Sunday, June 05, 2016

Cybersecurity News for the Week of June 5, 2016





Individuals at Risk

Cyber Danger

FBI Alert: Extortion E-mail Schemes Tied to Recent High-Profile data thefts: The Internet Crime Complaint Center (IC3) continues to receive reports from individuals who have received extortion attempts via e-mail related to recent high-profile data thefts. The recipients are told that personal information, such as their name, phone number, address, credit card information, and other personal details, will be released to the recipient’s social media contacts, family, and friends if a ransom is not paid. The recipient is instructed to pay in Bitcoin, a virtual currency that provides a high degree of anonymity to the transactions. The recipients are typically given a short deadline. The ransom amount ranges from 2 to 5 bitcoins or approximately $250 to $1,200. ic3, June 1 2016
Researcher shows updaters installed on PCs from top 5 OEMs provide inadequate cybersecurity protection: The next time you’re in the market for a new Windows computer, consider this: if it comes from one of the top five manufacturers, it’s vulnerable to man-in-the-middle attacks that allow hackers to install malware. [See below news article re Lenovo PCs] ars technica, June 1, 2016

Cyber Defense

Bing offers improved warnings for possible malware and phishing sites: Microsoft has added new features for users of its Bing search engine, warning them if sites in their search results could be possible malware or phishing locations. WindowsCentral, June 3, 2016
Lenovo tells users to uninstall vulnerable Accelerator app in response to OEM PC security flaws: In the wake of Duo Security’s report on the critical vulnerabilities sported by Original Equipment Manufacturer (OEM) updaters loaded on popular laptop and desktop computers, Lenovo has advised users to uninstall its Accelerator Application. HelpNetSecurity, June 3, 2016
Reminder: Use different passwords for different sites & change passwords periodically: Less than two weeks after more than 177 million LinkedIn user passwords surfaced, security researchers have discovered three more breaches involving MySpace, Tumblr, and dating website Fling that all told bring the total number of compromised accounts to more than 642 million. ars technica, May 31, 2016

Information Security Management in the Organization

Cyber Security Management – C Suite

FireEye CTO advises business to pay attention to the information security management basics: Instead of preventing further attacks, FireEye’s CTO of emerging technologies Josh Goldfarb says many organisations are just cleaning up infected devices, allowing them to undergo the same compromise again. ZDNet, June 3, 2016
When Technology Evolves, So Does Risk: The potential of our newest, most innovative technologies could be life-changing. So could the cyber attacks that take advantage of gaps in security. Zurich Insurance. The Atlantic, 2016

Cyber Crime

Dropbox Smeared in Week of Megabreaches: Last week, LifeLock and several other identity theft protection firms erroneously alerted their customers to a breach at cloud storage giant — an incident that reportedly exposed some 73 million usernames and passwords. The only problem with that notification was that Dropbox didn’t have a breach; the data appears instead to have come from another breach revealed this week at social network Tumblr. KrebsOnSecurity, June 2, 2016

Cyber Defense

BYOD Security: How To Shift Device Control & Grant Users More Choice: Information Technology departments too often have rigid policies circumvented by end users seeking convenience. At the same time, many employees have flexible work environments and more choice for how and where they work. This dichotomy leads to unchecked behaviors where users can bypass traditional security measures by using unsanctioned or unapproved applications, accessing insecure Wi-Fi networks, or choosing to store important data and files on their personal devices. It’s a growing security problem, seemingly, without a foreseeable resolution. DarkReading, June 3, 2016
Web Developers: Update WordPress to Patch Zero Day in WP Mobile Detector Plugin: A WordPress plugin was patched Thursday night, close to a week after reports began to surface of public attacks against a zero-day vulnerability. ThreatPost, June 3, 2016
IT organizations advised to update NTP to patch vulnerabilities expoited in recent DDoS attacks: The network time protocol, at the center of a number of high-profile DDoS attacks in 2014, was updated on Thursday to ntp-4.2.8p8. The latest version includes patches for five vulnerabilities, including one rated high-severity. ThreatPost, June 3, 2016

Cyber Warning

Updated CryptXXX Ransomware becomes more dangerous as it now steals credentials CryptXXX ransomware has received a major overhaul by its authors, putting it on the fast track to unseat Locky as top moneymaker for criminals. ThreatPost, June 3, 2015

Cyber Security in Society

Cyber Privacy

Now you can Google yourself into better privacy and data protection: Want to find out everything Google knows about you? Well, you can just Google yourself! NakedSecurity, June 3, 2016
NFL Players’ Medical Information Stolen from theft of unencrypted laptop: The theft of a backpack holding a laptop computer and paper documents containing medical information on perhaps thousands of National Football League players serves as a lesson in the importance of properly safeguarding health information, even for entities falling outside of HIPAA’s reach. BankInfoSecurity, June 2, 2016

Cyber Attack

TeamViewer strengthens cybersecurity; denies breach; claims users use same passwords on other sites: TeamViewer is whacking anti-hacker protections into its remote-desktop tool – as its customers continue to report having their PCs and Macs remotely hijacked by criminals. TheRegister, June 3, 2016

Cyber Underworld

Ransomware-as-a-Service business model emerges in Russia; cybercriminals easily earn $90,000 / yr: Ransomware as a business is maturing and nowhere is that better illustrated than in Russia, according to Flashpoint researchers. The security firm released two reports on Thursday, one on a burgeoning ransomware-as-a-service business model (PDF) in Russia and the second on new developments in Russian ransomware kingpins targeting hospitals (PDF). ThreatPost, June 3, 2016
Malware developers reuse computer code from GitHub to develop new & more dangerous exploits: Android malware developers are misusing techniques unearthed in GitHub projects to bypass security measures introduced in the latest versions of the mobile OS. HelpNetSecurity, June 3, 2016
Got $90,000? A Windows 0-Day Could Be Yours: How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows? That price probably depends on the power of the exploit and what the market will bear at the time, but here’s a look at one convincing recent exploit sales thread from the cybercrime underworld where the current asking price for a Windows-wide bug that allegedly defeats all of Microsoft’s current security defenses is USD $90,000. KrebsOnSecurity, May 31, 2016

National Cyber Security

Iranian and Saudi hackers wage virtual war: Saudi and Iranian hackers are waging war on each other, amid rising tensions between their countries. BBC, June 3, 2016
Chinese hackers target Taiwan political party to spy on website visitors: The website of a major political party in Taiwan has been targeted by Chinese hackers looking to spy on its visitors. CNN, June 1, 2016

Cyber Law

SEC appoints first-ever cybersecurity policy senior advisor to strengthen cyber risk mechanisms: The Securities and Exchange Commission has appointed Christopher Hetner, a cybersecurity lead under SEC’s Office of Compliance Inspections and Examinations, as senior adviser on cybersecurity policy to SEC Chair Mary Jo White. ExecutiveGov, June 3, 2016

Financial Cyber Security

SWIFT plans to suspend banks with inadequate information security management practices: The SWIFT global payments system has announced it plans to suspend banks with weaker cyber defences until they improve their security. The Register, June 3, 2016
Fed records show dozens of cybersecurity breaches: The U.S. Federal Reserve detected more than 50 cyber breaches between 2011 and 2015, with several incidents described internally as “espionage,” according to Fed records. Reuters, June 1, 2016

Critical Infrastructure

Irongate ICS Malware Resembling Stuxnet Goes Undetected 5 Years: New malware that targets industrial control systems called Irongate was found by researchers who say the discovery should serve as another wakeup call to the security industry to shore up its detection capabilities around ICS and SCADA threats. Irongate, which shares some of the same attributes as the lethal Stuxnet malware, was found by researchers at FireEye Labs Advanced Reverse Engineering which published its findings today. ThreatPost, June 3, 2016

Internet of Things

CMU Researchers Offer 6 Suggestions For Driving Safely With Onboard Devices: Computing in cars today has become a standard item. When buying a new car people expect Bluetooth, Wi-Fi and advanced navigation systems. They also expect to connect aftermarket onboard devices through the vehicle’s OBD-II port that do everything from usage-based insurance to tracking the overall energy management of the vehicle. DarkReading, June 3, 2016

Cyber Sunshine

Russian Police Bust Alleged Bank Malware Gang Suspected of stealing $25 Million in last 5 years: Russian authorities have arrested about 50 people in connection with an ongoing investigation into a hacker group that’s suspected of unleashing malware-enabled hack attacks against customers of major Russian financial institutions. BankInfoSecurity, June 2 2016

Secure the Village

Guidance Software CEO urges greater focus on education; cybersecurity neighborhood watch, pt 2: Last week, I had the chance to sit down with Patrick Dennis, CEO of Guidance Software, during Enfuse Conference 2016. Earlier this week, I discussed Dennis’s thoughts about the jurisdiction of cybersecurity events. Today, we get his view on how we should approach cybercrime’s law enforcement jurisdiction. ITBusiness Edge, June 2, 2016
Guidance Software CEO urges greater focus on education; cybersecurity neighborhood watch, pt 1: Last week, I had the chance to sit down with Patrick Dennis, CEO of Guidance Software, during Enfuse Conference 2017. The bulk of our conversation revolved around a topic that Dennis considers very important yet under-discussed – the relationship of private versus public sectors, particularly when it comes to the jurisdiction of security events. ITBusinessEdge, May 31, 2016

Cyber Miscellany

Google takes down Chrome extension targeting Jews: Google has taken down a Chrome extension that targeted prominent Jews in media and politics. CNN, June 3, 2016

Jeff Snyder’s, SecurityRecruiter.comJeff Snyder CoachingSecurity Recruiter Blog, 719.686.8810's Security Recruiter Blog