Monday, November 30, 2015

Cybersecurity News and Education for the Week of November 30, 2015





Cyber Crime

FBI Probes 1.2B Stolen Credentials: The FBI is pursuing a suspected Russian hacker who claims to have amassed a trove of 1.2 billion unique email and password combinations and who also offered access to hacked Facebook and Twitter accounts (see Security Firm: 1.2 Billion Credentials Hacked). BankInfoSecurity, November 26, 2015
Hilton Acknowledges Credit Card Breach: Two months after KrebsOnSecurity first reported that multiple banks suspected a credit card breach at Hilton Hotel properties across the country, Hilton has acknowledged an intrusion involving malicious software found on some point-of-sale systems. KrebsOnSecurity, November 24, 2015

Cyber Attack

Iranian Hackers Attack State Dept. via Social Media Accounts: WASHINGTON — Four months after a historic accord with Tehran to limit its atomic ambitions, American officials and private security groups say they see a surge in sophisticated computer espionage by Iran, culminating in a series of cyberattacks against State Department officials over the past month. The New York Times, November 25, 2015

Financial Cyber Security

One in five UK consumer bank accounts hit by cybercrime: One in five UK consumers (21%) have had personal details stolen and their bank accounts used to buy goods and services as a result of a cyber security breach, according to new research from business advisory firm Deloitte. BankingTechnology, November 23, 2015
So you think you’re safe doing internet banking?: Britain’s leading expert on cyber security refuses to bank online. We ask if you should follow suit. The Guardian, November 21, 2015

Cyber Privacy

Final countdown – NSA says it really will end blanket phone spying on US citizens this Sunday: Come Sunday, the NSA will end its ferocious dragnet surveillance of American citizens’ phones, the White House insists. TheRegister, November 27, 2015

Cyber Warning

Additional Self-Signed Certs, Private Keys Found on Dell Machines: eDellroot is not the only self-signed trusted root certificate on Dell computers. ThreatPost, November 26, 2015
Nuclear Exploit Kit Spreading Cryptowall: In short order, the newest version of Cryptowall has begun showing up in exploit kits. ThreatPost, November 25, 2015
Breach at IT Automation Firm LANDESK: LANDESK, a company that sells software to help organizations securely and remotely manage their fleets of desktop computers, servers and mobile devices, alerted employees last week that a data breach may have exposed their personal information. But LANDESK employees contacted by this author say the breach may go far deeper for the company and its customers. KrebsOnSecurity, November 25, 2015
RSA Warns Of Zero Detection Trojan: GlassRAT has remained undetected for more than three years while stealthily targeting victims, security firm says. DarkReading, November 24, 2015
Cyber criminals use fear of terrorism to spread malware through fake police warning emails: Hackers and malware creators are capitalising on web users’ fear of terrorism by sending fake emails claiming to contain security advice from police forces. The emails, which claim to include tips on staying safe, also carry a Trojan called Backdoor.Sockrat which can give hackers access to your computer. IBTimes, November 23, 2015
Porn is Mobile Malware’s Favorite Disguise: Porn: It’s malware’s favorite disguise of late. InfoSecurity, November 23, 2015

Cyber Security Management

Moody’s Warns Cyber Risks Could Impact Credit Ratings: Credit rating agency Moody’s Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services. BankInfoSecurity, November 24, 2015

Cyber Security Management – Cyber Defense

Cyber Monday: What Retailers & Shoppers Should Watch For: While store managers and salespeople gear up for long lines, social engineering, and point-of-sale malware on Black Friday, CIOs and development teams gear up for fraudulent online purchases and Web-based data breaches on Cyber Monday. DarkReading, November 24, 2015
How to Enable Multifactor Security on Amazon: Amazon has added multi-factor authentication to help customers better secure their accounts from hackers. With this new feature enabled, thieves would have to know your username, password, and have access to your mobile device or impersonate you to your mobile provider in order to hijack your Amazon account. The security feature allows users to receive a one-time code via text message, automated phone call, or third-party app — such as Google Authenticator. KrebsOnSecurity, November 23, 2015
Compromised Web Servers and Web Shells – Threat Awareness and Guidance: This alert describes the frequent use of web shells as an exploitation vector. Web shells can be used to obtain unauthorized access and can lead to wider network compromise. This alert outlines the threat and provides prevention, detection, and mitigation strategies. US CERT, November 10, 2015

Cyber Security Management – Cyber Update

United Airlines Slow to Patch Mobile App Vulnerability: A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed 10 days ago. ThreatPost, November 26, 2015
Lenovo Patches Vulnerabilities in System Update Service: Lenovo has patched two serious vulnerabilities that hackers could abuse in targeted attacks, or at scale, to easily guess administrator passwords on a compromised device, or elevate privileges to Windows SYSTEM user. ThreatPost, November 26, 2015
Dell Releases Fix for Root Certificate Fiasco: Dell is moving to patch a homegrown application installed on many of its devices after information security researchers discovered that it installed a root certificate that could be abused by attackers to intercept encrypted, private data. BankInfoSecurity, November 24, 2015

Secure the Village

CISO proposes cybersecurity co-op to fend off hackers: The CISO of Rockwell Automation thinks a cybersecurity co-operative, comprised of top information security engineers from several companies, could serve as a salve to the talent shortage and also offer and an improvement over managed security service providers. CIO, November 23, 2015

Cyber Underworld

Russian Cyber Crime’s Top Flight ‘Stole $790m’: Kaspersky executive Ruslan Stoyanov says the criminal underground is thriving, with 1,000 new cyber recruits since 2012. SkyNews, November 23, 2015

Cyber Misc

When children are breached—inside the massive VTech hack: I suspect we’re all getting a little bit too conditioned to data breaches lately. They’re in the mainstream news on what seems like a daily basis to the point where this is the new normal. Certainly the Ashley Madison debacle took that to a whole new level, but when it comes to our identities being leaked all over the place, it’s just another day on the Web. ars technica, November 27, 2015's Security Recruiter Blog