Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 10-23-2020

Microsoft Teams Phishing Attack Targets Office 365 Users

Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. In reality, the attack aims to steal Office 365 recipients’ login credentials. [...] The initial phishing email displays the name “There’s new activity in Teams,” making it appear like an automated notification from Microsoft Teams.

https://threatpost.com/microsoft-teams-phishing-office-365/160458/

 

VA, DOD Work to Protect Patient Information and Secure Devices

The VA, which already has an elaborate cybersecurity framework, is working with Massachusetts General Hospital and Shepherd University to research new cybersecurity and compatibility measures for its medical devices and hopes to upgrade cybersecurity standards and practices for network-connectable medical devices, medical data systems and other related technology.

https://fedtechmagazine.com/article/2020/10/va-dod-work-protect-patient-information-and-secure-devices

 

Are Connected Medical Devices Leaving Your Hospital’s Doors Wide Open?

Another issue is that these devices are typically designed to work “straight out the box” with little to no setup. That means they’re operating on default, easy-to-use settings that may not offer robust security protocols. Original equipment manufacturers’ (OEMs) instructions will often refer to FDA regulations, which state that the function of a device cannot be changed unless it’s proven that the systems can’t be patched.

https://www.jdsupra.com/legalnews/are-connected-medical-devices-leaving-93886/

 

Retail, Hospitality and Travel Hit by 64 Billion Credential Stuffing Attacks

Over 60% of credential stuffing attacks detected over the past two years have been targeted at retail, travel and hospitality businesses, according to Akamai. [...] It revealed that, during the period July 1 2018 to June 30 2020, it detected over 100 billion credential stuffing attempts. Almost 64 billion of these were aimed at cracking open user accounts in the retail, travel and hospitality sectors.

https://www.infosecurity-magazine.com/news/retail-hospitality-travel-64-bn/

 

US Treasury Department ban on ransomware payments puts victims in tough position

Control (OFAC) warned organizations making ransomware payments that they risk violating economic sanctions imposed by the government against cybercriminal groups or state-sponsored hackers. The advisory has the potential to disrupt the ransomware monetization model, but also puts victims, their insurers and incident response providers in a tough situation where this type of attack could cost much more and take much longer to recover from.

https://www.csoonline.com/article/3587108/us-treasury-department-ban-on-ransomware-payments-puts-victims-in-tough-position.html

 

New York financial watchdog calls for social media cybersecurity regulator after Twitter hack of Biden and Obama accounts

"The fact that Twitter was vulnerable to an unsophisticated attack shows that self-regulation is not the answer," said Superintendent of Financial Services Linda Lacewell in a statement. "As we approach an election in fewer than 30 days, we must commit to greater regulatory oversight of large social media companies. The integrity of our elections and markets depends on it."

https://www.techrepublic.com/article/new-york-financial-watchdog-calls-for-social-media-cybersecurity-regulator-after-twitter-hack-of-biden-and-obama/

 

Five security trends manufacturers need to be aware of

In fact, 41% of manufacturing companies admitted to suffering a mobile-related compromise with 67% of those saying the impact was major -Verizon Mobile Security Index 2020. The reason for that has to do with the way the Manufacturing industry operates. The industry relies on mobile devices and cloud solutions to effectively transition products from the design studio to the shop floor. Providing plenty of opportunities for ill-intentioned hackers to access valuable data.

https://www.supplychaindigital.com/supplier-management/five-security-trends-manufacturers-need-be-aware

 

Modern Attacks Include Supply Chain "Hopping" and Reversing Agile Environments

This has born the concept of “island hopping,” where an attacker infiltrates an organization’s network to launch attacks on other businesses along the supply chain. This is the concept of an attacker doing a series of compromises along a supply chain, hitting multiple victims. Kellermann said there has been a “dramatic escalation and punitive measures deployed from the adversary,” and this has resulted in 55% of attacks targeting the victim’s digital infrastructure for the purpose of island hopping.

https://www.infosecurity-magazine.com/news/attacks-hopping-reversing-agile/

 

Iran and Russia Seek to Influence Election in Final Days, U.S. Officials Warn

Since August, intelligence officials have warned that Iran opposed Mr. Trump’s re-election, hardly a surprise after he exited the Iran nuclear deal more than two years ago and reimposed crushing economic sanctions on the country. The officials said Iran did not intend to deter voters, but rather to hurt Mr. Trump and mobilize support for Joseph R. Biden Jr., the Democratic nominee, by angering voters about the president’s apparent embrace of the Proud Boys in the first debate.

https://www.nytimes.com/2020/10/21/us/politics/iran-russia-election-interference.html

 

Exploring the prolific threats influencing the cyber landscape

“The biggest takeaway from our research is that organizations should expect cybercriminals to become more brazen as the potential opportunities and pay-outs from these campaigns climb to the stratosphere.

·       Sophisticated adversaries mask identities with off-the-shelf tools

·       New, sophisticated tactics target business continuity

·       Ransomware feeds new profitable, scalable business model

https://www.helpnetsecurity.com/2020/10/22/prolific-threats-cyber-landscape/

 

US has a ‘China problem,’ cyber commission says

"The pandemic showed us the dangers of relying on foreign adversaries for critical technologies and products. We need to learn the right lessons and ensure we don't make the same mistakes again," Gallagher said in an Oct. 19 statement on the white paper. "This paper provides the blueprint for a whole-of-nation approach to both shore up vulnerabilities within our information and communications technology supply chains and ensure these networks remain stable and secure."

https://gcn.com/articles/2020/10/20/cyber-solarium-china-supply-chain.aspx

 

Senior U.S. official accuses China of aiding North Korea cyber thefts

In March, the U.S. Justice Department charged two Chinese nationals with laundering more than $100 million in cryptocurrency on behalf of North Korea and detailed Pyongyang’s use of hackers to circumvent sanctions. Demers appeared to go further in suggesting Chinese state involvement, a charge that comes at a time when the Trump administration has stepped up attacks on China in the run up the Nov. 3 U.S. presidential election.

https://www.reuters.com/article/us-usa-northkorea-china/senior-us-official-accuses-china-of-aiding-north-korea-cyber-thefts-idUSKBN2772RX

 

DOJ’s Crypto Framework Is ‘a Complete Disaster’ for Digital Privacy Rights

In Belcher’s view, there are a number of legal concerns with the crypto enforcement framework as laid out by the DOJ’s Cyber Digital Task Force. Language in the framework would appear to have implications for individuals sending cryptocurrencies to one another, as well as exchangers offering transactions as a service. The enforcement framework even had a section on mixers and tumblers, noting that entities qualifying as money services businesses are subject to the BSA or “similar international regulations.”

https://www.coindesk.com/doj-privacy-encryption-framework

 

New Bill Strips Presidential Authority to Shut Down Internet

Though it’s never happened in the United States, the President does have the power to shut down the internet according to 1934’s Communications Act. Section 706 of the act allows the President carte blanche to shutdown wireless communications “upon proclamation by the President that there exists war or a threat of war, or a state of public peril or disaster or other national emergency, or in order to preserve the neutrality of the United States.”

https://www.vice.com/en/article/wx8qdb/new-bill-strips-presidential-authority-to-shut-down-internet

 

Cisco Warns of Severe DoS Flaws in Network Security Software

“An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link,” according to Cisco. “A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user.”

https://threatpost.com/cisco-dos-flaws-network-security-software/160414/

 

Botnet Infects Hundreds of Thousands of Websites

A botnet focused on cryptomining, spamming, and defacement has infected hundreds of thousands of websites running popular content management systems (CMSes), such as WordPress, Joomla, Magneto, and Drupal, according to online security firm Imperva.

https://www.darkreading.com/attacks-breaches/botnet-infects-hundreds-of-thousands-of-websites/d/d-id/1339258

 

How Trump’s Twitter account was hacked – again

Four years ago, three Dutch hackers gained access to Donald Trump’s Twitter account, just a few weeks prior to the US elections. As absurd as it may sound, this week one of them managed to gain access to the account – yet again. Dutch ethical hacker Victor Gevers desperately reached out to Donald Trump to warn him, which turned out to be an impossible task.

https://www.vn.nl/trump-twitter-hacked-again/

 

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe