Cybersecurity News of the Week, April 26, 2020

SecureTheVillage Calendar

Webinar: Security Challenges We Are All Facing. SecureTheVillage Board Member Jason Meshekow, April 30 @ 11:00 am – 12:00 pm

IT and Cybersecurity Professionals Cinco de Mayo Happy Hour. May 5 @ 4:30 pm – 5:30 pm

Leadership Council Happy Hour. May 6 @ 4:30 pm – 6:00 pm

TownHallWebinar: Securing Your Home and Family (Part 1). May 14 @ 10:00 am – 11:00 am

Personal Cyber Security with Dr. Steve Krantz, May 26 @ 1:00 pm – 2:30 pm Calabasas Senior Center Calabasas, CA

Individuals at Risk

Cyber Privacy

Contact tracing apps unsafe if Bluetooth vulnerabilities not fixed: With governments increasingly looking to use contact tracing apps to add efforts in containing COVID-19, such initiatives are likely to spark renewed interest in Bluetooth attacks and there needs to be assurance these apps are regularly tested and vulnerabilities patched. ZDNet, April 25, 2020

The Pandemic and the Future of Data Privacy: Can the data collected to sell shoes be used to inform health care decisions—and should it be? TheBulwark, April 8, 2020

Cyber Crime

Nintendo account hack FAQ: What happened, who’s at risk, and how you can secure your ID: Since you’re probably playing a whole lot more Switch and 3DS games than usual these days, this hack couldn’t have come at a worse time. Nintendo has announced that more than 150,000 older accounts have been hacked and are warning users to change their accounts. Here’s what you need to know: PCWorld, April 23, 2020

Cyber Danger

Beware – that email from HR might be a cyber scam: Criminals look to exploit new working from home trend. TechRadar, April 24, 2020

Adult dating site attacks targeted colleges with remote access trojan: Aimed at students and faculty at colleges in the US, this phishing campaign tried to infect machines with the Hupigon remote access trojan, says security provider Proofpoint. TechRepublic, April 24, 2020

Cyber Fraud

When in Doubt: Hang Up, Look Up, & Call Back: Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here’s how one security and tech-savvy reader got taken for more than $10,000 in an elaborate, weeks-long ruse. KrebsOnSecurity, April 23, 2020

Cyber Update

Patch now! Microsoft issues unexpected Office fix: Microsoft just issued Security Advisory ADV200004, entitled Availability of updates for Microsoft software utilizing the Autodesk FBX library. NakedSecurity, April 2

Cyber Humor

Information Security Management for the Organization

Information Security Management and Governance

A Cybersecurity Resource Guide to Navigate COVID-19: According to the results of the CSO Pandemic Impact Survey, 61% of the security and IT leader respondents are concerned about an increase in cyber-attacks targeting their employees who are working from home. NetworkWorld, April 23, 2020

More CFOs feeling the heat with ransomware: Too often we’re hearing about ​cities​ and ​organizations​ falling prey to ransomware attacks with the average cost of ransomware related downtime ​hovering around $55K​ – note that’s just the cost of ​downtime ​ , which excludes any ransom that might be paid. It’s also estimated that the total damage costs from global ransomware incidents are predicted to hit ​$11.5B this year​, which is staggering to say the least. From my perspective, paying any amount of ransom is obviously troublesome for a couple of reasons: the wide range of data CFOs use to manage the business is always at risk AND paying a ransom of any size could cripple an organization indefinitely. SCMagazine, April 20, 2020

Cyber Warning

Ransomware is now the biggest online menace you need to worry about – here’s why: Ransomware attacks have overtaken credit card theft as the top form of cybercrime according to new data. ZDNet, April 22, 2020

Know Your Enemy

How the Dark Web Fuels Insider Threats: New decentralized, criminal marketplaces and “as-a-service” offerings make it easy for employees to monetize their knowledge and access to enterprise networks and systems. DarkReading, April 23, 2020

Cyber Defense

NY Department of Financial Services Issues Guidance Regarding Cybersecurity Awareness during COVID-19: The New York Department of Financial Services (DFS) issued guidance to its regulated entities regarding heightened cybersecurity awareness as a result of the COVID-19 pandemic. The DFS has identified several areas of heightened cybersecurity risk as a result of this crisis: remote work, phishing and fraud and third-party risk. SecurityMagazine, April 24, 2020

Protect Your Distribution Operations From Ransomware: Cybersecurity breaches are not typically targeted attacks. They are more commonly opportunistic attacks designed to make money. Coronavirus fears create natural vulnerabilities to exploit to gain access to your systems. HealthcarePackaging, April 23, 2020

Cybersecurity in Society

Cyber Privacy

Where Does the U.S. Rank in the Global Data Privacy Landscape?: Data privacy is a human right. Consumers demanded their governments take action in protecting their privacy and finally, governments started listening. Europe was the first and jump-started this global trend of keeping data safe and regulated. They began by enforcing the General Data Protection Regulation (GDPR) in May 2018, which significantly increased the protection of people’s online data rights. CPO, April 24, 2020

How technology can identify a “safe” workforce and protect privacy post-pandemic: MIT professor makes the case for certifying a person’s immune health status via a protected digital identity. TechRepublic, April 24, 2020

Cyber Crime

Cybercrime Group Steals $1.3M from Banks in a Sophisticated Business Email Compromise (BEC) Attack on Israeli and UK Financial Sector Firms: A look at how the so-called Florentine Banker Group lurked for two months in a sophisticated business email compromise attack on Israeli and UK financial companies. DarkReading, April 24, 2020

DoppelPaymer Ransomware Hits LA Suburb, Demands 100 Bitcoins as Ransom: DoppelPaymer ransomware operators demanded 100 bitcoins as ransom from officials after allegedly attacking the city of Torrance in California’s Los Angeles County. SecurityIntelligence, April 23, 2020

Fortune 500 Cognizant confirms Maze ransomware attack: Cognizant, one of the largest tech and consulting companies in the Fortune 500, has confirmed it was hit by a ransomware attack. TechCrunch, April 18, 2020

Cyber Attack

Ransomware attacks in government, education, and healthcare sectors fall amidst coronavirus outbreak while attacks against private sector remain at high level during the coronavirus outbreak: Emisoft: Cybercriminals who deploy ransomware are always on the hunt for new victims. That’s true even during a time of crisis such as the coronavirus pandemic. Though some ransomware gangs have vowed to hold off on attacks against hospitals and healthcare providers as the world battles COVID-19, others are still trying to make a profit out of any potential victim. But as the virus has spread, the number of successful ransomware attacks against certain sectors has actually declined, according to a blog post published Thursday by Emsisoft. TechRepublic, April 24, 2020

WHO Confirms Email Credentials Leak. Washington Post had identified the group as one among several whose passwords and emails were dumped online and abused: The World Health Organization this week disclosed that some 450 active WHO email addresses and passwords were leaked online recently amid a big overall increase in cyberattacks directed at its staff. DarkReading, April 24, 2020

Cyber Attack Targets Sale Of The World’s Most Expensive Whisky: The Perfect Collection auction by the Whisky Auctioneer is one of the most widely documented whisky auctions of the year, and the second half of the collection went online last week, expected to end on April, 20th. While it was underway, a sophisticated cyber attack was launched on the site, shutting it down and postponing the auction indefinitely. What does this mean for whisky fans and auction participants? Forbes, April 23, 2020

Cyber Defense

AI helps experts find thousands of child sexual abuse imagery keywords: A team of 13 analysts at the Internet Watch Foundation (IWF) have used machine learning to help them figure out what secret code words are used by online communities of perverts to covertly talk about child sexual abuse images. NakedSecurity, April 24, 2020

Cyber Espionage

New Report Reveals Chinese APT Groups May Have Been Entrenched in Some Servers for Nearly a Decade Using Little-Known Linux Exploits: The state-backed Chinese advanced persistent threat (APT) groups are among the world’s oldest, most skilled and most active agents of cyber espionage. As respected as these groups already are as threats, a new report from BlackBerry indicates that their reach and capability may be even greater than previously thought. CPO, April 24, 2020

COVID-19 cyber espionage saw Chinese ministry targeted by Ocean Lotus: FireEye Spear phishing campaign out of Vietnam went after information related to coronavirus, security firm says: FireEye has stated it believes hacking group Ocean Lotus, also known as APT32 and linked to the Vietnamese government, was involved in a spear phishing campaign targeting members of the Wuhan government and Chinese Ministry of Emergency Management in search of information related to the coronavirus pandemic that is sweeping the planet. ZDNet, April 23, 2020

Know Your Enemy

Unproven Coronavirus Therapy Proves Cash Cow for Shadow Pharmacies: Many of the same shadowy organizations that pay people to promote male erectile dysfunction drugs via spam and hacked websites recently have enjoyed a surge in demand for medicines used to fight malaria, lupus and arthritis, thanks largely to unfounded suggestions that these therapies can help combat the COVID-19 pandemic. KrebsOnSecurity, April 24, 2020

Cyber Freedom

Cybersecurity snubbed in stimulus package: Aid for states is not the only thing that didn’t make it into the $480 billion stimulus package President Trump signed today – funding for cybersecurity also was notably missing, something that security experts, policymakers and security experts hope Congress will rectify in future stimulus bills, particularly around election security. SC Magazine, April 24, 2020

Who’s Behind the “Reopen” Domain Surge?: The past few weeks have seen a large number of new domain registrations beginning with the word “reopen” and ending with U.S. city or state names. The largest number of them were created just hours after President Trump sent a series of all-caps tweets urging citizens to “liberate” themselves from new gun control measures and state leaders who’ve enacted strict social distancing restrictions in the face of the COVID-19 pandemic. Here’s a closer look at who and what appear to be behind these domains. KrebsOnSecurity, April 20, 2020

Cyber Law

The Cybersecurity 202: There’s finally a Supreme Court battle coming over the nation’s main hacking law: The Supreme Court is finally considering whether to rein in the nation’s sweeping anti-hacking law, which cybersecurity pros say is decades out of date and ill-suited to the modern Internet. The Washington Post, April 24, 2020

Zoom and the Problem of Cybersecurity Moral Hazard: A great deal of ink has been spilled regarding the many security vulnerabilities in Zoom teleconferencing software that were discovered after hundreds of millions of people began using Zoom as a means of holding meetings, classroom discussions, yoga classes, and even funerals during the COVID-19 lockdown. And while Zoom took immediate measures to shore up the security on its platform, including hiring Facebook’s former chief of security, as well as a widely recognized leader in establishing bug bounty programs, these actions came years after security consultants found vulnerabilities that were serious enough to make cloud provider Dropbox reconsider the use of Zoom within their company, and New York City schools ban its use for remote learning. JustSecurity, April 24, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge