Monday, July 06, 2015

Cyber Security News and Education for the Week of July 6, 2015





Cyber Crime

Plex Forums Breached, Hacker Holding Data for Ransom: Media server Plex today revealed that its forums were hacked and certain user information compromised. PC Magazine, July 3, 2015
Experts: Hacking probe will stretch if Cards execs involved: HOUSTON (AP) — The federal hacking investigation of the St. Louis Cardinals could take longer if high-level executives are implicated in the breach of the Houston Astros’ database, according to legal experts. USA Today, July 3, 2015
Harvard Suffers Data Breach Spanning Multiple Schools, Administration Networks: Investigation so far shows email and system login info may have been compromised, university says. DarkReading, July 2, 2015
Bitcoin Exchange Hacked With Word Macro: Memo to organizations: Do not allow PCs that run software such as Skype and Microsoft Office to connect to a server that hosts your bitcoin wallet. BankInfoSecurity, July 2, 2015
Banks: Card Breach at Trump Hotel Properties: The Trump Hotel Collection, a string of luxury hotel properties tied to business magnate and now Republican presidential candidate Donald Trump, appears to be the latest victim of a credit card breach, according to data shared by several U.S.-based banks. KrebsOnSecurity, July 1, 2015
F.B.I. Struggles to Pinpoint the Fingers Behind a Hacking: WASHINGTON — As F.B.I. agents try to build a case against personnel in the St. Louis Cardinals’ front office who are accused of breaking into the network that housed the Houston Astros’ closely guarded baseball intelligence, they are struggling with one particular aspect of the investigation: determining who, specifically, had his hands on the keyboard. The New York Times, June 23, 2015
Exclusive: SEC hunts hackers who stole corporate emails to trade stocks: U.S. securities regulators are investigating a group of hackers suspected of breaking into corporate email accounts to steal information to trade on, such as confidential details about mergers, according to people familiar with the matter. Reuters, June 23, 2015

Cyber Privacy

David Cameron Renews Push to Ban Encryption: If David Cameron has his way, encryption technology will be a black-market commodity in the U.K., July 2, 2015

Financial Cyber Security

FFIEC Issues Cyber Assessment Tool: The Federal Financial Institutions Examination Council on June 30 released its much-anticipated Cybersecurity Assessment Tool, which is designed to help banking institutions of all sizes assess and identity risks and weaknesses in their cybersecurity preparedness programs. BankInfoSecurity, July 2, 2015
GAO sees room for improvement in bank cyber security exams: U.S. banking regulators must hire and train more examiners with technology expertise so they can give more useful cyber security recommendations to small and mid-sized banks, a federal watchdog agency has warned. Reuters, July 2, 2015
Is PCI-DSS Still Viable?: News coverage of last week’s payments security event hosted by the Federal Reserve Bank of Kansas City focused on comments by Jerome Powell, a member of the Federal Reserve System’s board of governors. He encouraged banks to consider going beyond using only signatures to authenticate card transactions as the U.S. makes its move to EMV. BankInfo Security, June 30, 2015

Identity Theft

China ‘leading suspect’ in US cyberattack, says intelligence chief: If China is the culprit, as intelligence chief James Clapper asserts, the US faces the thorny issue of how to respond. CNET, June 27, 2015

Cyber Warning

FBI Warns U.S. Companies to Be Ready for Chinese Hack Attacks: Within the U.S. government, there’s a debate about who’s responsible for the massive hack of federal employees’ darkest secrets. The FBI on Wednesday weighed in with its own answer, strongly implying that it was the work of China. The Daily Beast, July 1, 2015
OPM Identity-Protection Phishing Campaigns: US-CERT is aware of suspicious domain names that may be used in phishing campaigns masquerading as official communication from the Office of Personnel Management (OPM) or the identity protection firm CSID. Https:// (link is external)is the legitimate domain used by CSID, which is responsible for identity protection services for those affected by the recent data breach. June 30, 2015
Crooks Use Hacked Routers to Aid Cyberheists: Cybercriminals have long relied on compromised Web sites to host malicious software for use in drive-by download attacks, but at least one crime gang is taking it a step further: New research shows that crooks spreading the Dyre malware for use in cyberheists are leveraging hacked wireless routers to deliver their password-stealing crimeware. KrebsOnSecurity, June 29, 2015
Fraud Alert Issued on Business Email Compromise Scam: The Financial Services Information Sharing and Analysis Center (FS-ISAC) and federal law enforcement agencies have released a joint alert warning companies of a sophisticated wire payment scam referred to as business email compromise (BEC). Scammers use fraudulent information to trick companies into directing financial transactions into accounts scammers control. US-CERT, June 24, 2015

Cyber Security Management

CIOs seek cybersecurity solutions, bigger voice in C-suite: Issues like cybersecurity might keep CIOs up at night, but in Northern New Jersey, at least they know they’re not alone. CIO, June 26, 2015

Cyber Security Management – Cyber Defense

What the Houston Astros hack can teach you about cybersecurity: Baseball isn’t typically a place to go for lessons on cybersecurity. But this week, America’s pastime taught us a little something we’d all do well to remember. CBS, June 24, 2015

Cyber Security Management – Cyber Update

Apple Releases Security Updates for QuickTime, Safari, Mac EFI, OS X Yosemite, and iOS: Apple has released security updates for QuickTime, Safari, Mac Extensible Firmware Interface (EFI), OS X Yosemite, and iOS. Exploitation of some of these vulnerabilities may allow an attacker to obtain elevated privileges or crash applications. US-CERT, June 30, 2015

Cyber Security Management – HIPAA

Security threats, hackers and shadow IT still plague health IT: New analyses of security posture in the fast-growing health-tech market highlight the challenges posed by both external threats and unauthorized cloud applications. CIO, July 2, 2015

National Cyber Security

Iranian hackers may have given WikiLeaks Saudi docs: Iranian hackers may have stolen the Saudi government documents that were later released by WikiLeaks, The Washington Post reported Friday. The Hill, June 26, 2015

Cyber Espionage

Researchers expose Dino, espionage malware with a French connection: Security researchers at ESET in Bratislava, Slovakia have published an analysis of another apparently state-sponsored cyber-espionage tool used to target computers in Iran—and potentially elsewhere. The malware, also recently mentioned by Kaspersky researchers, was named “Dino” by its developers and has been described as a “full featured espionage platform.” And this advanced persistent threat malware, according to researchers, might as well come with a “fabriqué en France” stamp on it. ars technica, June 30, 2015

Cyber Underworld

The FBI is willing to pay $4.2 million to get these hackers: These aren’t the murderers, drug traffickers and rapists who usually are on the FBI’s lists, but cyber criminals are still some of agency’s most-wanted bad guys. The Washington Post, June 30, 2015

Cyber Misc

The long life of a quick ‘fix': By the time a pair of engineers sat down for lunch together in Austin, the Internet’s growing pains had become dire. Once a novelty for computer scientists, the network was now exploding in size, lurching ever closer to a hard mathematical wall built into one of the Internet’s most basic protocols. The Washington Post, May 31, 2015

Cyber Sunshine

A Busy Week for Ne’er-Do-Well News: We often hear about the impact of cybercrime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice. Last week was an especially busy time for cybercrime justice, with authorities across the globe bringing arrests, prosecutions and some cases stiff sentences in connection with a broad range of cyber crimes, including ATM and bank account cashouts, malware distribution and “swatting” attacks. KrebsOnSecurity, June 27, 2015's Security Recruiter Blog