Individuals at Risk
Cyber Update
HP issues fix for ‘keylogger’ found on several laptop models:
A security researcher says an audio driver is recording every keystroke entered, accessible to any person or malware that knows where to look. ZDNet, May 12, 2017
Emergency Fix for Windows Anti-Malware Flaw Leads May’s Patch Tuesday: Adobe and Microsoft both issued updates today to fix critical security vulnerabilities in their software. Microsoft actually released an emergency update on Monday just hours ahead of today’s regularly scheduled “Patch Tuesday” (the 2nd Tuesday of each month) to fix a dangerous flaw present in most of Microsoft’s anti-malware technology that’s being called the worst Windows bug in recent memory. Separately, Adobe has a new version of its Flash Player software available that squashes at least seven nasty bugs. KrebsOnSecurity, May 9, 2017
Cyber Defense
Analysis of 500 million passwords shows what you should avoid: A dump of over 550 million username and password combinations is currently being sold on underground forums, and eager crooks are paying for the privilege to test them out against many online services. HelpNetSecurity, May 12, 2017
Cyber Warning
Reminder to Be Cautious as SMS Smishing Fraud Steals Money from UK Bank Customers: NatWest customers are being warned about a new ‘smishing’ scam that allows fraudsters to steal their cash. The Independent, May 11, 2017
Information Security Management in the Organization
Information Security Management and Governance
What the Rise of Russian Hackers Means for Your Business: For years major businesses have contended with hackers attempting to break into their networks and steal their data. In the recent past, that threat mostly emanated from China. Now, a new threat has emerged that companies must address: a savvy, resource-rich, risk-taking gang of hackers with ties to Russia. If the Chinese were the drunk burglars of cyberspace (to quote former FBI director James Comey), these Russians are stone-cold sober thugs. HBR, May 12, 2017
Cybersecurity consciousness in the C-suite: Enterprises are better protected from repercussions of a breach with a board that’s knowledgeable about security and which makes sure a comprehensive set of security policies are in place, reports Greg Masters. SC Magazine, May 12, 2017
Cyber Defense
Extreme Makeover: AI & Network Cybersecurity: In the future, artificial intelligence will constantly adapt to the growing attack surface. Today, we are still connecting the dots. DarkReading, May 10, 2017
Cyber Insurance
Cyber Crime Fears Drive Up Demand for Anti-Hacker Insurance: For companies and organizations, an attack by hackers can inflict financial losses, corporate embarrassment and legal action. For insurers jumping into the brave new world of cyber crime insurance, it’s free marketing for what could be a $10 billion opportunity. Bloomberg, May 9, 2011
Cyber Security in Society
WannaCry Attack
Users and IT Dept’s Need to Take Action as Dangerous Ransomware Attack Circles Globe: A dangerous ransomware attack is occurring today which is having a significant impact on computers globally. The attack has compromised the hospital system in England and severely impacted the Spanish telecommunications company, Telefonica. All told, more than 74 countries have been impacted. Stan Stahl, CitadelOnSecurity, May 12, 2017
Why Is The NHS Ransomware Attack Bigger Than What it Seems? The Experts Chime In [Citadel’s Stan Stahl Quoted]: A massive cyberattack seems to have caught the global corporate arena asleep at the wheel. What do some of the experts have to say about it? Read on to find out. ITSP Magazine, May 2017
WannaCry’s large-scale cyber attack highlights the structural dilemma of the NSA: IN BRITAIN, doctors could neither gain access their patients’ files nor make appointments to see those patients. In Russia, hundreds of the interior ministry’s workers sat idle. In China, students were locked out of their theses. As the latest cyber attack rippled around the globe, infecting at least 45,000 computers in 74 countries, according to Kaspersky Labs, a Russian cyber-security firm, it seemed for a moment that the world was facing digital apocalypse. In the event, catastrophe was averted when somebody found a kill switch, which stopped the malicious software involved spreading further. The attackers will still make a pretty penny, however, and untold hours will have to be spent cleaning up the mess. What is more galling than that is that all of this was entirely avoidable. The Economist, May 13, 2017
WannaCry may be slowing. Stay cautious in preparation for release of next attack wave. Patch now!: Over the past 24 hours, a ransomware program called WannaCry has shut down more than 75,000 computers across 99 countries, including a string of hospitals in the United Kingdom and critical gas and water utilities in Spain. But despite the massive scale of the attack, stopping new infections from the attack seems to have been as simple as registering a single web address. The Verge, May 13, 2017
An NSA-derived ransomware worm is shutting down computers worldwide: A highly virulent new strain of self-replicating ransomware shut down computers all over the world, in part by appropriating a National Security Agency exploit that was publicly released last month by the mysterious group calling itself Shadow Brokers. ars technica, May 12, 2017
Malware, described in leaked NSA documents, cripples computers in worldwide ransomware attack: Hackers unleashed an attack that disabled computers in dozens of nations Friday using a software flaw that once was part of the National Security Agency’s surveillance tool kit. The Washington Post, May 12, 2017
Ransom reportedly demanded in cyberattack on England’s health-care system: Hackers unleashed an attack that disabled computers in dozens of nations Friday using a software flaw that once was part of the National Security Agency’s surveillance tool kit. The Washington Post, May 12, 2017
Cyber Culture
Everything is hackable. Computer security broken from top to bottom. Distrust & Caution!!: As the consequences pile up, things are starting to improve. The Economist, April 8, 2017
Cyber Crime
Greenway Health struggles with ransomware attack. Patient info from nearly 4,000 customers at risk: A ransomware attack last week against hospital and ambulatory electronic health records vendor Greenway Health affected 400 client organizations using the vendor’s Intergy cloud-hosted platform. HealthData Management, May 1, 2017
Cyber Privacy
SSA.GOV To Require Stronger Authentication: The U.S. Social Security Administration will soon require Americans to use stronger authentication when accessing their accounts at ssa.gov. As part of the change, SSA will require all users to enter a username and password in addition to a one-time security code sent their email or phone. In this post, we’ll parse this a bit more and look at some additional security options for SSA users. KrebsOnSecurity, May 10, 2017
Cyber Defense
UN Agency Launches Cryptocurrency Cybercrime Training: The United Nations agency dedicated to fighting drug trafficking and organized crime has developed a new cryptocurrency training program. CoinDesk, May 11, 2017
Know Your Enemy
With New Digital Tools, Even Nonexperts Can Wage Cyberattacks: SAN FRANCISCO — Hackers are discovering that it is far more profitable to hold your data hostage than it is to steal it. The New York Times, May 13, 2017
NexGen Malware Will Use Artificial Intelligence: Cybersecurity Friend or Foe?: The next generation of situation-aware malware will use AI to behave like a human attacker: performing reconnaissance, identifying targets, choosing methods of attack, and intelligently evading detection. DarkReading, May 11, 2017
National Cyber Security
A few industry reactions to Trump’s cybersecurity executive order. Pluses. Missed Opportunities: On Thursday, President Donald Trump signed a long-awaited executive order on cybersecurity. HelpNetSecurity, May 12, 2017
US intelligence chiefs don’t trust Kaspersky Lab software: The big question in Thursday’s intelligence hearing on worldwide threats before the US Senate Intelligence Committee was whether the Russian government interfered with US elections. HelpNetSecurity, May 12, 2017
Trump signs executive order. Requires Federal agencies to use NIST Cybersecurity Framework: President Donald Trump has signed a long-awaited executive order that places responsibility for cybersecurity on departmental secretaries and agency directors and emphasizes the use of risk management throughout the federal government to secure digital assets. BankInfoSecurity, May 11, 2017
NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet: In early December 2016, Adam was doing what he’s always doing, somewhere between hobby and profession: looking for things that are on the internet that shouldn’t be. That week, he came across a server inside New York University’s famed Institute for Mathematics and Advanced Supercomputing, headed by the brilliant Chudnovsky brothers, David and Gregory. The server appeared to be an internet-connected backup drive. But instead of being filled with family photos and spreadsheets, this drive held confidential information on an advanced code-breaking machine that had never before been described in public. Dozens of documents spanning hundreds of pages detailed the project, a joint supercomputing initiative administered by NYU, the Department of Defense, and IBM. And they were available for the entire world to download. The Intercept, May 11, 2017
French Election Security
Macron campaign team used honeypot accounts to fake out Fancy Bear: The failed effort by Russian attackers to influence the outcome of the French presidential campaign in its final hours was in part a forced error, thanks to an active defense by the digital team of French president-elect Emmanuel Macron’s campaign organization, the digital director of the campaign has claimed. Campaign team members told the New York Times that as the phishing attacks mounted, they created a collection of fake e-mail accounts seeded with false information. ars technica, May 10, 2017
Evidence suggests Russia behind hack of French president-elect: Late on May 5 as the two final candidates for the French presidency were about to enter a press blackout in advance of the May 7 election, nine gigabytes of data allegedly from the campaign of Emmanuel Macron were posted on the Internet in torrents and archives. The files, which were initially distributed via links posted on 4Chan and then by WikiLeaks, had forensic metadata suggesting that Russians were behind the breach—and that a Russian government contract employee may have falsified some of the dumped documents. ars technica, May 8, 2017
Cyber Law
How one obscure court case could decide the future of internet business: There’s a huge court case you need to hear about. It might not be on your radar yet because, frankly, some of it gets pretty technical. But the outcome is likely to have enormous repercussions for online privacy, net neutrality and the economy. The Daily Herald, May 13, 2017
HIPAA
75% of health orgs live below cybersecurity poverty line: Kaiser Permanente chief technology risk officer shared predictions for 2017 and touches on the security issues likely to persist into 2018 at the Healthcare IT News Privacy & Security Forum. HealthcareIT News, May 11, 2017
Website Flaw Let True Health Diagnostics Users View All Medical Records: Over the past two weeks readers have pointed KrebsOnSecurity to no fewer than three different healthcare providers that failed to provide the most basic care to protect their patients’ records online. Only one of the three companies — the subject of today’s story — required users to be logged on in order to view all patient records. KrebsOnSecurity, May 8, 2017
Cyber Sunshine
Man fined $318,000. Destroyed boss’ servers after hacking payroll system & committing payroll fraud: Yovan Garcia, a former private security officer, has been fined $318,661.70 after a California court found him guilty of padding his work hours, hacking the company’s servers to steal data on customers, demolishing the servers in the process, defacing the website, ripping off the proprietary software, and setting up a rival business running on that ripped-off program. NakedSecurity, May 12, 2017
The post Cyber Security News of the Week, May 14, 2017 appeared first on Citadel Information Group.
from Citadel Information Group
via Citadel Information Group