Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 11-11-2020

[WEBINAR] Talking Turkey: How to Get Enterprise-Level Security on a Budget – presented by Datec and CI Security

Tis the season to present annual budget requests, and we have a proven method to help you get the budget you need for the security program you deserve.  Join CI Security Founder and former Seattle CISO, Michael Hamilton and Datec Security Expert and Former BECU CISO, Kyle Welsh, CISSP, on Thursday, November 19th, at 4 PM PT, for an informative discussion. The first 10 registrants who also attend the event will win a hickory smoked turkey – and we’ll have a grand prize drawing for a Traeger Pro Pellet Grill for one lucky attendee to roll out for this Thanksgiving. Save your spot today.


Watch Out! New Android Banking Trojan Steals From 112 Financial Apps

"Ghimob is a full-fledged spy in your pocket: once infection is completed, the hacker can access the infected device remotely, completing the fraudulent transaction with the victim's smartphone, so as to avoid machine identification, security measures implemented by financial institutions and all their anti-fraud behavioral systems," the cybersecurity firm said in a Monday analysis.


What doctors can do to thwart cybercriminals as 2020 closes

In an effort to spur use of telehealth at the start of the COVID-19 public health emergency, the U.S. Department of Health and Human Services Office for Civil Rights?announced that it would use discretion in enforcing HIPAA privacy and security violations for physicians and hospitals who made a good faith effort to quickly adopt telehealth technology to connect with their patients. This discretionary period will likely close, however, with the end of the declared emergency, so the resource advises physicians to start planning now on how they will come into HIPAA compliance if they are not already.


Ransomware’s Brutal ‘Second Wave’

We’ve also seen the size of these attacks increase, with threat actors starting to employ “shock and awe” mass attacks in an attempt to overwhelm organizational and government resources. We saw this in the 22 Texas cities mass ransomware attacks in 2019 and most recently in the UHS hospital network attack that affected more than 400 hospitals nationwide. The bottom line is that if networks are connected in almost any way, hackers can take advantage of those links to spread and expand their attack.


Tackling security for connected devices

Even with “allowed” IoT systems for perimeter security -- security cameras, gate/access control systems -- organizations still have multiple contractors deploying a variety of devices, all managed via a jump host to keep the IoT devices secured from the enterprise network. If the jump host is compromised, the network is at risk. With a zero-trust deployment, the jump host is eliminated, and the IoT devices are secured and invisible from the outside world and all users on the network -- a zero trust infrastructure.


Seven cybersecurity predictions for 2021

Knowing that cyberattacks can have fatal consequences and that many healthcare organizations may not have adequate cybersecurity controls in place, attackers are in a prime position to exfiltrate PHI or get healthcare organizations to pay a ransom. As such, healthcare institutions are going to be tasked with the physical and electronic well-being of patients; attackers will continue to target them as they face financial pressures.


Cyber criminals are holding the financial services hostage: Here’s how to defend against sophisticated attacks

Their nature, however, means that IoCs have security teams investigating and searching for breaches that have already happened, rather than trying to prevent them. Fortunately, recent years have brought about next-generation cloud security solutions; these help security teams to really understand the attacker’s end goal, allowing them to counter breaches more effectively by leveraging Indicators of Attack (IoAs).


Credential-related attacks lead to the biggest financial losses, says report

The Cyentia Institute's IRIS Xtreme report [pdf] reviewed 103 large cyber-loss events from the last five years, and found that credential-related attacks were responsible for more incidents (46 per cent) and more total losses ($10 billion) than any other attack vector. For example, remote access malware incidents accounted for 31 per cent of extreme loss events and $9.2 billion in financial losses.


How Can Manufacturers Stop Damaging Cyber Attacks?

“These technology trends are amplified by the large-scale disruption of global supply chains caused by the pandemic. The combination of increased security vulnerabilities with the need to mitigate further business disruption has made the manufacturing sector a prime target for cyberattacks by both criminal organizations and nation-states,” he says. “These trends play a big part in why we’re seeing more manufacturer face devastating attacks like ransomware, which can grind operations to a halt.”


Small businesses need continued cybersecurity assistance through pandemic, officials say

Just as state and local agencies that had to move traditional services online rapidly in March, small businesses — many of which may not have needed an online sales presence prior to the pandemic — had to adopt new online marketplaces and digital strategies because of the shift[.] Todt said that local governments have a role to play in ensuring that these businesses can safely carry out transactions with city residents, despite not being public entities themselves.


The Cybersecurity 202: Biden will get tougher on Russia and boost election security. Here's what to expect. [Subscription]

Trump leaving office could clear the way for a far bigger package to fund a shift to paper ballots in states and counties that still lack them, increased mail voting and more post-election audits to ensure votes were counted accurately. The political winds may be changing now: Republicans may also feel new pressure to invest in auditable paper trails and other measures to ensure voting integrity because of Trump’s unfounded claims of voting fraud, which he’s continued to make after the election.


Japan Moves to Ban Chinese Drone Sales to Government Agencies

An unnamed senior government official revealed to Reuters that, while Japan is deeply dependent on China as a trade partner, “there are worries that advanced technologies and information could leak to China and could be diverted for military use.” Currently, Japan’s defense ministry deploys several hundred drones, several of which are manufactured in China. In addition, the coast guard has 30 – mostly Chinese – drones.


Suspected Vietnamese cyber-spies targeting dissidents in Germany

For example, Berlin-based Vietnamese blogger Bui Thanh Hieu talks of his fears that any successful malware attack on his computer could expose the identities of people in his home nation that are feeding him intelligence. Bui clicked on links to phishing emails, but his PC was not compromised by malware, according to a preliminary investigation.


Hacker Sells Access to Pakistani Airlines' Network

A team at dark net threat intelligence firm KELA spotted a threat actor touting domain admin access to the airline for $4,000 on two Russian-speaking illegal online forums and one English-speaking forum that they had been monitoring. From their headquarters in Tel Aviv, the team had been tracking ransomware trends, exploring how initial access brokers in the cybercrime community play a role in the supply chain of this popularly deployed malware.


Europe is adopting stricter rules on surveillance tech

The regulation requires companies to get a government license to sell technology with military applications; calls for more due diligence on such sales to assess the possible human rights risks; and requires governments to publicly share details of the licenses they grant. These sales are typically cloaked in secrecy, meaning that multibillion-dollar technology is bought and sold with little public scrutiny.


Zoom lied to users about end-to-end encryption for years, FTC says

The FTC complaint says that Zoom claimed it offers end-to-end encryption in its June 2016 and July 2017 HIPAA compliance guides, which were intended for health-care industry users of the video conferencing service. Zoom also claimed it offered end-to-end encryption in a January 2019 white paper, in an April 2017 blog post, and in direct responses to inquiries from customers and potential customers, the complaint said.


Cyber Consulting Firms Get Tied Up in Post-Breach Lawsuits

“Class action lawyers now have a playbook,” said John Reed Stark, a former Securities and Exchange Commission internet enforcement official who runs his own cyber-consulting business. Stark said the Capital One decision is concerning to cyber consultants because the forensic reports they write can provide “a vivid trail for liability.” The Accenture ruling could also impact the relationship between cyber consultants and the companies they contract with, he said. Consultants and companies might be more careful about how contracts for cyber projects are written.


Computer Scientists Achieve ‘Crown Jewel’ of Cryptography

While the protocol is far from ready to be deployed in real-world applications, from a theoretical standpoint it provides an instant way to build an array of cryptographic tools that were previously out of reach. For instance, it enables the creation of “deniable” encryption, in which you can plausibly convince an attacker that you sent an entirely different message from the one you really sent, and “functional” encryption, in which you can give chosen users different levels of access to perform computations using your data.


Don’t Sleep on China’s New Blockchain Internet

U.S. national security policymakers are working aggressively to push back China’s global market advance in 5G and artificial intelligence technology. Meanwhile, the Chinese Communist Party (CCP) is progressing unfettered in a parallel technological campaign: expanding global blockchain infrastructure. Earlier this year, Beijing launched the Blockchain-Based Service Network (BSN), a system of low-cost backend architecture on which software developers around the world can build blockchain applications—including digital assets such as cryptocurrencies.

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

Add this Email to Your Address Book