Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 2-22-2021

Hack of Seattle payments processing firm puts local governments on alert
Among those potentially affected by the attack are cities of Seattle, Kirkland, Lynnwood, Monroe, Redmond, Puyallup; Skagit Public Utility District; the Port of Everett; the Lakewood Water District and the Alderwood Water & Wastewater District; and the recycling firm Recology King County. The California Department of Motor Vehicles also announced it had been affected by the attack.
https://www.seattletimes.com/seattle-news/hack-of-seattle-payments-processing-firm-puts-local-governments-on-alert/
 
Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code
These repositories contained code for: A small subset of Azure components including those related to service, security and identity; a small subset of Intune components; and a small subset of Exchange components. However, because of internal protections in place, the repositories did not contain “any live, production credentials,” according to the company.
https://threatpost.com/microsoft-solarwinds-azure-exchange-code/164104/
 
The future of cybersecurity will be about ‘fighting fire with fire’
However, the consensus in recent years has been that intelligence-based services are ill-equipped to handle the pace of the modern threat landscape. In other words, as new threat types and attack vectors emerge, these legacy tools are powerless until updated with new intelligence, by which time it is too late.
https://www.techradar.com/news/the-future-of-cybersecurity-will-be-about-fighting-fire-with-fire
 
CIS launches no-cost ransomware service for U.S. hospitals
The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity vendor Akamai to proactively identify, block and mitigate targeted threats.  
https://www.healthcareitnews.com/news/cis-launches-no-cost-ransomware-service-us-hospitals
 
FDA Medical Device Cybersecurity
One lesser-known aspect of the FDA is their role in regulating medical devices such as insulin pumps and pacemakers. Several years ago, they issued their device safety plan. [...] “Cybersecurity threats to the healthcare sector have become more frequent, more severe, and more clinically impactful,” as they stated in a 2018 draft document filled with cybersecurity guidance for new device makers.
https://securityboulevard.com/2021/02/fda-medical-device-cybersecurity-avast/
 
DOJ indicts hackers suspected of creating WannaCry ransomware: 5 things to know
The ransomware variant works by exploiting a vulnerability discovered and developed by the U.S. National Security Agency; Microsoft created a patch for the vulnerability, but many organizations, including hospitals, had not appropriately updated their systems by the time of the attack. Three North Korean computer programmers were allegedly behind the WannaCry attacks[.]
https://www.beckershospitalreview.com/cybersecurity/doj-indicts-hackers-suspected-of-creating-wannacry-ransomware-5-things-to-know.html
 
Kroger is latest victim of third-party software data breach
Kroger Co. says it was among the multiple victims of a data breach involving a third-party vendor’s file-transfer service[.] The Cincinnati-based grocery and pharmacy chain said in a statement Friday that it believes less than 1% of its customers were affected — specifically some using its Health and Money Services — as well as some current and former employees because a number of personnel records were apparently viewed.
https://apnews.com/article/software-c4815b9f0c0092071bad97d9f6842fe6
 
NY Financial Regulator Warns of Cyber Campaign for Consumer Data [Subscription]
The state’s Department of Financial Services said in an alert Tuesday that it received reports from institutions it regulates of successful or attempted data theft from websites that provide instant quotes, such as auto insurance rates, using nonpublic information from consumers such as driver’s license numbers.
https://news.bloomberglaw.com/banking-law/ny-financial-regulator-warns-of-cyber-campaign-for-consumer-data
 
Kia and Hyundai recovering from days-long network outages
In a statement on Thursday, Kia cited “online speculation” that it was hit by ransomware, which scrambles data until a victim pays to have it decoded. “At this time, and based on the best and most current information, we can confirm that we have no evidence that Kia or any Kia data is subject to a ransomware attack,” the company said.
https://apnews.com/article/smartphones-us-news-6cb4c59483e24cac3758079e3c8d7bb1
 
Biden calls for creating 'rules' on cyber, tech to combat China and Russia threats
“This is also how we are going to be able to meet the threat from Russia,” Biden said. "The Kremlin attacks our democracies and weaponizes corruption to try to undermine our system of governance ... that’s why addressing Russian recklessness and hacking into computer networks in the United States and across Europe and the world has become critical to protecting our collective security.”
https://thehill.com/policy/cybersecurity/539598-biden-calls-for-creating-rules-on-cyber-tech-to-combat-china-and-russia
 
Special Forces to build ‘influence artillery’ for online campaigns
The center, to be based at Fort Bragg, will consolidate the command’s psychological operations capabilities and will wrap around other information related capabilities such as cyber and space, Col. Ed Croot, chief of staff at 1st Special Forces Command, said in a Feb. 17 virtual presentation for AFCEA TechNet Augusta.
https://www.c4isrnet.com/information-warfare/2021/02/18/special-forces-to-build-influence-artillery-for-online-campaigns/
 
Suspected Russian Hack Fuels New US Action on Cybersecurity
President Joe Biden plans to release an executive order soon that Neuberger said will include about eight measures intended to address security gaps exposed by the hack. The administration has also proposed expanding by 30% the budget of the U.S. Cybersecurity and Infrastructure Agency, or CISA, a little-known entity now under intense scrutiny because of the SolarWinds breach.
https://www.usnews.com/news/business/articles/2021-02-19/massive-breach-fuels-calls-for-us-action-on-cybersecurity
 
Nigerian Instagram Star Aided North Korea Cyber Crime, U.S. Says
Abbas was extradited in July from Dubai to the U.S. where he faces criminal charges of allegedly conspiring to launder hundreds of millions of dollars from “business email compromise” frauds and other scams. Gal Pissetzky, Abbas’s former lawyer, told Forbes magazine in July 2020 that he was “absolutely not guilty” of those charges and hadn’t taken part in in any fraud. Pissetzky and Abbas’s other lawyer both quit the defense in January.
https://www.bloomberg.com/news/articles/2021-02-20/nigerian-instagram-star-aided-north-korea-cyber-crime-u-s-says
 
Live-fire drill puts Europe’s military cyber responders to the test
Officials dubbed the drill a “live-fire” event because it played out on a cloud-based cyber range with real targets. Three teams of opposing forces, including one composed of experts from five member states, required defending teams to react to unforeseen attacks. The scenario included figuring out where attacks originated and determining who was behind them.
https://www.c4isrnet.com/global/europe/2021/02/19/live-fire-drill-puts-europes-military-cyber-responders-to-the-test/
 
Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users
Brave has fixed a privacy issue in its browser that sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users' visits to dark web websites. The bug was addressed in a hotfix release (V1.20.108) made available yesterday.
https://thehackernews.com/2021/02/privacy-bug-in-brave-browser-exposes.html
 
WhatsApp: Users Who Don’t Accept Our New Privacy Policy Won’t Be Able to Read or Send Messages
“If you haven’t accepted by then, WhatsApp will not delete your account. However, you won’t have full functionality of WhatsApp until you accept. For a short time, you’ll be able to receive calls and notifications, but won’t be able to read or send messages from the app,” WhatsApp wrote.
https://gizmodo.com/whatsapp-users-who-don-t-accept-our-new-privacy-policy-1846321224
 
New malware found on 30,000 Macs has security pros stumped
Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown.
https://arstechnica.com/information-technology/2021/02/new-malware-found-on-30000-macs-has-security-pros-stumped/
 
Malformed URL Prefix Phishing Attacks Spike 6,000%
“The URLs are malformed, not utilizing the normal URL protocols, such as http:// or https://,” researchers said in a blog post about their findings. “Instead, they use http:/\ in their URL prefix.” The slashes in the address are largely superfluous, the GreatHorn report explained, so browsers and many scanners don’t even look at them.
https://threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/
 
New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card
At a high level, this is achieved using an Android application that implements a man-in-the-middle (MitM) attack atop a relay attack architecture, thereby allowing the app to not only initiate messages between the two ends — the terminal and the card — but also to intercept and manipulate the NFC (or Wi-Fi) communications to maliciously introduce a mismatch between the card brand and the payment network.
https://thehackernews.com/2021/02/new-hack-lets-attackers-bypass.html
 
Scam artists lurking on dating apps and social media made away with a record haul in 2020
The FTC estimated on average $2,500 was sent to romance scammers in 2020, more than ten times the median loss across all fraud types. Given the rampant use of social media and rise of online dating services, the opportunity for scammers to prey on individuals is only growing, explained Emma Fletcher, an analyst at the FTC.
https://www.cnn.com/2021/02/21/us/losses-to-romance-scams-trnd/index.html
 

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe