Cybersecurity News of the Week, July 19, 2020

SecureTheVillage Calendar

TownHallWebinar: Personal Cyber Security with Dr. Steve Krantz. July 21 @ 1:00 pm – 2:30 pm PDT Calabasas Senior Center Calabasas, CA

West Cyber Power Hour by the Cyber Security Summit. July 22 @ 10:30 am – 12:00 pm PDT

Driven Webinar: Information Governance. July 22 @ 11:00 am – 12:00 pm PDT

Technology & Security Management HappyHour: Introduction to the ME-ISAC with Founder Chris Taylor. July 28 @ 4:30 pm – 5:30 pm PDT

Information Security Management Webinar: NIST Cyberprivacy Frameworks. August 13 @ 10:00 am – 11:00 am PDT

Financial Services Cybersecurity Roundtable – August 2020. August 21 @ 8:00 am – 10:00 am PDT

CyberFreedomWebinar: Taming The Tiger: How to Detect, Deter, & Defeat Disinformation with Marc Ambinder. September 8 @ 10:00 am – 11:00 am PDT

Information Security Management Webinar: The Great Reboot: Succeeding in a World of Catastrophic Risk and Opportunity with Bob Zukis & Others. September 10 @ 10:00 am – 11:00 am PDT

Individuals at Risk

Update Now

Apple’s latest updates are out for iPhones and Macs – get them now!: When it comes to updates, Apple doesn’t do “predictable”. NakedSecurity, July 16, 2020

Cyber Defense

8 Signs of a Smartphone Hack … A rapidly dwindling battery life or sudden spike in data usage could indicate your iOS or Android device has been compromised: The more we depend on smartphones, the more attractive an attack vector they become. Android and iOS and devices have become common targets for cybercriminals, as people use them for work, communications, social media, travel, and important services like finance and healthcare. DarkReading, July 16, 2020

Cyber Warning

Chinese hackers are trying to get Android users to click on a ‘missed delivery’ text: Another day, another nasty new piece of Android malware to be aware of — this time, according to cybersecurity researchers at Cybereason, it’s malware that uses a “missed delivery” text to phish its unsuspecting recipients. BGR, July 16, 2020

Nasty Android malware attacks Facebook, Gmail and more — what to do: Dangerous Trojan can steal account and credit card info. Toms Guide, July 16, 2020

Cyber Humor

Information Security Management for the Organization

Information Security Management

CISOs discuss cybersecurity in the COVID-19 environment … A digital panel discussion sponsored by MIT’s Sloan CIO Digital Learning Series covered a range of topics from protecting remote workers to phishing to how to manage risk: CISOs are asked how secure their organization is against cyberattacks. Instead of trying to determine that, though, Mars’ CISO said he prefers to reframe the question, and with a note of caution. TechRepublic, July 17, 2020

What the Twitter hack tells us about managing the insider threat: On Wednesday, July 15, the Twitterverse was ablaze with what Twitter itself has described as a “coordinated social engineering attack” that was launched at around 4pm ET. The outcome of this breach was compromised Twitter accounts of many well-known people and organizations, including Jeff Bezos, Elon Musk, Bill Gates, former President Barack Obama, Joe Biden, Uber and many others. The malicious attackers had posted on these accounts that they would return double the amount of money sent to several Bitcoin addresses, duping some of their followers. SecurityIntelligence, July 17, 2020

Leading Technologies: Using Personal Machines is High Risk: We get it, you reacted quickly to respond to COVID. You learned about how COVID spreads, how to protect yourself and your family from getting sick, and how to keep your business afloat. Now we are in an emerging new normal and it’s time to reevaluate what was done from a technology and information security perspective to ensure that the quick decisions you had to make are safe and reasonable. David Lam, Partner, Miller Kaplan, LA Business Journal, July 6, 2020

Cyber Warning

Ransomware accounts for a third of all cyberattacks against organizations: Government agencies were most heavily hit by ransomware during the first quarter, says Positive Technologies. TechRepublic, July 15, 2020

Cyber Update

CISA Issues Emergency Directive on Windows Server DNS Vulnerability: The Cybersecurity and Infrastructure Security Agency (CISA) on Thursday announced the release of an emergency directive on patching a Windows Server Domain Name System (DNS) vulnerability (CVE-2020-1350). Redmond Mag, July 16, 2020

‘Wormable’ Flaw Leads July Microsoft Patches: Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, “wormable” flaw in Windows Server versions that Microsoft says is likely to be exploited soon. While this particular weakness mainly affects enterprises, July’s care package from Redmond has a little something for everyone. So if you’re a Windows (ab)user, it’s time once again to back up and patch up (preferably in that order). KrebsOnSecurity, July 14, 2020

Cyber Insurance

Are business covered if their service provider is hit by ransomware? … The fallout of supply chain-style ransomware attacks are twofold — data encryption and data exfiltration — cyber insurance has to reckon with both: Last year ransomware targeted more than a dozen managed service providers or cloud-based service providers. The result? Thousands of encrypted endpoints. CIO Dive, July 17, 2020

Cyber Talent

Cybersecurity Leaders: Invest In Your People: Training, especially cross-training, is insanely powerful when team members are able to experience, train, and work together. It also builds trust. DarkReading, July 16, 2020

Cybersecurity in Society

Cyber Privacy

European Court Drops ‘Privacy Shield’ Over US Surveillance … Europe’s highest court has invalidated the Privacy Shield, an EU-U.S. data-sharing agreement, on grounds it offers insufficient privacy safeguards for Europeans: At issue are U.S. surveillance practices, which the European Court of Justice’s Thursday ruling says involve collecting personal information in a manner “not limited to what is strictly necessary,” thus violating Europeans’ privacy rights. BankInfoSecurity, July 17, 2020

Cyber Crime

Russian Cybercrime Surged 25x in 5 Years, Says Local AG: Russian cybercrime is up 92% since last year. CoinTelegraph, July 17, 2020

Leading nonprofit vendor BlackBaud stopped ransomware attack but still pays ransom demand to ensure hackers would delete data they stole from its network: Blackbaud, one of the world’s largest providers of financial and fundraising technology to nonprofits, was hacked and paid a ransom to have the hijacked data destroyed by the cybercriminals. The Nonprofit Times, July 16, 2020

Cyber Attack

Cybercriminals Targeted Streaming Services to Provide Pandemic Entertainment … Prior to 2020, about 1 in 5 credential attacks targeted video services, but that’s nothing compared to Q1 2020, according to newly published data: Credential stuffing has become a major vector for attacks against online services, but the media industry—particularly video-streaming services and video platforms—has been hard hit, with more than 88 billion login attempts across all industries during the 24 months of 2018 and 2019, according to a new report. DarkReading, July 17, 2020

Hackers Tell the Story of the Twitter Attack From the Inside: Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control. The New York Times, July 17, 2020

Who’s Behind Wednesday’s Epic Twitter Hack?: Twitter was thrown into chaos on Wednesday after accounts for some of the world’s most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. Twitter says the attack happened because someone tricked or coerced an employee into providing access to internal Twitter administrative tools. This post is an attempt to lay out some of the timeline of the attack, and point to clues about who may have been behind it. KrebsOnSecurity, July 16, 2020

Breached Data Indexer ‘Data Viper’ Hacked: Data Viper, a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The hackers also claim they are selling on the dark web roughly 2 billion records Data Viper collated from numerous breaches and data leaks, including data from several companies that likely either do not know they have been hacked or have not yet publicly disclosed an intrusion. KrebsOnSecurity, July 13, 2020

Cyber Espionage

Russian Hackers Look to Steal COVID-19 Vaccine Research … The Russia-linked APT29 has set its sights on pharma research in Western nations in a likely attempt to get ahead on a cure for coronavirus: The Russia-linked APT29 has set its sights on pharma research in Western nations in a likely attempt to get ahead on a cure for coronavirus. ThreatPost, July 16, 2020

Know Your Enemy

The Streaming Wars: A Cybercriminal’s Perspective: Cyber threats aren’t relegated to the world of big businesses and large-scale campaigns. The most frequent attacks aren’t APTs and massive data breaches—they’re the daily encounters with malware and spam by everyday users. And, one of the areas where we’re most vulnerable is entertainment—particularly when we’re so used to finding everything and anything we want to watch or play for little or no money online. That’s why, last year, we took a look at how cybercriminals use popular shows to spread malware. This year we turned to a no less popular entertainment sector: streaming platforms. Kaspersky, July 16, 2020

Brazilian Banking Trojans Spread to Other Nations … Kaspersky: Fraudsters Now Target North America, Europe, Latin America: The operators behind a family of Brazilian banking Trojans are expanding their operations to other parts of Latin America as well as North America and Europe, according to a report from Kaspersky. BankInfoSecurity, July 16, 2020

National Cybersecurity

Congress Debates Renewal of National Cyber Director Role … Legislation Calls for Creating Cybersecurity Office at White House With Staff of Up to 100: The U.S. should restore the position of cybersecurity coordinator at the White House because the number of threats against the nation is increasing, several security experts testified this week at a House hearing. But some Republicans question whether the move would create unnecessary bureaucracy. BankInfoSecurity, July 17, 2020

Big Leak Reveals Iran Targeting US Military With Super Speedy Google Account Hacks: A leak from a suspected Iranian hacker crew has revealed just how it’s snooping on American officials’ online lives by taking control of their Google accounts, according to IBM researchers. The same hackers have reportedly been linked with attacks on President Trump’s campaign staff, according to an IBM report shared with Forbes. Forbes, July 16, 2020

Cyber Freedom

What the Twitter Hack Revealed: An Election System Teeming With Risks: The breach that targeted Joe Biden, Barack Obama and others served as a warning: Had it happened on Nov. 3, hoping to upend the election, the political fallout could have been quite different. The New York Times, July 16, 2020

Time running out to protect US November elections: Experts say it’s too late for significant legislative action to better protect voting this fall, but meaningful changes are still possible. CSO, July 15, 2020

To Secure the Election: Tame the Russian Bear in Cyberspace … As the U.S. presidential election approaches, U.S. Cyber Command will have to consider tougher measures to impose costs that change Russia’s behavior in cyberspace: On June 14, Russian President Vladimir Putin described the United States as a country gripped by a “deep internal crisis” due to the refusal by opponents of President Trump to accept his “obvious” 2016 election victory and his legitimacy as leader. Meanwhile, Russian English language outlets pushed a common theme that protests and fires in the United States over racial injustice were a coup or uprising staged by the “Deep State” against the Trump administration. These public messages, combined with Russia’s aggressive social media influence campaigns and targeted cyber operations, aim to sow division in American society and affect the upcoming presidential election. CFR, July 13, 2020

Cyber Law

New Report Shows That Most Companies Are Still Not Prepared for CCPA: The California Consumer Privacy Act (CCPA) is fully in force as of July 1, but a new study from data privacy management firm Ethyca shows that more than half of organizations are still not prepared for it. This is a very late point in the game to get started, as CCPA enforcement actions can apply to violations that date all the way back to the beginning of the year. CPO, July 17, 2020

Walmart Sued Under CCPA After Data Breach: Walmart has become the latest big-name brand accused of violating California’s new data breach regulations. InfoSecurity Magazine, July 16, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge