News Desk

Curated cybersecurity news and updates from CI Security™.

Get your cybersecurity briefing, curated by Mike Hamilton.

Mike Hamilton, founder and CISO of CI Security, has decades of experience in the Information Security industry. In that time, he has developed a keen eye for IT news that affects how security professionals approach their jobs and the news that will have meaningful impacts on daily life.

Every weekday, Mike curates the top news stories in cybersecurity, including the latest breaches, security alerts, and industry developments. Readers describe the news blast as their go-to morning source for the latest in InfoSec.

Sign up for the Daily Blast and get it delivered early weekday mornings, just in time for your first cup of coffee.

Get curated cybersecurity news delivered to your inbox.




Latest Cybersecurity News Blast

CI Security

IT Security News Blast – 10-24-2019

[Event] The Evolution of Cybersecurity: Hackers Are Getting In. Now What?

Americans no longer believe there’s an organization immune from a data breach. Businesses feel like cybersecurity companies have broken their promises to stop hackers. So, where do we go from here? There is an evolution of cybersecurity underway right now, and Seattle-area organizations are at the forefront. Join us to learn what businesses are doing right and what they’re doing wrong in the fight against cybercriminals.

https://www.eventbrite.com/e/the-evolution-of-cybersecurity-hackers-are-getting-in-now-what-tickets-74223968889?aff=Web

 
Cyber security investments helped mitigate Johnson City ransomware attack

The attack occurred just three weeks after the city rolled out a hyperconverged storage area network, a tool that the city said enabled it to restore files in less than a day. That upgrade cost the city about $650,000, which Sagona said included five years of maintenance and support that accounts for $185,000 of that figure. [...] All affected computers will have to be re-imaged, she said, and although they won’t be a damage to the computers, she said any locked files will have to be addressed at some point. She estimated that the city will have to perform work on about 90% of its computers before everything can be considered back to normal.

https://www.johnsoncitypress.com/Government/2019/10/22/Cyber-security-investments-helped-mitigate-Johnson-City-ransomware-attack.html?ci=stream&lp=1&p=

 

Healthcare CISO: ‘Throwing money at security doesn’t make a company secure’

We built a cybersecurity education program for the health system staff. We update articles on the intranet every week, we do roadshows for teams and departments talking about cybersecurity topics, we give rewards for reporting phishing. We’ve tried to make it really interactive, easy to understand, and relevant so people can also apply it outside of work. The biggest challenge for healthcare CISOs today is helping organizations understand, prioritize, and manage risk while under extraordinary financial pressure.

https://portswigger.net/daily-swig/healthcare-ciso-throwing-money-at-security-doesnt-make-a-company-secure

 

Hospital leaks 129K patient records in sophisticated phishing scam

Multiple employees had unknowingly provided their email login credentials to the phishers. The scammers were then able to access patients’ personal information, including name, address, medical record number, date of birth, telephone number, email address, medical history and treatment information, date of service, treating and referring physician, medical bill account number and/or health insurance information.

https://securityboulevard.com/2019/10/hospital-leaks-129k-patient-records-in-sophisticated-phishing-scam/

 

State cyber team helps agencies respond to uptick in ransomware attacks

In response to the growing threat, a team of tech-savvy Texans has banned together to help chart a strategy for immobilizing attacks and helping victims recover from data breaches. The Texas Military Department — the umbrella agency for the state’s National Guard branches — will host hundreds of state, local and county officials at Camp Mabry in Austin on Thursday to show how its Cyber Incident Response Team plans to handle future attacks while offering tips to protect valuable software.

https://www.statesman.com/news/20191023/state-cyber-team-helps-agencies-respond-to-uptick-in-ransomware-attacks

 

Phishing alert: This fake email about a bank payment delivers trojan malware

These attacks begin with an attempt to trick the victim into opening a malicious ZIP file under the pretence of payments being made into a bank account. The phishing email users spoofing to make it look as if it comes from a valid domain. The .ZIP file is a gateway to a .TXT extension, which runs a PowerShell script when activated, executing the installation of the malware onto the victim's Windows machine. As part of the process, the dropped .EXE file will sleep for 20 seconds in an effort to avoid being discovered before installing itself into a new Windows folder.

https://www.zdnet.com/article/phishing-alert-this-fake-email-about-a-bank-payment-delivers-trojan-malware/

 

Credit Union Proactivity Key to Thwarting Cyber Thieves

According to a new study by Juniper Research, cybercrime will increase 70% over the next five years. Additionally, the costs associated with these breaches will rise from $3 trillion annually to more than $5 trillion in 2024 – an average annual growth of 11%. With cybercrime on the rise, NAFCU has kept a keen eye on this growing trend to better prepare credit unions to fight back. Not only do cybercrimes affect financial institutions’ bottom line – to the tune of $2.7 billion in 2018 – but they also undermine member safety and security.

https://www.cutimes.com/2019/10/23/credit-union-proactivity-key-to-thwarting-cyber-thieves/?slreturn=20190923163358

 

New Survey Shows Majority of Small Businesses Believe They are a Likely Target for Cybercrimes; More Than a Quarter have Experienced Data Breach in Last Year

The Zogby Analytics survey – which was commissioned by NCSA and polled 1,006 small business decision makers – revealed that 88 percent of smaller-sized organizations  believe that they are at least a "somewhat likely" target for cybercriminals, including almost half (46%) who believe they are a "very likely" target. [...] Despite small businesses' increased knowledge about cybersecurity, devastating data breaches are not unheard of. More than a quarter (28%) of survey respondents have experienced an official data breach within the past 12 months. As a result, 37 percent of those suffered a financial loss, 25 percent filed for bankruptcy and 10 percent went out of business.

https://www.prnewswire.com/news-releases/new-survey-shows-majority-of-small-businesses-believe-they-are-a-likely-target-for-cybercrimes-more-than-a-quarter-have-experienced-data-breach-in-last-year-300944168.html

 

Norsk Hydro claims first $3.6mn from its cyber insurance

In July, the firm said that the attack would have a financial impact of up to USD 75 million (NOK 650 million) in H1, with the majority of the operational challenges and financial losses hitting its Extruded Solutions unit. Now, in its third-quarter 2019 results announcement, the aluminium manufacturer has provided an update on the cyber-attack, revealing that the estimated financial impact of the breach in the first-half of the year is unchanged, with “limited” financial effects for Q3.

https://www.reinsurancene.ws/norsk-hydro-claims-first-3-6mn-from-its-cyber-insurance/

 

NSC Makes Cyber Security For Space Industry ‘Top Priority’

The Trump Administration is helping the space industry create a new public-private partnership to share information regarding cyber threats among US government, private sector operators and international partners, say officials involved. This includes help from the National Security Council, Air Force Space Command, the Missile Defense Agency, and NASA to share analyses and warnings about, and potential responses to cybersecurity threats to satellites and ground stations.

https://breakingdefense.com/2019/10/nsc-makes-cyber-security-for-space-industry-top-priority/

 

Scoop: Cyber memo warns of new risks to White House network

The president's team is trying to force out the career staff, especially the expert staff hired under Obama, according to another source familiar with the changes. They said the effects could leave the White House vulnerable to a "network compromise." The organizational structure for the cybersecurity mission going forward also raises questions about the continuity, oversight and retention of records that had been covered by the Presidential Records Act (PRA).

https://www.axios.com/scoop-cyber-memo-warns-of-new-risks-to-white-house-network-9aa19c6c-77a3-485b-919b-1dd9bd691514.html

 

Czech Republic Uncovered Russian Cyber Warfare Ring — Intel Chief

The BIS counterintelligence service said last year that Russian intelligence services were behind cyber attacks targeting the Czech foreign ministry. The BIS warned that Russia had continued to use undeclared intelligence officers acting under diplomatic cover as part of a general hybrid warfare strategy against EU and NATO member states. Czech counterintelligence and its organized-crime police unit cooperated to “completely paralyze” the Russian cyberattack network in 2018, The Associated Press cited BIS chief Michal Koudelka as saying Monday.

https://www.themoscowtimes.com/2019/10/23/czech-republic-uncovered-russian-cyber-warfare-ring-intel-chief-a67864

 

What will be the effect of the latest US cyberattack on Iran?

The United States launched a cyber operation against Iran in response to the September attacks on Saudi oil facilities, according to Reuters. Citing two unnamed U.S. officials, the report claims that the cyber operation “affected physical hardware” in an effort to degrade Iranian capabilities to spread “propaganda.” [...] The long-term effects of these recent cyber operations for the wider conflict between the United States and Iran remain unclear, however. New research by scholars of cyber conflict casts doubt on their potential effectiveness and alerts us to their potential risks.

https://www.fifthdomain.com/thought-leadership/2019/10/23/what-will-be-the-effect-of-the-latest-us-cyberattack-on-iran/

 

New York Strengthens Data Privacy and Security Protections: Employers Must Adopt Safeguards (US)

The SHIELD Act imposes more expansive data security and data breach notification requirements on companies by:

Broadening the scope of “private information” covered under the notification law…

Expanding the definition of “breach”…

Expanding the territorial scope…

Updating the notification requirements…

Creating requirements for companies to implement reasonable safeguards to protect the security, confidentiality and integrity of private information.

https://www.natlawreview.com/article/new-york-strengthens-data-privacy-and-security-protections-employers-must-adopt

 

How to replace each Google service with a more privacy-friendly alternative

Google, like Facebook, has a business model that's built on surveillance. The company's stated mission of "organizing the world's information" also includes capturing as much as possible of your information. That information is the base layer of some undeniably useful services, which in turn fuel the advertising that makes up the overwhelming majority of Google's revenue.

https://www.zdnet.com/article/goodbye-google-why-and-how-to-take-back-your-privacy/

Mark Zuckerberg Attempts to Gain Support for Facebook's Cryptocurrency Libra by Playing on Fears of China's Financial Dominance

Facebook CEO Mark Zuckerberg will appear before US lawmakers and argue that Libra will "extend America's financial leadership... around the world" against competition from China, according to prepared remarks for the House Financial Services Committee.

The 35-year-old's optimism about the Libra project comes despite seven of the project's founding members dropping out in recent weeks, including major global payment processing firms such as Mastercard, PayPal and Visa.

https://www.inc.com/business-insider/facebook-libra-cryptocurrency-mark-zuckerberg-china.html

 

Three Service Account Secrets Straight from Hackers and Security Pros

Service accounts fly under the radar of IT governance and can have access to critical applications and data. They are extremely time-consuming to discover and control, and are also prone to human error when managed manually. Because of this, we’ve seen almost all medium to large organizations suffer from extreme service account sprawl, perpetuating the unmanaged, uncontrolled expansion of their privileged account attack surface.

https://threatpost.com/service-account-secrets/148996/

 

Bezos DDoS'd: Amazon Web Services' DNS systems knackered by hours-long cyber-attack

Unlucky netizens were intermittently unable to reach sites and other online services relying on the internet goliath's technology as a result of the ongoing outage. Specifically, according to Amazon's support agents, the AWS DNS servers are being hampered by a distributed denial-of-service (DDoS) attack, which is when miscreants attempt to overwhelm systems with junk network traffic, rendering services inaccessible.

https://www.theregister.co.uk/2019/10/22/aws_dns_ddos/

 

EXCLUSIVE – Last Punched Tape Crypto Key Rolls off the NSA’s Machines

An agency spokesman confirmed to Computer Business Review that the last NSA punched tape key had rolled off its machines on October 2, 2019. Such keys were used to encrypt military and other communications, and needed to be physically entered into devices that could store the key, then shipped around the world. The technology, which uses paper-mylar-paper tape rolls punched with holes to store cryptographic keys (a hole represents a binary 1, and the absence of a hole a binary 0) remains in use in the UK, particularly by the Ministry of Defence.

https://www.cbronline.com/news/nsa-punched-tape-keys



You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2019 CI Security. All rights reserved.

CI Security
245 4th St, Suite 405  Bremerton, WA 98337
About Us   |   CI News   |   Contact Us

Add this Email to Your Address Book

Update Your Preferences   |   Unsubscribe from the Daily Blast

Real people hunt for threats, investigate events, and respond with incident action plans.

Contact us Request a demo