Cybersecurity News of the Week, April 19, 2020

SecureTheVillage Calendar

TownHall: Securely Working From Home. SecureTheVillage President Dr. Stan Stahl at a special online presentation hosted by UCLA Anderson School of Management Alumni Association, April 21 @ 4:30 pm – 5:30 pm

Complimentary CLE Webinar: Practical & Ethical Considerations for Social Media Discovery. Hosted by Leadership Council Company, Driven, April 22 @ 11:00 am – 12:00 pm

Online Event: Doing it…. ONLINE with Dr. Steve Krantz. April 23 @ 10:15 am – 11:45 am

Webinar: Security Challenges We Are All Facing. SecureTheVillage Board Member Jason Meshekow, April 30 @ 11:00 am – 12:00 pm

IT and Cybersecurity Professionals Cinco de Mayo Happy Hour. May 5 @ 4:30 pm – 5:30 pm

Leadership Council Happy Hour. May 6 @ 4:30 pm – 6:00 pm

Personal Cyber Security with Dr. Steve Krantz, May 26 @ 1:00 pm – 2:30 pm Calabasas Senior Center Calabasas, CA

Individuals at Risk

Cyber Privacy

The Cybersecurity 202: Privacy experts fear a boom in coronavirus surveillance: As federal and state officials scramble to fight the novel coronavirus pandemic, experts are sounding alarms about the potential danger of increased surveillance programs they say could do long-term damage to U.S. privacy rights. Washington Post, April 14, 2020

Cyber Danger

Mystery Hacker Tries to Steal Crypto Through Fake Google Chrome Wallet Extensions: A hacker is exploiting trust in well-known brands by creating fake cryptocurrency wallet extensions for Google Chrome that trick victims into disclosing sensitive information. Coindesk, April 16, 2020

Sipping from the Coronavirus Domain Firehose: Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing pressure to do more to combat scams and misinformation during the COVID-19 pandemic. KrebsOnSecurity, April 16, 2020

Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week. Existing phishing scams have been updated to exploit COVID-19 concerns: Google says it saw more than 18 million daily malware and phishing emails related to COVID-19 scams just in the past week. That’s on top of the more than 240 million daily spam messages it sees related to the novel coronavirus, the company says. The Verge, April 16, 2020

Cyber Update

Microsoft Patch Tuesday, April 2020 Edition: Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs. KrebsOnSecurity, April 14, 2020

Cyber Defense

Is your ISP managing its Border Gateway Protocol (BGP)? Should you care? Find out here: “Is BGP Safe Yet” is a new site that names and shames internet service providers that don’t tend to their routing. Wired, April 17, 2020

Linksys asks users to reset passwords after hackers hijacked home routers last month: Linksys locks Smart WiFi cloud accounts and asks users to reset passwords after hackers hijacked routers to redirect traffic to malware sites. ZDNet, April 16, 2020

Protect Your Zoom Accounts as Unprotected Zoom Credentials Being Sold Cheaply: One measure of the popularity of the Zoom teleconferencing software: Cybercrime forums are listing an increasing number of stolen or cracked accounts for sale. BankInfoSecurity, April 16, 2020

Google blocks 49 malicious Chrome extensions targeting cryptocurrency wallet users: Google has removed a selection of malicious Chrome extensions from its Web Store that aimed to steal cryptocurrency wallet keys from users. ITProPortal, April 15, 2020

Cyber Humor

Information Security Management for the Organization

Information Security Management and Governance

4 Cybersecurity Lessons from the Pandemic. An epidemiologist-turned-CTO describes the parallels between the spread of a computer virus and the real-world coronavirus: I switched from epidemiology to network security as my day job years ago, but today’s pandemic reminds me of the similarities between the two fields. There are many lessons we can take from the real-world virus and apply them to security in the online world. DarkReading, April 16, 2020

5 Things Ransomware Taught Me About Responding in a Crisis. Atlanta is worth studying because it was one of the earliest cases of a major city ransomware attack and because it came out the other side stronger and more resilient: When I first flew to Atlanta in March 2018, the city was in crisis. It had been hit by a massive ransomware attack, one that took down multiple critical departments and systems and made headlines around the country. DarkReading, April 16, 2020

Cybersecurity in the C-Suite & Board

Five Critical Tools For M&A Cybersecurity Due Diligence: Cybersecurity due diligence has become a bedrock component of mergers and acquisitions. Recent surveys have revealed that as many as 73% of buyers conducting due diligence have uncovered evidence of undisclosed data breaches., April 17, 2020

Cyber Defense

Cybersecurity and Privacy: 10 Best Practices When Working From Home: As the news reports show, the sudden shift to employees working from home poses new cybersecurity risks for businesses and the employees who work remotely. Below are 10 important measures that can help mitigate these substantial risks. The National Law Review, April 17, 2020

Malware Risks Triple on WFH Networks: Experts Offer Advice: New research found that almost half of companies had malware on their corporate-associated home networks – in comparison to malware being found on only 13 percent of corporate networks. ThreatPost, April 14, 2020

Cybersecurity in Society

Cyber Crime

Ransomware Attacks in March 148% Higher Than February Amid COVID-19 Scams: Ransomware attacks skyrocketed 148% in March, compared to baseline levels in February, as corporations shift to remote work because of the coronavirus pandemic, according to VMware Carbon Black threat researchers. SDX Central, April 17, 2020

Energy giant EDP hit with RagnarLocker ransomware. Attackers demand a $10.9m ransom or they’ll leak the company’s sensitive files: The Portugese multinational energy giant Energias de Portugal (EDP) is the latest company to fall victim to the RagnarLocker ransomware and the attackers are now asking for a $10.9m ransom to unlock its files. TechRadar, April 15, 2020

Cyber Leak

Security lapse at controversial facial recognition startup Clearview AI exposed company’s technology secrets: Since it exploded onto the scene in January after a newspaper exposé, Clearview AI quickly became one of the most elusive, secretive and reviled companies in the tech startup scene. TechCrunch, April 16, 2020

Cyber Attack

Online meeting of the Indiana Election Committee was interrupted by a hacker Zoom-bombing pornography as officials scrambled to cut the feed: An online meeting of the Indiana Election Committee was interrupted by a hacker who shared pornography as officials scrambled to cut the feed. Washington Examiner, April 17, 2018

Cyber Fraud

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments: The U.S. federal government is now in the process of sending Economic Impact Payments by direct deposit to millions of Americans. Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to collect bank account information from the many Americans who don’t usually file a tax return. The question is, will those non-filers have a chance to claim their payments before fraudsters do? KrebsOnSecurity, April 10, 2020

Cyber Defense

Leading tech groups push Congress to provide funds for IT, cybersecurity during pandemic: Leading tech industry groups on Thursday urged Congress to support efforts to modernize information technology and ward off cybersecurity threats during the COVID-19 pandemic, as Americans move online and networks are put under increasing stress. The Hill, April 16, 2020

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?: The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it’s helping hospitals avoid becoming the next ransomware victim or kneecapping new COVID-19-themed scam websites, these nascent partnerships may well end up saving lives. But can this unprecedented level of collaboration survive the pandemic? KrebsOnSecurity, April 15, 2020

Cyber Espionage

Coronavirus scientists are big targets for foreign cyber-espionage, FBI says: Nation-state hackers have been running cyber-espionage operations against medical research organizations in the U.S. that are studying the novel coronavirus, according to the FBI. CyberScoop, April 16, 2020

Know Your Enemy

The secret behind “unkillable” Android backdoor called xHelper has been revealed: In February, a researcher detailed a widely circulating Android backdoor that’s so pernicious that it survives factory resets, a trait that makes the malware impossible to remove without taking unusual measures. ars technica, April 16, 2020

How ransomware attackers are doubling their extortion tactics: Cybercriminals are threatening not only to hold sensitive data hostage but also to release it publicly unless the ransom is paid, says cyber threat intelligence provider Check Point Research. TechRepublic, April 16, 2020

Guidance on the North Korean Cyber Threat | U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation Advisory: The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public. The advisory highlights the cyber threat posed by North Korea – formally known as the Democratic People’s Republic of Korea (DPRK) – and provides recommended steps to mitigate the threat. In particular, Annex 1 lists U.S. government resources related to DPRK cyber threats and Annex 2 includes a link to the UN 1718 Sanctions Committee (DPRK) Panel of Experts reports. CISA, April 15, 2020

Hackers are selling two serious Zoom zero-day vulnerabilities for $500,000. Exploits said to be designed for industrial espionage: Both the Windows and macOS versions of Zoom have critical, unpatched security vulnerabilities that could be exploited by hackers to target users and spy on calls and meetings. Betanews, April 15, 2020

Cyber Gov

State CISOs talk cybersecurity in the age of coronavirus. Cybersecurity practitioners face a unique set of challenges in wake of COVID-19 pandemic: With COVID-19 forcing states to take their workforces remote, chief information security officers (CISOs) are now faced with a unique set of challenges. Government Technology caught up with several state CISOs to understand how their jobs have changed since the onset of the novel coronavirus pandemic. SecurityInfoWatch, April 16, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge