The Daily 📅 CyberSecurity 🛡️ Brief 📓 [Friday, March 20, 2020]
— prepared by @jeanbsu, intelligence briefer & principal analyst 🕵️
Here’s Everything You Need To Know Today — In 10 Minutes Or Less — About The World’s Most Important News, Events & Trends in CyberSecurity.
But before you read on, please like today’s 🛡️ CyberSecurity Brief 📓 by clicking the ❤️ below the headline so it will appear in clever algorithms and more people will read it!
Today’s CyberSecurity Brief is sponsored by Mostly AI, The World's Most Advanced Synthetic Data Engine That Anonymizes Personal User Data At Scale
What’s News 📰
Cyber Jobs Deemed Essential During The Pandemic
CISA released an advisory on the kinds of critical infrastructure workers who should remain on regular schedules because of COVID-19, and there were plenty of cyber jobs among them. While the list is advice to state and local governments rather than a federal dictate, it includes cybersecurity personnel in health care who can’t work offsite; cyber engineers and risk management pros in the energy field; and IT workers responding to critical infrastructure cyber incidents—PoliticoHackers Breach FSB Contractor And Leak Details About IoT Hacking Project
Russian hacker group Digital Revolution claims to have breached a contractor for the FSB—Russia's national intelligence service—and discovered 12 technical documents, diagrams, and code fragments for a project called "Fronton" intended for hacking Internet of Things (IoT) devices—ZDNetNIST Asks For Public Comments On New Cybersecurity Risk Management Document
The National Institute of Standards and Technology is asking for public comments on a new report titled “NIST-Interagency Report 8286 Integrating Cybersecurity and Enterprise Risk Management,” which advises organizations on how to improve the cybersecurity risk information they use to shape their enterprise risk management program—Fifth Domain
Cyber Attacks ⚔️
Fintech Company Finastra Hit By Ransomware, Shuts Down
The London-based giant which provides financial software and adjacent services to the world's banking sector has disclosed that it was infected by ransomware—ZDNetExtortion Emails Threaten to Infect Your Family With Coronavirus
Sextortion scammers are now also attempting to capitalize on the COVID-19 pandemic by threatening their victims to infect their family with the SARS-CoV-2 virus besides revealing all their "dirty secrets"—BleepingComputerDDoS Botnets Have Abused 3 Zero-Days In LILIN Video Recorders For Months
At least 3 botnet operators have secretly exploited 3 zero-day vulnerabilities in LILIN digital video recorders (DVRs) for more than 6 months before the vendor finally patched the bugs last month, in February 2020. Digital video recorders are devices installed on company networks that aggregate video feeds from local CCTV or IP camera systems and record it on various types of storage systems, like HDDs, SSDs, USB flash drives, or SD memory cards—ZDNetPwn2Own Hackers Go Remote, Then Crack macOS And Oracle Machines Anyway
The Pwn2Own hacking contest, in which security researchers earn rewards by uncovering flaws in commercial technology, closed its spring 2020 edition Thursday after participants probed systems like the macOS and Oracle VirtualBox—CyberScoop
Data Breaches 🗃️
200 Million Records Of U.S. Citizens Leaked In Unprotected Database
Researchers with Lithuanian research group CyberNews discovered an unprotected database holding 800GB of personal user information, including 200 million detailed user records. The entirety of the database was wiped on March 3 and exposed individuals' full names and titles, email addresses, phone numbers, birthdates, credit ratings, home and mortgage real estate addresses, demographics, mortgage and tax records, and information about personal interests, and investments, as well as political, charitable, and religious donations—Dark ReadingWeibo Confirms 538 Million User Records Leaked, Listed For Sale On Dark Web
Luo Shiyao, Weibo’s Security Director said on Weibo that the Internet security community was merely “overreacting.” “Phone numbers were leaked due to brute-force matching in 2019 and other personal information was crawled on the Internet,” adding that “When we found the security vulnerability we took measures to fix it.” Luo stated that this is likely another “dictionary attack” instead of a direct drag from Weibo’s database—DataBreaches
Cyber Threats 😈
This New Variant Of The Mirai Botnet Malware Is Targeting Zyxel Network-Attached Storage Devices
A new variant of the Mirai malware dubbed Mukashi is targeting a recently uncovered critical vulnerability in Zyxel network-attached storage devices to take control of them and add them to a network of devices that can be used to conduct Distributed Denial of Service (DDoS) attacks—ZDNetPwndLocker Fixes Crypto Bug, Rebrands As ProLock Ransomware
PwndLocker, which was targeting enterprise networks and demanding ransoms ranging between $175,000 to over $660,000 depending on the size of the network, has rebranded itself as the ProLock Ransomware after fixing a crypto bug that allowed a free decryptor to be created—BleepingComputerFBI Warning: Phishing Emails Push Fake Government Stimulus Checks
FBI's Internet Crime Complaint Center (IC3) today warned of an ongoing phishing campaign delivering spam that uses fake government economic stimulus checks as bait to steal personal information from potential victims—BleepingComputer
Privacy 🔐
A Professor Says Edge Is The Worst For Privacy. Microsoft Isn't Happy
Could it be that Google was right to accuse Microsoft Edge of being insecure? New research suggested it's the least private browser you can have. So I asked Redmond what it thought—ZDNetCovid-19 Spurs Facial Recognition Tracking, Privacy Fears
The coronavirus pandemic is creating a lucrative market for facial recognition manufacturers. But privacy issues need to be top of mind, tech experts warn-ThreatPost
Technology ⚙️
Ookla Adds A VPN To Its Speedtest App
Speedtest VPN offers 2GB of free data over VPN every month. Unlimited access and no ads is $4.99 per month—PCMag
In-Depth 👨💻
Proof Of Concept Released For kr00k Wi-Fi Vulnerability
Researchers at HexWay have demonstrated a proof-of-concept (PoC) exploit of kr00k, a significant Wi-Fi vulnerability first described by Eset researchers in February. The vulnerability forces a device to use an encryption key of all zeroes under certain circumstances. The PoC shows that the circumstances are not difficult to achieve—Dark ReadingTrickBot And Emotet Strains Make Process Injection Most Prevalent Attack Technique
A Red Canary report found that based on the percentage of total threats, the top 10 techniques used in attacks were process injection, which represented 17% of all threats, scheduled tasks, and Windows admin shares at 13%, PowerShell, remote file copy, masquerading, scripting, DLL search order hijacking, domain trust discovery, and disabling security tools—TechRepublicHow To Stay Safe From Cybercrime When Working At Home During The Outbreak
For starters, beware of email and calls claiming to be from your company's IT department—Consumer ReportsThe Cybersecurity Implications Of Working Remotely
The global spread of the COVID-19 coronavirus has had a notable impact on workplaces worldwide, and many organizations are encouraging employees to work from home. What are the cybersecurity implications of this shift?—HelpNet SecuritySecurity Ratings Are A Dangerous Fantasy
Security professionals don't like security ratings, also known as cybersecurity risk scores. Partly this is because people don't like being criticized. But mostly it's because security ratings don't work, and cannot work as presently conceived and sold. The industry is a marketing facade. Security ratings do not predict breaches, nor do they help people make valuable business decisions or make anyone safer—Dark ReadingHow To Deal With Network Security And Bandwidth Issues During The Coronavirus Pandemic
Experts discuss what precautions companies need to be taking right now that a record number of people are working outside of offices—TechRepublicAttack Surface, Vulnerabilities Increase As Orgs Respond to COVID-19 Crisis
The speed at which organizations are being forced to respond to the unfolding COVID-19 health crisis could be leaving many of them vulnerable to attack by threat actors rushing to exploit the situation—Dark Reading
Today’s CyberSecurity Brief is sponsored by Mostly AI, The World's Most Advanced Synthetic Data Engine That Anonymizes Personal User Data At Scale