Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 5-13-2020

The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet

For those minutes, Hutchins allowed himself to believe that perhaps the agents wanted only to learn more about his work on WannaCry, that this was just a particularly aggressive way to get his cooperation into their investigation of that world-shaking cyberattack. Then, 11 minutes into the interview, his interrogators asked him about a program called Kronos. “Kronos,” Hutchins said. “I know that name.” And it began to dawn on him, with a sort of numbness, that he was not going home after all.


Would You Let The Government Track Your Smartphone If It Meant We Could Reopen Sooner?

Perhaps more than the population of any other country in the world, Americans tend to resist letting the government keep a close eye on them, even under life-and-death circumstances. In the case of contact tracing, that reluctance looks like an immovable obstacle. "In a fast-moving pandemic, protecting individuals' rights to privacy limits the ability of the government to protect the health of the population," says Eric Campbell, a researcher with the University of Colorado's medical campus specializing in health policy and bioethics.


Ransomware forces Texas court servers offline

The Texas Office of Court Administration, which provides IT services for state appellate and other judicial agencies, discovered a ransomware attack on Friday morning just hours after the system was targeted, according to a press release from OCA administrative director David Slayton. [...] Friday’s ransomware attack is the latest that Texas’ state and local agencies have faced over the past year. Last August, 23 cities and towns were simultaneously hit by a ransomware attack through a common managed service provider.


FTC Seeks Comment on Breach Notification Rule for Health Data

The Federal Trade Commission is seeking comment from industry stakeholders on breach notification requirements for entities that collect personally identifiable health information but aren’t covered by HIPAA regulations. [Third-party] apps chosen by patients are not typically covered by HIPAA. Instead, the FTC’s breach notification rule, enacted in 2009, requires vendors and related entities not covered by the privacy regulation to inform individuals, the FTC, and the media, in some cases, of breaches of unsecured personally identifiable health data.


Five cybersecurity prescriptions for healthy healthcare in 2020

1. Embrace the zero trust security model

A recent report shows that in the healthcare sector more breaches are caused by internal than external threats. [...] By implementing a zero trust approach, healthcare organizations can introduce granular controls on network traffic. This takes away the opportunity for modern attackers and internal rogue users to leverage attacks and gain access to sensitive personal health information (PHI) while remaining under the radar.


Top Five Sectors Prone To Cyber Threat Amid COVID-19 Lockdown

When we consider that the most vulnerable industries such as healthcare and financial services are relying increasingly on remote work models due to the viral outbreak, the importance of cybersecurity becomes paramount. Hence, it is no wonder that new-age enterprises are sincerely considering to include cybersecurity budgets as an integral part of their capital expenditure not just at present but also after the crisis blows over.


Nearly 70% of financial services companies endured a cyberattack

According to 77% of respondents, cyberattacks have become more targeted recently. Respondents also noted these attacks have become more severe than in the past (64%) and more sophisticated (63%). Of those surveyed, only 26% said their organizations have decreased the time it takes to respond to an attack. Meanwhile, 47% said they don't even have a plan in place for responding to a cyberattack. Further, only 39% of financial services firms believe their IT security is effective in protecting them against threats.


FS-ISAC Launches Cyber Threat Intelligence Exchange Platform

The new Intelligence Exchange platform is comprised of applications designed to facilitate the sharing and consumption of actionable cyber threat intelligence across the financial sector, and enable more strategic and in-depth sector analysis from FS-ISAC. The key Intelligence Exchange apps are: Connect, a secure chat capability for real-time communication with peers and groups; and Share, a hub for threat intelligence sharing that provides access to actionable intelligence that members can customise and embed in their institutional processes and environments.


Government Cybersecurity Commission Calls for International Cooperation, Resilience and Retaliation

The third layer calls for the U.S. government to impose proportional costs to malicious actions in cyberspace. This requires the U.S., in collaboration with allies, to maintain the capability and credibility needed to retaliate against nations and organizations that target the U.S. in and through cyberspace. The means to retaliate include legal, financial, diplomatic and cyber powers that, applied in combination, assure compelling and unavoidable consequences for transgressors.


On the three-year anniversary of WannaCry, US exposes new North Korean malware

COPPERHEDGE - a remote access trojan (RAT) capable of running arbitrary commands, performing system reconnaissance, and exfiltrating data. Six different variants identified.

TAINTEDSCRIBE - a malware implant (trojan) that's installed on hacked systems to receive and execute the attacker's commands. These samples use FakeTLS for session authentication and for network encryption utilizing a Linear Feedback Shift Register (LFSR) algorithm. The main executable disguises itself as Microsoft's Narrator.

PEBBLEDASH - another implant. This one has the capability to download, upload, delete, and execute files; enable Windows CLI access; create and terminate processes; and perform target system enumeration.



How do Russia and China view cyber operations? How is the American view of cyber operations changing and is it changing fast enough? What do advances in scholarship have to tell us about how and why cyber operations matter? What cocktails do we miss the most? This conversation with Erica Borghard, Ben Buchanan, and Fiona Cunningham has something for everyone.


Hackers target ASEAN governments during 5-year ‘cyber espionage campaign’

According to Check Point findings, the advanced persistent threat (APT) specialists are “persistently targeting” countries in the same geographical region, which includes Indonesia, Philippines, Vietnam, Thailand, Myanmar and Brunei. In addition to Australia-based attacks, the group directly targets government ministries of foreign affairs, science and technology, as well as government-owned companies with the alleged motive of gathering of geo-political intelligence.


Audit: Oregon State Police Lack ‘Basic Cybersecurity Safeguards’

Many cybersecurity policies appear disorganized or inconsistent, as the police agency does not monitor authorized use of devices or audit device activity logs, vulnerability assessments are conducted on an "ad hoc" basis, and the agency does not "appropriately manage all users who have significant, high level access to important systems and data," according to the report.


Former NSA Chief: Values Must Not be Compromised in the Name of Security, Not Even During a Pandemic

If there’s one thing that’s beyond question, it is that Mike Rogers, former head of the National Security Agency (NSA) loves his country. In an interview with Calcalist, he repeated the word “values” no fewer than 27 times. But even a patriot like Rogers believes the use of technology to track down citizens during the Coronavirus (Covid-19) crisis is one step too far.,7340,L-3821752,00.html


What the Pandemic Tells Us About the State of U.S. Cybersecurity

As the coronavirus pandemic has unfolded over the intervening months, the United States has experienced a significant trauma, prompting a national conversation about disaster prevention, as well as crisis preparedness and response. While the new coronavirus is the root cause of today’s crisis, a catastrophic cyber incident could be the cause of the next.


Microsoft May 2020 Patch Tuesday fixes 111 vulnerabilities

While Microsoft has patched actively-exploited zero-day vulnerabilities in the past two months, there are no such bugs in this release. This means that system administrators have time at their disposal to test today's Patch Tuesday for bugs or other issues before deploying the updates to all their systems.


CISSP Qualification Given Equal Status to Master’s Degree

The change will enable cybersecurity professionals to use the CISSP certification towards higher education course credit and also open up new opportunities for roles that require or recognize master’s degrees. The new designation will apply both to the UK and across Europe.

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

Add this Email to Your Address Book