Cyber Security News of the Week, September 18, 2016

Cyber Security News of the Week, September 18, 2016

Individuals at Risk

Identity Theft

Identity Theft: How To Protect Yourself Or Resolve It: Identity theft impacts more than 17 million consumers every year, and consumers over 50 can be particularly vulnerable. This year is on track to exceed the 780 data breaches of 2015, according to the Identity Theft Resource Center. But there are a few key ways to protect yourself from becoming an identity theft victim and taking action if your identity is stolen. Forbes, September 14, 2016

Cyber Privacy

Russian Hackers Get Bolder in Anti-Doping Agency Attack: NOT SO LONG ago, the world learned about Russian cyberespionage attacks only when embarrassed government officials admitted they’d discovered the hackers silently lurking in their systems. Today, the same intruders seem to announce themselves on Facebook, via Twitter, and even on their own website covered in bear-themed clip art and gifs. Wired, September 14, 2016

Simone Biles and Williams Sisters Latest Target of Russian Hackers: Russian hackers — possibly the same group that compromised the Democratic National Committee’s computer servers — have made top American athletes their latest target. The New York Times, September 14, 2016

Cyber Danger

Attack Leverages Windows Safe Mode Tools Used for Support: Researchers warn the Windows diagnostic feature Safe Mode can be used as a remote attack vector by hackers who already have access to a compromised PC or server. The method of attack is unusual, researchers said, and places attention on the diagnostic tool used to fix PC problems and remove security threats. ThreatPost, September 15, 2016

NEVERQUEST TROJAN GETS BIG SUMMER UPDATE: The once prolific banking Trojan Neverquest received a major code revamp over the summer and is now armed with modifications that can more adeptly hijack a victim’s PC, inject code into webpages and steal credentials. The update represents a significant enough change to the malware that researchers have dubbed the latest samples Neverquest2. ThreatPost, September 15, 2016

Information Security Management in the Organization

Information Security Governance

Kaspersky Lab Survey Shows Real Business Loss From Cyber-Attacks Now $861K Per Security Incident: On average, a single cybersecurity incident now costs large businesses $861,000, while small and medium businesses (SMB) end up paying $86,500. Most alarmingly, the cost of recovery significantly increases depending on the time of discovery. SMBs tend to pay 44 per cent more to recover from an attack discovered a week or more after the initial breach, compared to attacks spotted within one day. Enterprises pay a 27 per cent premium in the same circumstances. These are the main findings of Kaspersky Lab’s report “Measuring the Financial Impact of IT Security on Businesses” based on the 2016 Corporate IT Security Risks survey. InformationSecurityBuzz, September 15, 2016

Cybersecurity Is Every Executive’s Job: All companies connected to the internet are vulnerable to cyber attacks. And the potential losses are significant. Retail giant Target, for example, estimated its losses from a 2013 data breach at more than $250 million. What’s more, according to a recent survey conducted for BAE Systems of 300 managers in the financial services, insurance, and IT/tech industries in the U.S., 85% of respondents listed reputational damage as the most prominent result of a data breach, with 74% citing legal liability as the second largest concern. Harvard Business Review, September 13, 2016

Cyber Warning

MySQL vulnerability disclosed, status of patches uncertain: Oracle’s lack of response to security researchers raises more questions after a zero-day MySQL vulnerability was reported, though patches may have already been released. SearchSecurity, September 15, 2016

Ransomware Getting More Targeted, Expensive: I shared a meal not long ago with a source who works at a financial services company. The subject of ransomware came up and he told me that a server in his company had recently been infected with a particularly nasty strain that spread to several systems before the outbreak was quarantined. He said the folks in finance didn’t bat an eyelash when asked to authorize several payments of $600 to satisfy the Bitcoin ransom demanded by the intruders: After all, my source confessed, the data on one of the infected systems was worth millions — possibly tens of millions — of dollars, but for whatever reason the company didn’t have backups of it. KrebsOnSecurity, September 15, 2016

Secret Service Warns of ‘Periscope’ Skimmers: The U.S. Secret Service is warning banks and ATM owners about a new technological advance in cash machine skimming known as “periscope skimming,” which involves a specialized skimming probe that connects directly to the ATM’s internal circuit board to steal card data. KrebsOnSecurity, September 13, 2016

Thousands of Seagate NAS boxes host cryptocurrency mining malware: Thousands of publicly accessible FTP servers, including many from Seagate network-attached storage devices, are being used by criminals to host cryptocurrency mining malware. ComputerWorld, September 12, 2016

Cyber Defense

The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations: The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure is critical to preserve the confidentiality, integrity, and availability of communication and services across an enterprise. US-CERT, September 6, 2016

Cyber Update

CISCO PATCHES CRITICAL WEBEX MEETINGS SERVER VULNERABILITY: Cisco warned customers of 12 vulnerabilities across its product line this week, including a critical vulnerability in the software that powers its conferencing product, WebEx Meetings Server. ThreatPost, September 15, 2016

Adobe, Microsoft Push Critical Updates: Adobe and Microsoft on Tuesday each issued updates to fix multiple critical security vulnerabilities in their software. Adobe pushed a patch that addresses 29 security holes in its widely-used Flash Player browser plug-in. Microsoft released some 14 patch bundles to correct at least 50 flaws in Windows and associated software, including a zero-day bug in Internet Explorer. KrebsOnSecurity, September 14, 2016

Cyber Security in Society

Know Your Enemy

Cybercrime-as-a-Service Economy: Stronger Than Ever: Police estimate that just 100 to 200 people may be powering the “cybercrime-as-a-service” ecosystem by developing the attack code and services that enable criminals who lack technical acumen to pay for their cybercrime will to be accomplished. BankInfoSecurity, September 14, 2016

National Cyber Security

White House Said Mulling Legal Action Against Russian Hackers: The White House is trying to build a legal case against Russian hackers it believes are behind recent leaks aimed at disrupting the U.S. presidential election, while Congress is eyeing sanctions as a remedy, media reports says. RadioFreeEurope, Sepember 16, 2016

Powell emails were leaked on a site linked to the Russian government: Donald Trump is “a national disgrace and an international pariah” who gave voice to a “racist” movement to question President Obama’s citizenship, former secretary of state Colin L. Powell tapped on his keyboard. The Washington Post, September 14, 2016

Hackers, Organizational Doxing, and Data Forgeries: In the past few years, the devastating effects of hackers breaking into an organization’s network, stealing confidential data, and publishing everything have been made clear. It happened to the Democratic National Committee, to Sony, to the National Security Agency, to the cyber-arms weapons manufacturer Hacking Team, to the online adultery site Ashley Madison, and to the Panamanian tax-evasion law firm Mossack Fonseca. The Atlantic, September 13, 2016

Cyber Vulnerability

Researcher Finds Critical Vulnerabilities in Hollywood Screener System: A prominent security researcher has discovered serious vulnerabilities in a system that allows awards voters to watch the latest movie screeners online. Chris Vickery, who previously gained access to the ‘World-Check’ terror, crime and sanctions database, informed TF of his discovery last month after an unsecured database was left open to the public. TorrentFreak, September 9, 2016

Cyber Politics

Sowing Doubt Is Seen as Prime Danger in Hacking Voting System: WASHINGTON — Russian hackers would not be able to change the outcome of the United States presidential election, the nation’s most senior intelligence and law enforcement officials have assured Congress and the White House in recent weeks. The New York Times, September 15, 2016

New batch of leaked Colin Powell e-mails lambasts Trump and Clinton: Add former US Secretary of State Colin Powell to the list of high-ranking Washington insiders whose leaked e-mails are rankling their peers with just weeks to go before the US presidential election. ars technica, September 14, 2016

New Documents Released From Hack of Democratic Party: A hacker who American intelligence officials believe has ties to the Russian government made public on Tuesday a second batch of documents suspected of having been stolen from the Democratic National Committee’s computer system, leaving the organization rushing to contain damage or embarrassment less than two months before the presidential election. The New York Times, September 14, 2016

Financial Cyber Security

New York plans cyber rules for banks, insurers to set a floor for cybersecurity standards: Because every major financial institution on the planet operates in New York, the state regulations will effectively form a global floor for cybersecurity standards. FedScoop, September 14, 2016

How EMV is fueling an e-commerce fraud frenzy: The rollout of EMV-enabled credit and debit cards is driving a sharp decline in brick-and-mortar transaction fraud. But now fraudsters have a different target: online retailers. RetailDive, September 14, 2016


OCR Announces Business Associate Audits Coming Soon: The Department of Health and Human Services is gearing up to kick off in October its first-ever round of HIPAA compliance audits of business associates. And the agency is also developing a variety of new guidance aimed at helping healthcare organizations deal with a surge in cyber threats. HealthCareInfoSecurity, September 15, 2016

Critical Infrastructure

Someone Is Learning How to Take Down the Internet: Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses. Schneier on Security, September 13, 2016

Internet of Things

Volkswagen is founding a new cybersecurity firm to prevent car hacking: As cars become more computerized, they’re also facing a greater risk of being hacked. That’s why Volkswagen is founding a new cyber security company devoted to protecting next-generation vehicles. PCWorld, September 14, 2016

Secure the Village

Uber, Dropbox, Other Tech Leaders Team Up To Boost Vendor Security: Tech companies – including Uber, Dropbox, Twitter, and Docker – have joined forces to create the Vendor Security Alliance, which aims to vet vendor security practices. DarkReading, September 16, 2016

Cyber Sunshine

Alleged vDOS Proprietors Arrested in Israel: Two young Israeli men alleged to be the co-owners of a popular online attack-for-hire service were reportedly arrested in Israel on Thursday. The pair were arrested around the same time that KrebsOnSecurity published a story naming them as the masterminds behind a service that can be hired to knock Web sites and Internet users offline with powerful blasts of junk data. KrebsOnSecurity, September 10, 2016

Cyber Event

Secure Coding Class for the Web: The major cause of application insecurity is the lack of secure software development practices. This highly intensive and interactive course provides essential application security training for web application, webservice and mobile software developers and architects. The class features a combination of lecture, security testing demonstration and code review. Event Date: October 17-21

THIRD ANNUAL LOS ANGELES CYBER SECURITY SUMMIT 2016-SILICON BEACH: Cyber attacks on corporations, governmental agencies and individuals are becoming increasingly widespread and regular, as well as more complex. In honor of National Cyber Security Awareness Month, LMU is once again hosting The Third Annual Cybersecurity Summit that brings together government officials, private business executives and cybersecurity experts to discuss the current and emerging threats that exist in today’s sophisticated cyber environment, and the technological advancements being made to countermeasure and manage these risks. Event Date: October 22, 2016

The post Cyber Security News of the Week, September 18, 2016 appeared first on Citadel Information Group.