Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 10-14-2020

[WEBINAR] The State of 2020 Healthcare Breaches and What To Do About It

With recent headlines, every protector is likely having conversation with their teams. In this upcoming webinar, healthcare security experts will show you the actual trends in reported healthcare breaches. You’ll also learn how to develop insight about what’s really going on inside your network perimeter, understand what devices are doing, and find experts who can monitor your network around-the-clock. Join Medigate and CI Security, two companies driven to help the protectors, on Thursday, October 29, 2020 at 10:00 AM PDT | 12:00 PM CDT.


TrickBot botnet survives takedown attempt, but Microsoft sets new legal precedent

Sources from companies monitoring TrickBot activity described the takedown's effects as "temporal" and "limited," but praised Microsoft and its partners for the effort, regardless of its current results. "Our estimate right now is what the takedown did was to give current victims a breather," a security researcher said.


Healthcare organizations' cybersecurity becoming more fragile amid pandemic: 7 key stats

About a third of healthcare organizations experienced a ransomware attack during the pandemic's early months, according to software company Netwrix's "2020 Cyber Threats Report." Netwrix surveyed 937 IT professionals in June to gain insights about how the pandemic and its resulting shift to work-from-home models changed healthcare's IT risk environment.


Top Strategies for Implementing Multi-Factor Authentication

“The two main obstacles organizations say hinder them from implementing MFA is this misconception that implementing the tool will require an external hardware device and concerns that it will disrupt users or cause the technology to malfunction,” Jessica Davis, senior editor of, explained on an episode of Healthcare Strategies.


UHS Health System Ransomware Attack, Security Probed by Senator

Sen. Mark Warner, D-Virginia, sent a letter to Universal Health Services CEO Alan Miller, demanding answers into the health system’s cybersecurity policies in light of the September ransomware attack that drove all 400 UHS sites in the US into EHR downtime procedures for three weeks. Warner is one of the strongest cybersecurity proponents in Congress, co-founding and co-chairing the bipartisan Senate Cybersecurity Caucus.


Know your cyber risk: the importance of assessment and quantification

Assessment and quantification involves asking questions around focusing on what a loss could be like for a business: the assets they are trying to protect, the associated cyber security risks, how much risk an organisation is prepared to carry on its balance sheet, and, importantly, ensuring board-level understanding of the cyber risk.


G7 ‘concerned’ about increasing cybercrimes that demand crypto ransoms

Leaders from G7 intergovernmental economic organization cautioned against global surge in ransomware attacks that involved crypto payments as ransom money. These ransomware attackers often demanded payments “primarily” in cryptocurrency which according to the G7 facilitated money laundering. G7 believed that attacks had intensified over the last two years and the ongoing pandemic could make the situation worse.


Protect Your Hotel Network and Guests From Cyber Threats

The pressure to modernize and keep up with guest expectations makes hospitality a dynamic industry and a vulnerable target for network cyberattacks. In fact, hospitality ranks third, behind retail and finance for likelihood of a data breach. To keep sensitive property and guest information protected, it is essential for hoteliers to understand why the industry is at risk, track the evolving threat profile and know where they are vulnerable.


Law Firm Seyfarth Shaw Hit by Damaging Ransomware Attack

Founded in 1945 in Chicago, Illinois, Seyfarth has over 900 lawyers across 17 offices, providing clients all around the world with advisory, litigation, and transactional legal services. The Am Law 100 firm serves more than 300 of the Fortune 500 companies. [...] The firm says it was able to stop the attack soon after detection, but not before data on many systems was encrypted by the malware.


Hacker groups chain VPN and Windows bugs to attack US government networks

"CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised," the security alert reads. "Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks," officials also added.


Trouble underway: Seven perspectives on maritime cybersecurity

With greater than 90 percent of all global trade tonnage transported by sea and vital global energy networks, maritime infrastructure has never been more essential and yet also more at risk. In just the last two weeks, there have been several high-profile attacks on the maritime industry, with both the fourth largest global shopping company and the International Maritime Organization (IMO) targeted.


The Man Who Speaks Softly—and Commands a Big Cyber Army

Nakasone's offensive cyber strategy, which was developed under the eye of Trump's former national security adviser John Bolton, represents a paradigm shift in how the US confronts its adversaries online. Rather than waiting to respond to an attack, Nakasone and US Cyber Command have shifted to talk of “persistent engagement,” “defending forward,” and “hunting forward,” amorphous terms that encompass everything from mounting digital assaults on ISIS and Iran's air defense systems to laying the groundwork for taking down Russia's electrical grid.


Norway blames Russia for cyber-attack on parliament

In response, Russia's embassy in Oslo hit back at the "unacceptable" announcement, saying no evidence had been presented. "Millions of cyber attacks are annually committed from abroad against Russian state internet resources... but this does not give us the right to indiscriminately blame authorities of the countries of their possible origin," the embassy added.


China Cybersecurity: No Place to Hide, Part 3

So how does the PRC government implement this program? The key point is that the Chinese government is the hacker. When the hacker is directly involved in creating and policing the Internet and the key agent for implementing cybersecurity, it is axiomatic there will be no protection from the network intrusion/data collection activities of that hacker. The hacker dictates how the system will work and it of course provides no protection against its own activities.


Carnival Corp. Updates Findings After August Cyber-Attack

Carnival Corp. said a cyber-attack appears to have sought access to personal information of some guests, employees and crew of three cruise brands – Carnival Cruise Line, Holland America Line and Seabourn – as well as its casino operations. [...] Carnival said the investigation is ongoing but that cybersecurity consultants took steps to recover its files and “has evidence indicating a low likelihood of the data being misused.”


Ransomware operators now outsource network access exploits to speed up attacks

"Since the start of 2020 and the emergence of the now-popular "ransomware with data theft and extortion" tactics, ransomware gangs have successfully utilized dark web platforms to outsource complicated aspects of a network compromise," the researchers say. "A successful ransomware attack hinges on the development and maintenance of stable network access which comes with a higher risk of detection and requires time and effort. Access sellers fill this niche market for ransomware groups."


It's 2020 and a rogue ICMPv6 network packet can pwn your Microsoft Windows machine

Microsoft said exploitation is likely, and a workaround is available for Windows build 1709 and above. You're urged to patch this ASAP, though. "Since the code execution occurs in the TCP/IP stack, it is assumed the attacker could execute arbitrary code with elevated privileges," said Zero Day Initiative's Dustin Childs in a summary of today's patches.


You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

Add this Email to Your Address Book