Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 1-18-2021

Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine
Data unlawfully accessed by the hackers “included internal/confidential email correspondence dating from November, relating to evaluation processes for COVID-19 vaccines,” the European Medicines Agency based in Amsterdam said in a statement. “Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines.”
https://arstechnica.com/information-technology/2021/01/hackers-alter-stolen-regulatory-data-to-sow-mistrust-in-covid-19-vaccine/
 
Successful Malware Incidents Rise as Attackers Shift Tactics
For example, while attack trends in previous years showed attackers generally targeted users on weekdays to catch them working from their office environment, when most employees moved to working from home, attackers began shifting to weekend attacks. At their peak, Wandera's data shows that 6% more attacks happened on Saturdays than any other day, the report states.
https://www.darkreading.com/threat-intelligence/successful-malware-incidents-rise-as-attackers-shift-tactics/d/d-id/1339912?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
 
Ransomware attacks now to blame for half of healthcare data breaches
Almost half of all data breaches in hospitals and the wider healthcare sector are as a result of ransomware attacks according to new research. Ransomware gangs are increasingly adding an extra layer of extortion to attacks by not only encrypting networks and demanding hundreds of thousands or even millions of dollars in bitcoin to restore them, but also stealing sensitive information and threatening to publish it if the ransom isn't paid.
https://www.zdnet.com/article/ransomware-attacks-now-to-blame-for-half-of-healthcare-data-breaches/
 
Excellus will pay $5.1M to OCR after data breach affects 9.3M people
This included names, addresses, dates of birth, email addresses, Social Security numbers, bank account information, health plan claims and clinical treatment information, according to OCR. [...] OCR’s investigation found potential violations of HIPAA rules, including failures to implement risk management, information system activity review, access controls and a failure to conduct an enterprise-wide risk analysis.
https://www.healthcareitnews.com/news/excellus-will-pay-51m-ocr-after-data-breach-affects-93m-people
 
Proactive vs. reactive cyber security strategies in maritime
Due to digitalisation in the industry and the convergence of IT and OT, there is now a focus on extracting key data from OT systems, sending it to the cloud, so that data analytics can be carried out in real-time. Such digital developments have created an additional level of risk for shipping companies to consider and have transformed vessels into remote offices more than ever before.
https://www.hellenicshippingnews.com/proactive-vs-reactive-cyber-security-strategies-in-maritime/
 
Manufacturing sector is increasingly a target for adversaries.
Manufacturing relies on ICS to scale, function, and ensure consistent quality control and product safety. It provides crucial materials, products, and medicine and is classified as critical infrastructure. Due to the interconnected nature of facilities and operations, an attack on a manufacturing entity can have ripple effects across the supply chain that relies on timely and precise production to support product fulfillment, health and safety, and national security objectives.
https://thecyberwire.com/podcasts/research-saturday/166/notes
 
Another Court Holds a Third-Party Cyber Forensics Report as NOT Privileged
The court explained: For many organizations, surely among them law firms that handle sensitive materials, discovering how a cyber breach occurred is a necessary business function regardless of litigation or regulatory inquiries. There is a need to conduct an investigation . . . in order to figure out the problem that allowed the breach to occur so that the organization can solve that problem and ensure such a breach cannot happen again.
https://www.jdsupra.com/legalnews/another-court-holds-a-third-party-cyber-7642526/
 
Cyber ‘Deterrence’: A Brexit Analogy
Whatever other improvements that have been made in Western cyber security in the past few years, and there have been many, deterring hostile state attackers has not been one of them. “Imposing costs” has become the “Brexit means Brexit” of the cyber domain: a catchy, useful political slogan devoid of meaning, substance and—consequently—impact.
https://www.lawfareblog.com/cyber-deterrence-brexit-analogy
 
Biden-Harris Admin Proposes $10B in New IT and Cyber Funding for Federal Agencies
“A $9 billion investment will help the U.S. launch major new IT and cybersecurity shared services at the Cyber Security and Information Security Agency and the General Services Administration and complete modernization projects at federal agencies,” according to the fact sheet.
https://www.nextgov.com/it-modernization/2021/01/biden-harris-admin-proposes-10b-new-it-and-cyber-funding-federal-agencies/171446/
 
Cyberattack Attribution as Empowerment and Constraint
Under domestic US law, attributing a cyberattack to a particular state bolsters the authority of the executive branch to take action. [...] Attribution to one of these congressionally designated sources of attack ensures that the executive branch need not rely solely on the president’s independent constitutional authority as commander in chief when responding, but instead can act with the combined authority of Congress and the president.
https://www.lawfareblog.com/cyberattack-attribution-empowerment-and-constraint
 
Iranian cyberspies behind major Christmas SMS spear-phishing campaign
"The group started the new round of attacks at a time when most companies, offices, organizations, etc. were either closed or half-closed during Christmas holidays and, as a result, their technical support and IT departments were not able to immediately review, identify, and neutralize these cyber incidents," it added.
https://www.zdnet.com/article/iranian-cyberspies-behind-major-christmas-sms-spear-phishing-campaign/
 
Switching to Signal? Turn on these settings now for greater privacy and security

  • Screen Lock (iOS and Android): Means you have to enter your biometrics (Face ID, Touch ID, fingerprint or passcode) to access the app
  • Enable Screen Security (iOS) or Screen Security (Android): On the iPhone this prevents data previews being shown in the app switcher, while on Android it prevents screenshots being taken
  • Registration Lock (iOS and Android):  Requires your PIN when registering with Signal (a handy way to prevent a second device being added)
  • Incognito Keyboard (Android only): Prevents the keyboard from sending what you type to a third-party, which might allow sensitive data to leak

https://www.zdnet.com/article/switching-to-signal-turn-on-these-settings-now-for-greater-privacy-and-security/
 
NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers
"DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by using HTTPS to provide privacy, integrity, and 'last mile' source authentication with a client's DNS resolver," according to the NSA's new guidance. Proposed in 2018, DoH is a protocol for performing remote Domain Name System resolution via the HTTPS protocol.
https://thehackernews.com/2021/01/nsa-suggests-enterprises-use-designated.html
 
Every Video Ever Posted to Parler Is Now Available to Download
Masked men with computer altered voices talk over clips of news while talking about the coming storm. A woman painfully details why she believes the COVID-19 vaccine will turn us all into passive mutants. A woman talking directly to the camera with a Snapchat filter that gives her puppy ears and big anime eyes talks about confronting a woman at Wal-Mart about masks.
https://www.vice.com/en/article/5dpkvx/every-video-ever-posted-to-parler-is-now-available-to-download

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe