lender with nearly 100 million active clients, said the country’s economic damage from cyber crime may double in 2021. “On average, we have to deal with 26 billion cybersecurity events every day.” [...] The number of crimes linked to bank cards in Russia has shot up 500% this year, interior ministry data showed in October. Sberbank has said it has a 100% success rate in repelling cyber attacks.
https://in.reuters.com/article/russia-cyber-sberbank/russian-economy-set-to-lose-44-billion-to-cyber-crime-in-2020-sberbank-idINKBN27X223
 
More than 200 systems infected by new Chinese APT 'FunnyDream'
The attacks have primarily targeted Southeast Asian governments. While Bitdefender has not named any victim countries, a report published earlier this spring by fellow security firm Kaspersky Lab has identified FunnyDream targets in Malaysia, Taiwan, and the Philippines, with the most victims being located in Vietnam.
https://www.zdnet.com/article/more-than-200-systems-infected-by-new-chinese-apt-funnydream/
 
The Cybersecurity 202: The next big disinformation fight is coming – over coronavirus vaccines [Subscription]
But such claims are already swirling online about promising vaccines from Moderna and Pfizer that could be available on a limited basis before the end of the year, experts who track disinformation campaigns told me. They include unfounded claims the vaccines aren’t sufficiently tested, that they’ll produce damaging side effects and that they’re being secretly funded by billionaires such as George Soros and Bill Gates.
https://www.washingtonpost.com/politics/2020/11/17/cybersecurity-202-next-big-disinformation-fight-is-coming-over-coronavirus-vaccines/
 
US Army-Funded Algorithm Decodes Brain Signals
The research is part of an effort to establish a machine-brain interface. Eventually, Krim said, this research may contribute to the development of technology that can not only interpret signals from the brain but also send signals back to help individuals take automatic corrective action for certain behaviors, he added.
https://www.defenseone.com/technology/2020/11/us-army-funded-algorithm-decodes-brain-signals/170102/
 
Microsoft introduces Pluton security chip for future Windows PCs
Pluton is designed to block new and emerging attack vectors to keep PCs secure. This chip makes it more difficult for hackers to launch hardware attracts and extra sensitive data from the system. In current systems, TPMs are separated from CPUs. Attackers steal information that flows between a TPM and CPU if they get physical access to the system. In Pluton, this won’t be possible.
https://techlomedia.in/2020/11/microsoft-introduces-pluton-security-chip-for-future-windows-pcs-79192/
 
Amazon Ring Doorbell Hacked in Florida Swatting Incident
In a Florida suburb Friday afternoon, local law enforcement received a call from a man confessing to hoarding explosives and killing his wife after seeing her cheat on him. Seemingly distraught, he gave them a play-by-play of the chaos unraveling. However, the crime didn't happen. The call was made by someone who hacked into his Ring surveillance camera.
https://www.vice.com/en/article/n7vndw/amazon-ring-doorbell-hacked-in-florida-swatting-incident
 
Israeli spyware maker NSO channels Hollywood spy thrillers in appeal for legal immunity in WhatsApp battle
Which is all very entertaining but WhatsApp sees things differently: it is sick of NSO Group developing software that exploits security vulnerabilities in its chat application to compromise people's phones, and then selling that software to authoritarian regimes to remotely hijack and snoop on devices.
https://www.theregister.com/2020/11/17/israeli_hacking_group_goes_hollywood/
 
59 security experts reject Trump’s election fraud claims as 'incoherent'
“We are aware of alarming assertions being made that the 2020 election was ‘rigged’ by exploiting technical vulnerabilities,” wrote the group of experts, which included Matt Blaze, a cryptologist and professor at Georgetown University, and Alex Stamos, the former security chief at Facebook. “However, in every case of which we are aware, these claims either have been unsubstantiated or are technically incoherent.”
https://www.cyberscoop.com/election-security-experts-trump-voter-fraud-baseless/
 
Dating Site Bumble Leaves Swipes Unsecured for 100M Users
After a taking closer look at the code for popular dating site and app Bumble, where women typically initiate the conversation, Independent Security Evaluators researcher Sanjana Sarda found concerning API vulnerabilities. These not only allowed her to bypass paying for Bumble Boost premium services, but she also was able to access personal information for the platform’s entire user base of nearly 100 million.
https://threatpost.com/dating-site-bumble-swipes-unsecured-100m-users/161276/

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe