Sunday, May 15, 2016

Cybersecurity News for the Week of May 15, 2016




Individuals at Risk

Identity Theft

Crooks Grab W-2s from Credit Bureau Equifax: Identity thieves stole tax and salary data from big-three credit bureau Equifax Inc., according to a letter that grocery giant Kroger sent to all current and some former employees on Thursday. The nation’s largest grocery chain by revenue appears to be one of several Equifax customers that were similarly victimized this year. KrebsOnSecurity, May 6, 2016

Cyber Privacy

Ukraine hackers name thousands of journalists: Press freedom advocates have blasted a Ukrainian initiative tied to the Ministry of Interior that published the names of journalists who reported from war-torn territory controlled by Russian-backed separatists. USA Today, May 13, 2016
As ‘Sextortion’ Proliferates, Victims Find Precarious Place in Legal System: WASHINGTON — Ever since law enforcement started seeing cases in the early 2000s, the crime known as sextortion has proliferated on the Internet, altering the lives of thousands and ensnaring victims from college campuses to military bases. The New York Times, May 10, 2016

Cyber Update

Adobe, Microsoft Push Critical Updates: Adobe has issued security updates to fix weaknesses in its PDF Reader and Cold Fusion products, while pointing to an update to be released later this week for its ubiquitous Flash Player browser plugin. Microsoft meanwhile today released 16 update bundles to address dozens of security flaws in Windows, Internet Explorer and related software. KrebsOnSecurity, May 10, 2016

Cyber Danger

Tumblr Requires Password Reset after Stolen Passwords Found Online: Yahoo has forced a password reset on Tumblr account holders after it discovered that someone had accessed email addresses, and salted and hashed passwords from early 2013. ThreatPost, May 13, 2016,

Information Security Management in the Organization

Cyber Security Management – C Suite

Bringing behavioral science & economics to the fight against cyber crime: As cyber attacks grow ever more sophisticated, those who defend against them are embracing behavioral science and economics to understand both the perpetrators and their victims. Scientific American, May 12, 2016
Bank of England CISO Tells Management: Cybersecurity Can’t Be Solved Technology Alone: Will Brandon said, though, that it is up to individual firms to work out how serious cyber risks are relative to other risks they face and the steps they need to take manage those risks., May 12, 2016
Educating C-suites and corporate boards on security risks: C-suites and boards of directors are increasing their knowledge of IT security risks and needs – before a breach happens. SCMagazine, May 6, 2016

Cyber Awareness

6 Common Phishing Attacks and How To Avoid Them: Phishing attacks have cost US companies somewhere between £508m and £1.43bn over the past two years, as clear a signal as any that email scams are to be taken seriously. While perhaps the most familiar phishing scam, ‘deceptive phishing’, is a simple case of hackers sending fake emails which appear to be from trustworthy companies asking for log-in or bank details, other types of fraud have evolved from this technique and require greater levels of vigilance. Information Security Buzz, May 10, 2016

Cyber Crime

6 Shocking Intellectual Property Breaches: Typically, the measuring stick for the size and severity of a breach lies in exactly how many personally identifiable information (PII) records were exposed. With well-established legislation mandating transparency to customers and citizens when their information is lost by an organization, these stats are always made public, and such numbers are easily comparable between incidents. DarkReading, May 12, 2016
Wendy’s: Breach Affected 5% of Restaurants: Wendy’s said today that an investigation into a credit card breach at the nationwide fast-food chain uncovered malicious software on point-of-sale systems at fewer than 300 of the company’s 5,500 franchised stores. The company says the investigation into the breach is continuing, but that the malware has been removed from all affected locations. KrebsOnSecurity, May 11, 2016
Experts Comments on Data Breach at British Retailer Kiddicare: British retailer Kiddicare has suffered a data breach in which the personal details of nearly 800,000 customers have been stolen. The company said that the data had been taken from a version of its website that had been set up for testing purposes at the end of 2015. Customers have reported suspicious text messages that have not been sent by Kiddicare, suggesting that the hackers are using the personal details for targeted scams. Here to comment on this news are security experts from QA, Blancco Technology Group and WhiteHat Security. Information Secuirty Buzz, May 10, 2016
FDIC reports five ‘major incidents’ of cybersecurity breaches since fall: The Federal Deposit Insurance Corp. (FDIC) on Monday retroactively reported to Congress that five additional “major incidents” of data breaches have occurred since Oct. 30. FDIC also is launching “a new initiative to enhance security.” The Washington Post, May 9, 2016

Cyber Warning

CERBER RANSOMWARE ON THE RISE, FUELED BY DRIDEX BOTNETS: Starting in April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave of spam. Researchers there link the Cerber outbreaks to the fact that attackers are now leveraging the same spam infrastructure credited for making the potent Dridex financial Trojan extremely dangerous. ThreatPost, May 13, 2016
US-CERT urges IT departments to patch actively exploited critical SAP Java vulnerability: A vulnerability in SAP Java platforms is being actively exploited, despite having been patched in 2010, DHS reported. The alert noted three dozen global enterprises have been breached by attackers using the unmitigated vulnerability, which was reported by the Boston-based application security firm Onapsis Inc. SearchSecurity, May 13, 2016
No more get-out-of-jail-free card for CryptXXX ransomware victims: For the past month, people infected with the CryptXXX ransomware had a way to recover their files without paying the hefty $500 fee to obtain the decryption key. On Tuesday, that reprieve came to an end. ars technica, May 11, 2016

Cyber Defense

Out-of-band backups, rigorous patching and staff awareness key tools to fending off ransomware: Aggressive ransomware strains such as TeslaCrypt 2.0 have spread across the globe, causing havoc. How can organisations best protect their networks against these troubling new breeds of ransomware? InformationAge, May 9, 2016
US-CERT update on ransomware includes updated guidance on offline backups: In early 2016, destructive ransomware variants such as Locky and Samas were observed infecting computers belonging to individuals and businesses, which included healthcare facilities and hospitals worldwide. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. US-CERT, March 31, 2016

Cyber Security in Society

Cyber Privacy

Changing Consumer-Technology Interactions: The Rise Of CyberSecurity And Data Privacy: As high-profile data breaches become more frequent — think Target TGT -2.28%, Ashley Madison and even Anthem ANTM -0.42% (the second-largest health insurer in the U.S.) — consumers are starting to care about how their data is being protected. Forbes, May 13, 2016
Americans cutting back on online activity over security and privacy fears: Nearly half of all Americans have not carried out a normal online task because of security and privacy fears, according to a new survey by the US government. … Forty-five per cent of the 41,000 households contacted said they had decided not to do online banking, or buy goods online, or post on social networks because they were worried about what might happen. Just under a third of them said they had stop several of those activities over the same fears. The Register, May 13, 2016

Cyber Underworld

Botnet herders have own disaster recovery plans : Over the past few years, police in Europe and the United States have scored some notable botnet-busting successes, disrupting malicious infrastructure and in some cases also identifying and arresting the “botnet herders” and other cybercriminals involved (see Dorkbot Botnets Get Busted). BankInfoSecurity, May 13, 2016
Carding Sites Turn to the ‘Dark Cloud’: Crooks who peddle stolen credit cards on the Internet face a constant challenge: Keeping their shops online and reachable in the face of meddling from law enforcement officials, security firms, researchers and vigilantes. In this post, we’ll examine a large collection of hacked computers around the world that currently serves as a criminal cloud hosting environment for a variety of cybercrime operations, from sending spam to hosting malicious software and stolen credit card shops. KrebsOnSeurity, May 12, 2016

Cyber Readiness

Facebook’s plan to train a new generation of cybersecurity pros: The social media giant is making its ‘Capture the Flag’ security challenge publicly available to encourage high schools and colleges to use gaming as a way of training hackers. The Christian Science Monitor, May 13, 2016

National Cyber Security

How ISIS recruits online — using encryption, chat rooms and even dating sites: When Sheera Frenkel started observing ISIS online, she was surprised by how ordinary the conversations were. “They use a lot of emojis,” Frenkel says. “A lot of these channels are just a bunch of dudes mansplaining the Internet to each other.” PRI, May 13, 2016
How U.S. “Cyber Bombs” against Terrorists Really Work: Recently, United States Deputy Defense Secretary Robert Work publicly confirmed that the Pentagon’s Cyber Command was “dropping cyberbombs,” taking its ongoing battle against the Islamic State group into the online world. Other American officials, including President Barack Obama, have discussed offensive cyber activities, too. Scientific American, May 13, 2016

Cyber Lawsuit

Mozilla Presses Government to Reveal Firefox Vulnerability: Mozilla wants the U.S. government to provide it with information about a possible unpatched vulnerability in its Firefox browser, which was used by the FBI as part of a large child pornography investigation. BankInfoSecurity, May 13, 2016

Financial Cyber Security

Details Emerge on Global Bank Heists by Hackers: Just how securely are banks moving money around the world? … New details emerged on Friday about a pair of related attacks on banks that use the Swift message service, which allows financial firms and companies to transfer payments around the world. New York Times, May 13, 2016
SWIFT WARNS OF SECOND BANK ATTACK VIA PDF MALWARE: News of yet another attack involving a bank and SWIFT, the financial network used by thousands of banks to transfer funds, came to light Thursday as investigators continue to probe a separate $81 million heist in February involving the network and the central bank of Bangladesh. ThreatPost, May 13, 2016
Commercial Bank of Ceylon Apparently Hacked: Commercial Bank of Ceylon, based in Colombo, Sri Lanka, has apparently been hacked, with its data posted online May 12 by the Bozkurtlar hacking group, which has also posted seven other data dumps from banks in the Middle East and Asia since April 26. BankInfoSecurity, May 13, 2016
SWIFT to Banks: Get Your Security Act Together: The guidance was issued as finger-pointing has intensified over who’s responsible for the failures that led to the theft of $81 million from the Bangladesh central bank’s New York Federal Reserve account in February (see SWIFT Warns Banks: Coordinated Malware Attacks Underway). BankInfoSecurity, May 12, 2016
New Breach Reported in Global Bank Network: Thieves have again found their way into what was thought to be the most secure financial messaging system in the world and stolen money from a bank. The crime appears to be part of a broad online attack on global banking. The New York Times, May 12, 2016
The Anatomy of a Banker Malware – Unraveling Marcher: Recently, the Check Point research team had the opportunity to analyze a mobile banker malware attack from end-to-end. Our team managed to lay hands on the infiltration vector, the malware itself, and the attacker’s Command and Control (C&C) servers. This attack gave us a rare chance to understand the full flow of an attack from infiltration to theft. Information Security Buzz, May 6, 2016

Internet of Things

Researchers spot bugs in toys that could expose personal data: Researchers at Rapid7 discovered vulnerabilities in Fisher-Price’s Smart Toy and hereO’s GPS platforms that could allow an attacker to collect the personal information of a user. SCMagazine, February 2, 2016

Cyber Research

IBM’s Watson Has a New Project: Fighting Cybercrime: IBM’S WATSON SUPERCOMPUTER hardly needs any more resumé-padding. It’s already won Jeopardy, written a cookbook, and dabbled in revolutionizing healthcare. The next stop in its storied career? Tackling cybercrime. Wired, May 10, 2016

Jeff Snyder’s, SecurityRecruiter.comJeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810's Security Recruiter Blog