Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 11-12-2020

Ransomware Group Turns to Facebook Ads

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. [...] The ad was designed to turn the screws to the Italian beverage vendor Campari Group, which acknowledged on Nov. 3 that its computer systems had been sidelined by a malware attack. On Nov. 6, Campari issued a follow-up statement saying “at this stage, we cannot completely exclude that some personal and business data has been taken.” “This is ridiculous and looks like a big fat lie,” reads the Facebook ad campaign from the Ragnar crime group. “We can confirm that confidential data was stolen and we talking about huge volume of data.”



Malware Hidden in Encrypted Traffic Surges Amid Pandemic

In the first nine months of this year, Zscaler's cloud blocked an average of 773 million attacks per month where malware was hidden in encrypted traffic. Last year, that number was around 283 million. In the first nine months of this year, Zscaler blocked some 6.6 billion encrypted attacks. [...] Healthcare organizations were targeted more so than entities in other verticals and accounted for 1.6 billion, or over 25%, of all SSL-based attacks Zscaler blocked this year.


Warnings of Ransomware Activity Targeting the Healthcare Sector and Potential Sanctions for Making Ransomware Payments

CISA, FBI, and HHS recommend that healthcare organizations implement both ransomware prevention and ransomware response measures immediately, including taking steps to back up data. In addition to being a requirement under the HIPAA Security Rule, maintaining backups of ePHI is also key to combating a ransomware attack, because having a backup copy can save the victim from having to pay ransom to retrieve encrypted data.


COVID-19 Data-Sharing App Leaked Healthcare Worker Info

“Our analysis found that both of these versions of COVID-KAYA contain vulnerabilities disclosing data otherwise protected by ‘superuser’ credentials,” according to the report, written by Citizen Lab’s Pellaeon Lin, Jeffrey Knockel, Adam Senft, Irene Poetranto, Stephanie Tran, and Ron Deibert. Researchers point to two vulnerabilities that have since been patched—one in the COVID-KAYA web app and another in the Android app—that attackers could have exploited to expose sensitive data from the system.


Far More Companies Are Buying Cybersecurity Insurance

Other cyber hazards that risk managers are interested in insuring against, according to the study, include:

·        Bricking (when a cyberattack renders a device unusable) – 72%

·        Contingent business interruption – 72%

·        System failure – 70%

·        Funds transfer fraud – 66%

·        Social engineering – 66%

·        Internet media liability – 63%

·        Reputational harm – 60%


This risk threatens retirees’ nest eggs. Here’s how advisors are protecting them

Seniors are an especially tempting target for fraudsters, given the amount of wealth they may have accumulated by the time they’ve retired. “Older people aren’t necessarily targeted more, but they tend to lose so much more because they’ve saved so much,” said Kathy Stokes, director of AARP Fraud Prevention Programs. “These people are at an age where there is no way they will make up those losses,” she said.


Threats Observed in the (Swiss) Financial Sector

In conclusion the key similarity identified is that Ransomware, phishing, and to some extent supply chain attacks, remain the largest cyber security threats to financial organizations, regardless of their size or location. Secondly, an increase in observed cyberattacks occurred during the onset of the COVID-19 pandemic in March, independent of location. These similarities highlight the need for a more global information sharing infrastructure.


Banking Trojan Can Spy on Over 150 Financial Apps

Unlike other types of Android-focused malware, the Ghimob Trojan does not disguise itself as a legitimate app that is hidden within the official Google Play Store. Instead, the fraudsters attempt to lure victims into installing a malicious file through a phishing or spam email that suggests that the recipient has some kind of debt, according to the report. The message includes an "informational" link for the victim to click on, which starts the malware delivery.


Here are the IT and cyber experts helping with the Biden transition

Many of the transition officials served as career government employees or had experience as appointees in the Obama administration. Many come from legal, policy or management backgrounds. Here’s a thorough — but not necessarily exhaustive — list of transition officials with IT and cyber backgrounds, based on the volunteers’ public résumés:


DOD Must Expand Its Mission-Critical Cybersecurity Focus to Include Connected Weapons

Indeed, in a report released by the Government Accountability Office nearly two years ago, it was revealed that DOD security researchers gained access to nearly all major weapons systems currently in use and under development. Once, because the system was still using the default password visible through an open-source search. In another instance, researchers were able to disable an entire weapons system without detection, later to learn the system crashed so often on its own that it was difficult for officials to detect a breach.


'Don't weaponise the net' warns former NCSC cyber-chief Ciaran Martin

Ciaran Martin added that we "weaponise" and "militarise the internet at our peril". His remarks follow reports of the use of offensive cyber-techniques by nations, including the UK. Mr Martin said he was not a digital pacifist, but he urged restraint. "The case for cyber-restraint is a hard-headed one," he said in a lecture to the Strand Group, part of King's College. "A more secure digital environment is the best guarantor of safety and security for Western countries in the digital age."


Iranian scholar: Tehran carried out cyber attacks causing power outage in Israel

An Iranian Islamic scholar said in a recent sermon that Iran’s cyber force carried out two attacks against Israel this year, the recent one successfully targeting power plants in the Jewish state. In a video translated to English by the Middle East Media Research Institute (MEMRI) and released Wednesday, scholar Rahim Mahdavipour claimed that “Islamic Iran, as the primary and central headquarters of the resistance front, has unique assets and unique winning cards, thank God.


Ethical Hackers Breach All Major Platforms in Under 5 Minutes at Tianfu Cup Hackathon

While this year’s Pwn2Own event resulted in ethical hackers and security researchers earning over $136,000 for the vulnerabilities they exposed, the Tianfu Cup earnings have managed to go far beyond this with a total prize pool coming in at an astonishing $1.2 million. The security researchers in question had to expose as many vulnerabilities as possible within the span of five seconds, and all in all these hackers managed to breach 11 different platforms including iOS 14, Windows 10 and a Samsung Galaxy S20 that was running Android. Chrome and other browsers were also breached as well.


Apple's new requirement puts additional focus on consumer and data privacy

With the new policy, developers will have to identify all of the data they or their third-party partners collect, unless the data meets all of the criteria for optional disclosure listed. By collect, Apple refers to any data that is transmitted off the device in a way that allows developers or their third-party partners to access it for a period longer than what is necessary to service the transmitted request in real time. Third-part partners refers to all analytic tools, advertising networks, third-party SDKs, or other external vendors whose code developers have added to their app.


BYOD and Enterprise Apps: Balancing Security and Employee Privacy

If employees are going to use enterprise mobile apps on their own phones, enterprise IT needs to ensure these apps are secure. After all, cyber-criminals are well aware that valuable data is often stored unencrypted on smartphones. That data needs to be protected. [...] Considering potentially catastrophic reputation damage and the legal consequences that can arise from just a single breach, a complete mobile data protection solution isn’t just optional  — it’s mandatory.


Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers

It’s a big week for gamers across the globe, with imminent, dueling releases of Xbox Series X and PlayStation PS5. However, an army of retail bots threaten to drive prices up as much as three times the retail price, putting the coveted holiday gifts well out of reach of everyday fans.


Ring recalls 350,000 smart doorbells after some of them caught fire

The potential fire hazard impacts around 350,000 2nd generation Ring doorbells sold in the United States and roughly 8,700 more sold in Canada, according to a notice posted by the US Consumer Product Safety Commission (CPSC) on Tuesday. The $100 doorbells were sold on Ring's website and on Amazon (AMZN) between June 2020 and October 2020, according to the CPSC. "The video doorbell's battery can overheat when the incorrect screws are used for installation, posing fire and burn hazards," the notice said.


Bye-Bye, Ajit Pai: FCC Boss Will Soon Lose Top Spot

His trademark grin. The giant, oversized coffee mug. The time he ignored the public, killed net neutrality at the request of telecom lobbyists, then gleefully danced with a pizzagater thinking it made him look good. But with a Joe Biden win, Pai’s controversial tenure as head of the Federal Communications Commission (FCC) will soon be coming to an end.


You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

Add this Email to Your Address Book