Today's Daily 📅 CyberSecurity 🛡️ Brief 📓 [Friday, March 13, 2020]
— prepared by @jeanbsu, intelligence briefer & principal analyst 🕵️
Here’s Everything You Need To Know Today — In 10 Minutes Or Less — About The World’s Most Important News, Events & Trends in CyberSecurity.
But before you read on, please like today’s 🛡️ CyberSecurity Brief 📓 by clicking the ❤️ below the headline so it will appear in clever algorithms and more people will read it!
Today’s CyberSecurity Brief is sponsored by Mostly AI, The World's Most Advanced Synthetic Data Engine That Anonymizes Personal User Data At Scale
What’s News 📰
FSB Asset Introduced LinkedIn Hacker, Future Group-IB Executive In 2012, U.S. Alleges
Attorneys are using the trial of a man who allegedly stole more than 100 million usernames and passwords from U.S. social media companies to hint at the murky, long-rumored relationships between Russian cybercriminals and the Kremlin’s intelligence agencies—CyberScoop
U.S. Scraps Missiles Over Cybersecurity Concerns
The US Army spent $373 million on the purchase of 2 batteries of Iron Dome missiles last year. Plans to spend a further $600 million on 2 new batteries and Iron Dome components by 2023 have now been scrapped after Israel reportedly refused to hand over the system's source code—InfoSecurity MagazineCISA Outlines VPN Best Practices For Supporting Teleworkers
The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Friday outlining virtual private network (VPN) best practices for organizations supporting remote workforces. The alert from CISA, part of the U.S. Department of Homeland Security, is timely for IT shops, especially as coronavirus pandemic concerns draw more employees toward the teleworking option. Tech companies such as Google, Microsoft, Twitter and now Intel, among many others, have recently enacted work-from-home recommendations for employees that can do so—RedmondMagAfter Tug-Of-War, White House Shows Cyber Memo To Congress
Following a months-long battle, the White House has made available to members of Congress classified documents that describe the approval process for conducting offensive cyber operations outside the United States—Fifth DomainEuropol Takes Down SIM-Swap Hacking Rings Responsible For Theft Of Millions Of Euros
Arrests have been made across Europe in an effort to stamp out gangs specializing in SIM-swapping attacks—ZDNetBig BEC Bust Brings Down Dozens
Federal officials have arrested two dozen individuals on charges related to a series of business email compromise (BEC) fraud and money-laundering schemes that cost victims $30 million—DarkReadingFederal Employees May Soon Be Ordered To Work From Home. That Could Pose Serious Cybersecurity Risks
Only about 40% of the 2.1 million federal workers were authorized to work remotely as of 2017 and the Trump administration had been working to limit remote work, demanding some civil servants instead come into the office to perform their jobs—Washington PostHigh-Stakes Security Setups Are Making Remote Work Impossible
Late last week, the U.S. government's Cybersecurity and Infrastructure Security Agency issued an advisory to critical infrastructure companies to prepare for remote work scenarios as Covid-19 spreads. That means checking that their virtual private networks are patched, implementing multifactor authentication, and testing out remote access scenarios—Wired(ISC)2 Has More Than 150,000 Certified Cybersecurity Professionals
The world’s largest nonprofit association of certified cybersecurity professionals announced that its membership has grown to include more than 150,000 certified cybersecurity professionals in 175 countries—HelpNet Security
Cyber Attacks ⚔️
Czech Hospital Hit By Cyberattack While In The Midst Of A COVID-19 Outbreak
One of the Czech Republic's biggest COVID-19 testing laboratories has been hit by a mysterious cyberattack—ZDNetAncient Tortoise BEC Scammers Launch Coronavirus-Themed Attack
Business Email Compromise (BEC) cybercrime group Ancient Tortoise—known for actively using financial aging reports in BEC attacks—has started using coronavirus-themed scam emails to convince potential victims to send payments to attacker-controlled accounts report researchers at the Agari Cyber Intelligence Division (ACID)—BleepingComputerRansomware Attack Hits Champaign-Urbana Public Health District
Champaign-Urbana Public Health District's website was taken down by a ransomware variant known as NetWalker, hampering the organization's response efforts amid the Coronavirus pandemic—TechTarget
Data Breaches 🗃️
Princess Cruises Confirms Data Breach
A notice published on the Princess website says suspicious activity was identified in late May 2019. Forensics experts were hired to launch an investigation, which found an unauthorized party gained access to some employee accounts between April 11 and July 23, 2019. It's unclear why Princess waited to post the notice, which is believed to have gone live in early March 2020—DarkReadingHackers Had Access To European Electricity Organization’s Email Server For Weeks: Report
The European Network of Transmission System Operators for Electricity (ENTSO-E) said on Monday that a data breach had been confined to its office network and that no critical power systems were affected. But a public analysis indicates that the attackers were communicating with the organization’s email server for more than a month—CyberScoop
Cyber Threats 😈
Coronavirus Tracking App Is Ransomware, Locks Phones For Ransom
A website has been exposed tricking unsuspecting users into downloading a Coronavirus tracking app on their Android phones which in reality is ransomware—HackReadTop 2 Cybersecurity Threats Facing Physician Practices
There were 3,139 data breaches reported to the U.S. Department of Health and Human Services between 2009 and 2020. Guanglan Zhan, PhD, professor of computer science and coordinator of the health informatics program at Boston University, highlights four themes among the data breaches: Data breaches are trending upward; California is hardest hit; Hacking/IT incidents is the top reason for a data breach; While the vast majority of breaches were committed by healthcare providers (2,287), 430 were caused by business associates—Physicians PracticeDDoS Attacks Could Affect Next-Generation 911 Call Systems
Despite a previous warning by Ben-Gurion University of the Negev (BGU) researchers, who exposed vulnerabilities in 911 systems due to DDoS attacks, the next generation of 911 systems that now accommodate text, images and video still have the same or more severe issues—HelpNet Security
Vulnerabilities 🔓
VMware Fixes A Critical Bug In Workstation, Fusion That Allows Code Execution On Host From Guest
VMware has addressed 3 serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that could be exploited to execute code on the host from the guest or may allow attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine—SecurityAffairsSlack Bug Allowed Automating Account Takeover Attacks
Slack has fixed a security flaw that allowed hackers to automate the takeover of arbitrary accounts after stealing session cookies using an HTTP Request Smuggling CL.TE hijack attack on https://slackb.com/—BleepingComputer
Privacy 🔐
ACLU Sues Over U.S. Airport Facial-Recognition Technology
The American Civil Liberties Union (ACLU) has filed suit the Department of Homeland Security (DHS) over its use of facial recognition technology in airports, decrying the government’s “extraordinarily dangerous path” to normalize facial surveillance as well as its secrecy in making specific details of the plan public—ThreatPostProtonMail Could Reroute Connections Through Google To Circumvent Censorship
Proton Technologies, the company behind encrypted email provider ProtonMail, has announced plans to circumvent censorship by routing connections to its servers through third-party infrastructure, which may include Google—a company that ProtonMail has long been critical of over its privacy practices—VentureBeat
In-Depth 👨💻
How To Avoid Coronavirus Phishing Scams
In research shared by email, Tatyana Shcherbakova, senior web content analyst for the cybersecurity company Kaspersky, notes the phishing emails designed to mimic those from the WHO are particularly convincing. So consumers need to be vigilant and use common sense before clicking on an email about the coronavirus outbreak. If a claim sounds too good to be true, it probably is—Consumer ReportsMisconfiguration Accounts For 82% Of Security Vulnerabilities
Organizations in the UK and Netherlands are more exposed to high-risk vulnerabilities than any others in Europe, with misconfiguration in areas like firewalls and passwords a major challenge, according to new data from Outpost24—InfoSecurity MagazineMore Telework For Feds Will Lead To More Risk For Networks
Agencies face the possibility of extended and widespread telework as coronavirus continues to spread throughout the United States, closing schools and canceling events throughout the national capital region. But more federal employees teleworking will likely increase cybersecurity risks for the government, experts said—Fifth DomainTexas Chose To Fight Ransomware And Not Pay. What About The Rest Of Us?
Law-abiding folks like us applauded Texas for its bravery—but would we have the steel will to stand on the side of justice if it happened to us? Probably not—DarkReadingOpen-Source Security: This Is Why Bugs In Open-Source Software Have Hit A Record High
Increased adoption of open-source software and more focused efforts on finding dangerous bugs mean the number of reported open-source vulnerabilities has risen to 6,100, up from 4,100 last year—ZDNetCountering Network Resident Threats In Government Networks
The federal government owns, operates and uses some of the largest networks in the world, with millions of users distributed across thousands of locations. Because of this richness of systems, data and bandwidth, intruders of all varieties target federal networks—GCNDDoS Attack Trends Reveal Stronger Shift To IoT, Mobile
Attackers are capitalizing on the rise of misconfigured Internet-connected devices running the WS-Discovery protocol, and mobile carriers are hosting distributed denial-of-service weapons—DarkReadingThreat-Thwarting Guidance Published For Cargo Ships
The Digital Container Shipping Association (DCSA) unveiled its "DCSA Implementation Guide for Cyber Security on Vessels" designed to facilitate vessel readiness for the IMO (International Maritime Organization) Resolution MSC.428(98) on Maritime Cyber Risk Management in Safety Management Systems—InfoSecurity MagazineAnalyzing The Top 2019 Data Breach Disclosures: Hindsight In 2020
It's not a question of if you will get breached, but when you will get breached. Unfortunately, for Zynga, Canva, Capital One, Evite, Poshmark, and CafePress, 2019 was their year for a data breach. And, with IBM Security and Ponemon Institute research putting the average number of records breached in a security incident at 25,575, all six of these companies came in above average—TechTargetBeyond Burnout: What Is Cybersecurity Doing To Us?
Infosec professionals may feel not only fatigued, but isolated, unwell, and unsafe. And the problem may hurt both them and the businesses they aim to protect—DarkReadingWorking From Home: COVID-19’s Constellation Of Security Challenges
As the threat of coronavirus continues to spread, businesses are sending employees home to work remotely, and students are moving to online classes. But with the social distancing comes a new threat, a cyber-related one—ThreatPostCloud + BYOD + IoT = Major Security Gaps
That’s the finding from a survey from Axonius, which reveals how trends including the ever-increasing number of end-user devices, rapid cloud adoption, and the looming IoT explosion are leading to increased complexity and risk and decreased visibility—HelpNet SecurityWhat Cybersecurity Pros Really Think About Artificial Intelligence
The cybersecurity industry has been targeted by technology and business leaders as one of the top advanced use cases for artificial intelligence (AI) and machine learning (ML) in the enterprise today. According to the latest studies, AI technology in cybersecurity is poised to grow over 23% annually through the second half of the decade. That'll have the cybersecurity AI market growing from $8.8 billion last year to $38.2 billion by 2026—DarkReading
Today’s CyberSecurity Brief is sponsored by Mostly AI, The World's Most Advanced Synthetic Data Engine That Anonymizes Personal User Data At Scale