Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 5-20-2020

EasyJet reveals cyber-attack exposed 9m customers' details

The company said on Tuesday that email addresses and travel details were accessed and it would contact the customers affected. Of the 9 million people affected, 2,208 had credit card details stolen, easyJet told the stock market. No passport details were uncovered. Those customers whose credit card details were taken have been contacted, while everyone else affected will be contacted by 26 May.

https://www.theguardian.com/business/2020/may/19/easyjet-cyber-attack-customers-details-credit-card

 

Arkansas, Illinois COVID-19 unemployment websites leak data

Experts say the hurried pace of setting up these digital services could very well have resulted in glitches and overlooked gaps in security. [...] “Unfortunately, in this case, citizen PII was potentially compromised and now these states will spend hundreds of thousands of dollars in forensics investigations to identify the extent of, and remediate, the damage.”

https://www.scmagazine.com/website-web-server-security/arkansas-illinois-covid-19-unemployment-websites-leak-data/

 

Cyberattackers now launching malware in hospital networks more quickly

While attackers typically take more time to rummage through an organization's data before inflicting malware, they are seizing the opportunity that has arisen with healthcare providers, who need data back right away during the pandemic to continue operations and treating patients.

https://www.beckershospitalreview.com/cybersecurity/cyberattackers-now-launching-malware-in-hospital-networks-more-quickly.html

 

How the Pharma industry can mitigate digital risks as criminals leverage Emotet during Covid-19

Not only are pharmaceutical organisations faced with the challenge of remote working, they are currently working to combat the spread of Covid-19 by racing to create the first vaccine to the novel virus. Cybercriminals are capitalizing on this chaos by stealing research and IP, and distributing ransomware to freeze organizations out of their own research.

http://www.itnewsonline.com/realwire/How-the-Pharma-industry-can-mitigate-digital-risks-as-criminals-leverage-Emotet-during-Covid-19/24316

 

Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials

The attack is different than a typical credential harvester in that it attempts to trick users into granting permissions to the application, which can bypass MFA, he said. MFA is used as back-up security to a user’s password in case the password is compromised and is meant to protect an account in such a scenario. “This is not the first time the tactic has been observed, but it’s a stark reminder that phishing isn’t going to be solved by multi-factor authentication,” Hernandez noted.

https://threatpost.com/phishing-campaign-allows-for-mfa-bypass-on-office-365/155864/

 

Financial gain trumps espionage as top motivator in cyber attacks: report

About nine out of 10 breaches were financially motivated, based on an examination of more than 32,000 incidents and nearly 4,000 confirmed break-ins in 81 countries, the report said. Verizon Business 2020 Data Breach Investigations Report found that confirmed data breaches doubled from the prior year. As the coronavirus pandemic has forced people indoors, cyber attacks on businesses are expected to climb.

https://www.reuters.com/article/us-cybersecurity-verizon/financial-gain-trumps-espionage-as-top-motivator-in-cyber-attacks-report-idUSKBN22V0DB?il=0

 

Organizations need to create a long term WFH security strategy

Often without the input of the security team, working from home phase 1 is slowly fading as organizations now ramp up for phase 2 to create a long term cybersecurity strategy. Mike Hamilton, former CISO of Seattle and Co-Founder of cybersecurity firm, CI Security, is working directly with municipalities, hospitals, financial services and other organizations to create this phase 2 long term security strategy that protects both the employees and the organization itself.

http://www.digitaljournal.com/tech-and-science/technology/organizations-need-to-create-a-long-term-wfh-security-strategy/article/571603

 

FS-ISAC Warns that Cyberattacks Against Financial Services Firms Increased Substantially in Response to COVID-19 Mitigation Efforts

According to FS-ISAC, it identified a more than one-third increase in phishing attempts by cybercriminals against financial firms during the first quarter of 2020.  FS-ISAC noted that much of this increase appears related to attempts to exploit vulnerabilities created by firms adopting remote work arrangements to combat the pandemic and the use of fraudulent pandemic aid sites.

https://iclg.com/briefing/12418-fs-isac-warns-that-cyberattacks-against-financial-services-firms-increased-substantially-in-response-to-covid-19-mitigation-efforts

 

Cyber Virus Stealing Credit Card Details Using COVID-19 Information: CBI

The Trojan virus contacts smartphone users via text messages and asks to click on a link saying it will provide COVID-19 updates. When clicked, the link installs a malicious application on their phones, which extracts sensitive financial data. "Based on inputs received from INTERPOL, the CBI has issued an alert relating to a banking Trojan known as Cerberus.

https://www.ndtv.com/india-news/cerberus-coronavirus-malicious-software-stealing-financial-data-using-covid-information-cbi-2231652

 

Five things you need to know about cyber war

Military units today give off a huge electronic signature, an issue revealed in recent drills in the US. So while military units can hide, they now have so many systems, such as tablets used to control drones or active protection systems on tanks, that these systems may be vulnerable in the field. Electronic warfare and jamming signals is a major part of disrupting armies today. The number of reported cyber incidents has increased every year.

https://www.jpost.com/middle-east/five-things-you-need-to-know-about-cyber-war-628533

 

Why The Largest Cyberattack In History Could Happen Within Six Months

So hundreds of millions of folks are using personal laptops–on unsecured home internet connections–to access work files. Many of which likely contain confidential information and personal data. This is a dream come true for cyber criminals. Hackers only need to gain access through one entry point to seize control of a whole network. Once they’re in they can steal data, secrets, and even lock you out of the network.

https://www.forbes.com/sites/stephenmcbride1/2020/05/14/why-the-largest-cyberattack-in-history-will-happen-within-six-months/#1b287132577c

 

Chinese hackers seen behind cyberattack on easyJet: sources

Hacking tools and techniques used to access the travel records of millions of customers of Britain’s easyJet (EZJ.L) point to a group of suspected Chinese hackers thought to be behind multiple attacks on airlines in recent months, two people familiar with the investigation said. [...] The two people with knowledge of the investigation, who spoke on condition of anonymity, said the attack appeared to be part of a series by suspected Chinese hackers aimed at the bulk theft of travel records and other data.

https://www.reuters.com/article/us-easyjet-cyber-china/chinese-hackers-seen-behind-cyberattack-on-easyjet-sources-idUSKBN22V23S

 

DPRK Cyber Crime Group Increasingly Active in S Korea

According to ESTsecurity, the primary targets of the cyberattacks are cryptocurrency traders, exchanges and others who work in the field, but the hacking group is also said to be engaging in cyber-espionage operations and online banking hacks, among other activities designed to generate foreign currency. In some cases, Lazarus has been sending emails containing malicious files disguised as blockchain development contracts and hiring documents [.]

https://www.regulationasia.com/north-korea-cyber-crime-group-increasingly-active-in-south-korea/

 

To Protect Privacy, IoT Regulations Must Have Consequences

The Australian initiatives are similar to those put forward in other jurisdictions such as the UK, the European Union, and the US. [...] Several are considering including a label on IoT or connected devices to make consumers aware of the risks. But honestly, I do not believe that leaving it up to people to make security and privacy decisions will be very effective, because whenever security or privacy gets in the way people just look for ways to get around it.

https://www.cpomagazine.com/data-protection/to-protect-privacy-iot-regulations-must-have-consequences/

 

Congressional Bills Target COVID-19 Contract Tracing App Privacy

A group of Congressional Democrats proposed privacy legislation designed ensure the privacy and security of proposed COVID-19 contact tracing apps. Senate Republicans released a competing privacy bill earlier in May, which will open the debate on how lawmakers will secure the privacy of users. Unveiled on May 14, The Public Health Emergency Privacy Act is spearheaded by Sens. Mark Warner, D-Virginia and Richard Blumenthal, D-Connecticut. Warner co-founded the Senate Cybersecurity Caucus in 2016, while both have actively pushed for tighter privacy restrictions.

https://healthitsecurity.com/news/congressional-bills-target-covid-19-contract-tracing-app-privacy

 

ADT Employee Had Access to Hundreds of Home Security Camera Streams, Lawsuit Alleges

Two federal class-action lawsuits have been filed on behalf of the customers, The Dallas Morning News reports. The employee was able to add his email address to customers’ accounts during home-service visits, according to the company. With his email address added to the accounts, he was then able to use the company’s mobile app to snoop on in-home security cameras. “Moments once believed to be private and inside the sanctity of the home are now voyeuristic entertainment for a third party,” the lawsuits state.

https://www.thedailybeast.com/adt-employee-had-access-to-hundreds-of-home-security-camera-streams-lawsuit-alleges

 

7 Security Pros: What My Nontraditional Background Brings to the Job [Slideshow]

Dark Reading recently caught up with a handful of cybersecurity professionals with unconventional backgrounds to talk about their past job experiences and nontech degrees. Here's how they think their nontraditional training helps them in their daily cybersecurity work.

https://www.darkreading.com/careers-and-people/7-security-pros-what-my-nontraditional-background-brings-to-the-job/d/d-id/1337834

 

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices

The bugs allow Bluetooth Impersonation Attacks (BIAS) on everything from internet of things (IoT) gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne (EPFL) in France. The flaws are not yet patched in the specification, though some affected vendors may have implemented workarounds. [...] For the attacks to be successful, an attacking device would need to be within wireless range of a vulnerable Bluetooth device that has previously established bonding with a remote device with a Bluetooth address known to the attacker.

https://threatpost.com/bluetooth-bugs-impersonation-devices/155886/

 

Insider threat? Pffft. Hackers on the outside are the ones mostly making off with your private biz data, says Verizon

The report revealed attacks involving malware infections dropped from almost half of all security breaches in 2016 to a “historical low” today, with criminals preferring phishing and siphoning off credentials, instead. Well, mostly. “We see on a per industry basis, in the education sector for example, ransomware is the dominant attack variety; credential theft, though, is more popular in attacks on retailers,” commented Schlager.

https://www.theregister.com/2020/05/19/verizon_data_breach_report/

 

Facebook's new shopping AI knows what exactly you're looking for

Typically, machine vision systems are only adept at picking out one type of object (ie, a chihuahua vs. a blueberry muffin) so a system designed to recognize various styles of shoe is going to struggle with identifying specific models of SUVs. But unlike other machine vision systems, GrokNet is robust enough to do so whether you show it a picture of the newest Yeezys or a red leather sectional sofa.

https://www.engadget.com/facebook-groknet-ai-shopping-marketplace-184017677.html

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe