Cybersecurity News of the Week, January 20, 2019

Cybersecurity News of the Week, January 20, 2019


Individuals at Risk

Cyber Privacy

Airline Booking System Exposed Passenger Details: An investigation is underway into a booking software vulnerability that exposed airline passenger name records, which is a bundle of personal and travel data that gets collected whenever someone books a flight. BankInfoSecurity, January 17, 2019

Cyber Breach

773M Password ‘Megabreach’ is Years Old: My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessly dubbed it “the largest collection ever of breached data found.” But in an interview with the apparent seller, KrebsOnSecurity learned that it is not even close to the largest gathering of stolen data, and that it is at least two to three years old. KrebsOnSecurity, January 17, 2019

Cyber Leak

Change your password! VoIP provider leaves huge database exposed online. left 15 million sensitive documents on a server on the Internet without even basic password protection: A researcher has discovered an exposed database containing gigabytes of call logs, SMS data, and internal system credentials belonging to US Voice-over-IP (VoIP) service provider NakedSecurity, January 17, 2019

Cyber Defense

It’s Time to Audit All the Extensions You’ve Installed on Your Browser: A lot of what we do on our computers goes through the browser, and that means any extensions you choose to add on top of that browser have a very privileged position: They can see where you’re going online, they can see the data you’re passing to and from the web, and they can send and receive data themselves. Gizmodo, January 18, 2019

GoDaddy is sneakily injecting JavaScript into your website and how to stop it: I recently started having issues with the admin interface of a website I run and decided to check the browser console to see if any errors were being displayed there. There were and among them was an error stating that a JavaScript map file being loaded (and failing) that I did not recognise. This meant that the actual JavaScript file itself was already loaded via my website. This set off all sorts of alarms for me and I started to dig in further. Igor Kromin, January 13, 2019

Cyber Warning

Hackers using fake ‘Flash Player’ Google Chrome extension to steal credit card data: Cybersecurity researchers are warning unsuspecting internet users about a year-old Chrome extension which steals credit card data from infected users via web forms on visited websites. RT, January 18, 2019

Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection: Two Android apps infected with banking malware were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings. BleepingComputer, January 17, 2019

New Ransomware Targets PayPal Users: What to Know: A new strain of encrypting ransomware adds insult to injury by letting you pay with PayPal — and then tries to steal your personal details, your credit card number and your PayPal password. Tom’s Guide, January 15, 2019

Information Security Management in the Organization

Cyber Leadership

The Success of Your Business Depends on Digital Trust. Here Is How to Measure It: Most people can name a recent example of online data being compromised, and consumers have become more concerned about how organizations protect their data. Whether the data in question is a physical location, credit card numbers or buying preferences, modern, tech-savvy consumers are thinking long and hard about digital trust risks and the privacy of their data. SecurityIntelligence, January 16, 2019

Information Security Management and Governance

U.S. CEOs Are More Worried About Cybersecurity Than a Possible Recession: With markets uncertain, many onlookers might think a recession is on the way, whether that’s most CFOs in the world or voters in the United States. Fortune, January 17, 2019

Board Directors Can’t Afford to Ignore Cybersecurity Risk. Effective cybersecurity management requires top management & board to engage in regular dialogue around cyber risks and business strategy, recognizing them as inextricably linked: As organizations rush to adopt new digital channels, big data, advanced analytics, and emerging technologies such as blockchain, artificial intelligence (AI) and quantum computing, they face new risks that may be difficult to quantify today. SecurityIntelligence, January 17, 2019

ThreatList Report: $1.7M is the Average Cost of a Cyber-Attack. Brand damage, loss of productivity, falling stock prices and more contribute to significant business impacts in the wake of a breach: The average cost estimate for cleaning up a cyberattack comes in at around $1.1 million, according to a recent survey. But this is actually a rosy view: For those organizations that actually calculate (versus estimate) the real cost of an attack, that number increases significantly to $1.67 million. ThreatPost, January 15, 2019

Cyber Warning

Researchers identify malware that can dismantle cloud security protections: A team of researchers have identified a new kind of malware that they say can remove cloud security products. The Hill, January 17, 2019

Cyber Defense

PCI Council Releases New Software Framework for DevOps Era. The PCI Software Security Framework will eventually replace PCI DA-DSS when it expires in 2022: This week the PCI Security Standards Council released a new software security standard that is designed to help it validate the security of payment ecosystems in the face of newer software architectures and modern development methods like DevOps and continuous delivery. The new standard would ultimately replace the PCI Payment Application Data Security Standard (PA-DSS). DarkReading, January 18, 2019

How to protect backups from ransomware: Despite a recent decline in attacks, ransomware still poses significant threats to enterprises, as the attacks against several major newspapers demonstrated this month. It is also becoming more capable. In particular, ransomware writers are aware that backups are an effective defense and are modifying their malware to track down and eliminate the backups. CSO, January 14, 2019

Cybersecurity in Society

Cyber Privacy

U.S. regulators have met to discuss imposing a record-setting fine against Facebook for privacy violations: U.S. regulators have met to discuss imposing a record-setting fine against Facebook for violating a legally binding agreement with the government to protect the privacy of its users’ personal data, according to three people familiar with the deliberations but not authorized to speak on the record. The Washington Post, January 18, 2019

Evaluating the GCHQ Exceptional Access Proposal: The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI—and some of their peer agencies in the U.K., Australia, and elsewhere—argue that the pervasive use of civilian encryption is hampering their ability to solve crimes and that they need the tech companies to make their systems susceptible to government eavesdroping. Sometimes their complaint is about communications systems, like voice or messaging apps. Sometimes it’s about end-user devices. On the other side of this debate is pretty much all technologists working in computer security and cryptography, who argue that adding eavesdropping features fundamentally makes those systems less secure. Schneier On Security, January 17, 2019

Cyber Crime

West African banks targeted in multi-wave attack: In a somewhat unusual step cybercriminals are targeting banks in several western African nations using off the shelf malware to gain entry, gain persistence and exfiltrate data along with “living off the land” tactics. SC Magazine, January 17, 2019

SEC Describes $4.1 Million Hacking Scheme. Seven individuals and two organizations charged with hacking SEC’s EDGAR document system, stealing and using nonpublic corporate information to illegally earn $4.1 million via insider trading: The U.S. Securities and Exchange Commission has charged seven individuals and two organizations with being part of an international scheme that hacked the SEC’s EDGAR document system, stole nonpublic corporate information and used it to illegally earn $4.1 million via insider trading. BankInfoSecurity, January 16, 2019

Cyber Attack

Ransomware attack sends City of Del Rio, TX back to the days of pen and paper. Servers at City Hall were rendered useless due to the outbreak: Officials based at the City of Del Rio, in Texas, were forced to abandon electronic services and switch to pen and paper after a ransomware attack effectively closed down City Hall servers. ZDNet, January 14, 2019

Know Your Enemy

“Stole $24 Million But Still Can’t Keep a Friend” — Krebs on Security. Manhattan resident accused of stealing almost $24 million in cryptocurrency after fraudulently executing “SIM swap ” leading to $200 million civil lawsuit against AT&T: Unsettling new claims have emerged about Nicholas Truglia, a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims. The lurid details, made public in a civil lawsuit filed this week by one of his alleged victims, paints a chilling picture of a man addicted to thievery and all its trappings. The documents suggest that Truglia stole from his father and even a dead man — all the while lamenting that his fabulous new wealth brought him nothing but misery. KrebsOnSecurity, January 15, 2019

Cyber Freedom

Democrats claim alleged Russian hacker Group “Cozy Bear” posed as State Department official in attempted DNC hack after 2018 campaign: New York (CNN)The Democratic National Committee claims that in the days after the 2018 midterm elections it was likely targeted by a group of Russian intelligence hackers, according to court documents filed overnight. CNN, January 18, 2019

Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation. Facebook says the accounts and pages were part of two unrelated disinformation operations aimed at targets outside the US: Facebook has closed hundreds of accounts and pages linked to Russia, due to “coordinated inauthentic behavior” or disinformation operations. DarkReading, January 17, 2019

National Cybersecurity

Behind Russia’s cyberwarfare lies a serious case of cyber-phobia: After two U.S. election cycles dominated by talk of the cyberthreat from Russia, many Americans see their democracy as deeply vulnerable to influence operations on social networks, as well as penetration of election infrastructure. With no satisfactory safeguard against foreign interference in place and the 2020 presidential election cycle fast approaching, these concerns are likely to persist. The Washington Post, January 17, 2019

In Shutdown, the US Government Is Flirting with Cybersecurity Disaster. Network security is an around-the-clock battle. Agency cybersecurity teams are left with skeleton staff, and many furloughed security experts may not come back: The record-setting partial government shutdown that enters its 24th day today is having a damaging effect on the nation’s cybersecurity, both now and in the future. Data Center Knowledge, January 14, 2019

Cyber Regulation

Court rejects FCC request to delay net neutrality case: A federal appeals court denied the Federal Communications Commission’s request to postpone oral arguments in a court battle over the agency’s decision to repeal its net neutrality rules. The Hill, January 17, 2019

Critical Infrastructure

Your Garage Opener Is More Secure Than Industrial Remotes. Trend Micro Says It Moved Cranes Using RF Software Flaws: Radio-frequency controllers used in the construction, mining and shipping industries are dangerously vulnerable to hackers, making the devices prime targets for attacks that could shut down operations and possibly hurt workers, Trend Micro says in new report. BankInfoSecurity, January 16, 2019

Cyber Enforcement

Courts Hand Down Hard Jail Time for DDoS: Seldom do people responsible for launching crippling cyberattacks face justice, but increasingly courts around the world are making examples of the few who do get busted for such crimes. On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against a number of hospitals in 2014. Also last week, a 30-year-old in the United Kingdom was sentenced to 32 months in jail for using an army of hacked devices to crash large portions of Liberia’s Internet access in 2016. KrebsOnSecurity, January 14, 2019

Cyber Humor

SecureTheVillage Calendar

Webinar: SecureTheVillage February Webinar
February 7 @ 10:00 am – 11:00 am

Financial Services Cybersecurity Roundtable – February 2019
February 8 @ 8:00 am – 10:00 am

Webinar: SecureTheVillage March Webinar
March 7 @ 10:00 am – 11:00 am

The post Cybersecurity News of the Week, January 20, 2019 appeared first on Citadel Information Group.

from Citadel Information Group
via Citadel Information Group