Cybersecurity News of the Week, August 9, 2020

SecureTheVillage Calendar

Information Security Management Webinar: NIST Cyberprivacy Frameworks. August 13 @ 10:00 am – 11:00 am PDT

Dealing With Cyber Bullies: A Personal Account August 13 @ 2:00 pm – 3:00 pm PDT

Financial Services Cybersecurity Roundtable – August 2020. August 21 @ 8:00 am – 10:00 am PDT

CyberFreedomWebinar: Taming The Tiger: How to Detect, Deter, & Defeat Disinformation with Marc Ambinder. September 8 @ 10:00 am – 11:00 am PDT

Information Security Management Webinar: The Great Reboot: Succeeding in a World of Catastrophic Risk and Opportunity with Bob Zukis & Others. September 10 @ 10:00 am – 11:00 am PDT

Individuals at Risk

Cyber Privacy

U.S. government contractor Anomaly Six tracked hundreds of millions of users using SDK: A damning new WSJ report says a small U.S. government contractor embedded software in over 500 apps, tracking millions of people worldwide. iMore, August 7, 2020

Cyber Humor

Information Security Management for the Organization

Information Security Management

How COVID-19 Has Changed Business Cybersecurity Priorities Forever: For much of this year, IT professionals all over the globe have had their hands full, finding ways to help businesses cope with the fallout of the coronavirus (COVID-19) pandemic. In many cases, it involved a rapid rollout of significant remote work infrastructure. That infrastructure was called into service with little to no warning and even less opportunity for testing. Needless to say, the situation wasn’t ideal from a cybersecurity standpoint. The Hacker News, August 7, 2020

Report: Two new encryption standards will soon sweep away security controls: Security professionals must act before TLS 1.3 and DNS-over-HTTPS (DoH) are implemented or they won’t be able to analyze network traffic and detect cyberthreats, warns Forrester Research. TechRepublic, August 7, 2020

New index shows proactive cybersecurity measures outpaced reactive in Q2: Under pressure, large companies’ cybersecurity forces leaned in, and got the results they intended. SC Media, August 6, 2020

Endpoint Security Using AI & MITRE For Your Remote Workforce: As employees increasingly work remotely, it is more important than ever to maintain visibility and threat detection in a remote working world. We have seen a significant increase in state-sponsored attacks and malicious phishing campaigns, and this trend is expected to continue. This period of remote work is a good time for enterprise to make sure endpoint security techniques are in place and up to date. SecurityIntelligence, August 6, 2020

How Ransomware Threats Are Evolving & How to Spot Them: A series of new reports explains how ransomware attackers are changing techniques and how organizations can spot stealthy criminals. Dark Reading, August 4 ,2020

Secure The Human

Researchers Create New Framework to Evaluate User Security Awareness: Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats. DarkReading, August 6, 2020

Cyber Update

Hacker leaks passwords for 900+ enterprise Pulse Secure VPN servers. Organizations told to patch their Pulse Secure VPNs and change passwords with the utmost urgency: A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers. ZDNet, August 4, 2020

Cyber Fine

Capital One to pay $80M in connection with massive data breach: Capital One Financial has reached settlements with two federal banking regulators in connection with a 2019 hacking incident that resulted in a massive compromise of customer data. American Banker, August 6, 2020

Cyber Law

Third-Party Cookies, Reasonable Security Measures at Issue in CCPA Class Action Suits: “That is how they’re constructing that fact pattern into what was supposed to be a clear data breach,” Dominique Shelton Leipzig, a partner at Perkins Coie in Los Angeles, said. “The private right of action was supposed to limited to a negligent breach.”, August 3, 2020

Cybersecurity in Society

Cyber Crime

Ransomware Threatens Production of 300 Ventilators Per Day … The DoppelPaymer gang deployed a ransomware attack against ventilator manufacturer Boyce Technologies amid the COVID-19 pandemic: The FDA-approved Coronavirus ventilator manufacturer Boyce Technologies has been targeted by ransomware launched by the DoppelPaymer gang, who are threatening to leak data from the company. Coin Telegraph, August 7, 2020

Canon suffers ransomware attack, Maze claims responsibility: Reports based on an internal memo suggest an external security firm has been hired to investigate. ZDNet, August 7, 2020

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims: A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned. KrebsOnSecurity, August 6, 2020

Global Cybercrime Surging During Pandemic: Interpol: Fraudsters Shifting Focus to Governments, Health Infrastructure, Corporations. BankInfoSecurity, August 6, 2020

Cyber Espionage

Hacking group has hit Taiwan’s prized semiconductor industry, Taiwanese firm says: Taiwan’s semiconductor industry, a centerpiece of the global supply chain for smartphones and computing equipment, was the focus of a hacking campaign targeting corporate data over the last two years, Taiwan-based security firm CyCraft Technology claimed Thursday. Cyber Scoop, August 6, 2020

Cyber Attack

Mass hijacking spree takes over subreddits to promote Donald Trump … Reddit regains control of accounts and removes hacker’s message: Dozens of discussion groups on Reddit—including those dedicated to the National Football League, the San Francisco 49ers, and the Gorillaz—were hit in a Friday morning mass takeover spree that used the subreddits to spread messages promoting President Trump. ars technica, August 7, 2020

Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker: Perhaps fittingly, a Web-streamed court hearing for the 17-year-old alleged mastermind of the July 15 mass hack against Twitter was cut short this morning after mischief makers injected a pornographic video clip into the proceeding. KrebsOnSecurity, August 5, 2020

Cyber Leak

More than 20GB of Intel source code and proprietary data dumped online: “Exconfidential Lake” leak includes docs Intel provided under NDA as recently as May. ars technica, August 6, 2020

Robocall Legal Advocate Leaks Customer Data: A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers. KrebsOnSecurity, August 3, 2020

Cyber Talent

What to Tell Young People of Color About InfoSec Careers: CEO and founder of Revolution Cyber Juliet Okafor and Baker Hughes Director of Global OT Security Programs Paul Brager talk about the unique lessons and hard truths they provide when mentoring young black cybersecurity professionals. Dark Reading, August 5, 2020

A Patriotic Solution to the Cybersecurity Skills Shortage: Why now is the right time for the security industry to invest in the human capital that will make technology better, smarter, and safer. Dark Reading, August 3, 2020

Cyber Freedom

Russia Continues Interfering in Election to Try to Help Trump, U.S. Intelligence Says: But a new assessment says China would prefer to see the president defeated, though it is not clear Beijing is doing much to meddle in the 2020 campaign to help Joseph R. Biden Jr. The New York Times, August 7, 2020

STATEMENT BY NCSC DIRECTOR WILLIAM EVANINA: ELECTION THREAT UPDATE FOR THE AMERICAN PUBLIC: On July 24, 2020, I issued a statement to the American public providing an unclassified overview of foreign threats to the 2020 election and offering basic steps to mitigate some of these threats. At that time, I pledged that the U.S. Intelligence Community (IC) would continue to update the American public and other key stakeholders on the evolving election threat landscape, while also safeguarding our intelligence sources and methods. DNI, August 7, 2020

Voter registration ‘a huge target’ for ransomware: State and local election officials manage their voter registration databases using several pieces of software known to be favorite targets of ransomware actors, a leading ransomware analyst said during a webinar Thursday. Cyber Scoop, August 6, 2020

A Mix of Optimism and Pessimism for Security of the 2020 Election: DHS CISA’s Christopher Krebs and Georgetown University’s Matt Blaze at Black Hat USA give the lowdown on where things stand and what still needs to happen to protect the integrity of November’s election. Dark Reading, August 6, 2020

Cyber Disinformation

Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020: Google has published its second Threat Analysis Group (TAG) report, a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. SecurityAffairs, August 7, 2020

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem: An inside look at how nation-states use social media to influence, confuse and divide — and why cybersecurity researchers should be involved. ThreatPost, August 6, 2020

Pillars of Russia’s Disinformation and Propaganda Ecosystem. U.S. DEPARTMENT of STATE: Understanding Russia’s Disinformation and Propaganda Ecosystem. US Dept of State, August 2020

Anti-NATO Disinformation Campaign Leveraged CMS Compromises: Researchers uncovered a disinformation campaign aiming to discredit NATO via fake news content on compromised news websites. ThreatPost, July 31, 2020

Critical Infrastructure

NTI report looks at the importance of cybersecurity at nuclear facilities … Nuclear Threat Initiative’s NTI Index shows that only 47 percent of countries have a response plan in place for a cyberattack on a nuclear facility: Further, NTI reveals that most of those nations do not have adequate regulations for cybersecurity. The NTI Index found that only 34 percent receive a high score for cybersecurity. Homeland Preparedness, August 7, 2020

Cyber Enforcement

Three people have been charged for Twitter’s huge hack, and a Florida teen is in jail … Update: The Tampa teen allegedly pretended to work for Twitter’s IT department: Early on July 31st, the FBI, IRS, US Secret Service, and Florida law enforcement placed 17-year-old Graham Clark of Tampa, Florida, under arrest. He’s accused of being the “mastermind” behind the biggest security and privacy breach in Twitter’s history, one that took over the accounts of President Barack Obama, Democratic presidential candidate Joe Biden, Bill Gates, Elon Musk, Kanye West, Apple, and more to perpetrate a huge bitcoin scam on July 15th. The Verge, July 31, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge