Cybersecurity News of the Week, June 21, 2020

SecureTheVillage Calendar

STVHappyHour: A CIO and a Cyberinsurance Broker Walk Into a Bar … June 23 @ 4:30 pm – 5:30 pm PDT

TownHallWebinar: Protect Yourself From IDentity Theft with Karen Codman. June 23 @ 7:00 pm – 8:00 pm PDT

TownHallWebinar: Up On Cyber 2020. June 25 @ 8:00 am – 12:30 pm PDT

Leadership Council Meeting, July 8: Special Guest Dr. Vinton Cerf, Father of the Internet. July 8 @ 12:00 pm – 1:30 pm PDT

TownHallWebinar: Personal Cyber Security with Dr. Steve Krantz. July 21 @ 1:00 pm – 2:30 pm PDT Calabasas Senior Center Calabasas, CA

Individuals at Risk

Cyber Privacy

Google removes 106 Chrome extensions for collecting sensitive user data: Security firm identifies 111 malicious Chrome extensions collecting user keystrokes, clipboard content, cookies, more. ZDNet, June 18, 2020

Cyber Defense

Goodbye SMS—Google Confirms Powerful New Update For Millions Of Users: SMS messages are something of a security disaster. These unencrypted, open-form text messages travel across multiple unsecured networks, from sender to recipient. The system is a throwback to a long-gone era. This is becoming better known when we message one other—thus the rise of encrypted alternatives, WhatsApp, iMessage and Signal. But, ironically, that same SMS system has become the default delivery mechanism for most two-factor authentication (2FA) codes. And that’s not good. Forbes, June 17, 2020

Cyber Update

Unpatched vulnerability identified in 79 Netgear router models…Replace if your model is too old to update: A whopping 79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely. ZDNet, June 18, 2020

Cyber Danger

Turn on MFA Before Crooks Do It For You: Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident. KrebsOnSecurity, June 19, 2020

Popular mobile banking apps are riddled with security flaws, and Android users are more at risk. Users cautioned to properly secure their mobile devices: A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts. TechRepublic, Juen 18, 2020

Google Alerts accidentally circulating malware among users…Scammers are using fake data breach notifications to distribute malware and scams: Fraudsters are using black SEO, Google Sites and spam pages to push fake data breach notifications impersonating big name companies in an effort to distribute malware and scams. TechRadarPro, June 17, 2020

Cyber Humor

Information Security Management for the Organization

Information Security Management

Building relationships: The key to becoming a true cybersecurity leader. Slowly but surely, organizations are starting to view information security as a business problem, not an IT problem, and as everybody’s responsibility: “The CISO role is evolving to be less technical and more business-centric and, in many organizations, the CISO no longer reports to the CIO or CTO, but rather to the CEO or Board of Directors. As a result, many more business decisions are made with security [and privacy] in mind,” says Naomi Buckwalter, Director of Information Security & Privacy, Energage. HelpNetSecurity, June 18, 2018

As Businesses Reopen, A New Storm Of Cybercrime Activity Looms: There is nothing ordinary about the amount of disruption that will impact our lives moving forward as countries and states reopen following the coronavirus pandemic. In the context of the cloud, disruptions caused by COVID-19 have opened the door to another type of virus: cybersecurity threats. Today we are witnessing a rapid rise of opportunistic cybercriminal activity taking advantage of the chaos created by COVID-19. Forbes, June 18, 2020

Adapting information security management practices to post-Covid world. Microsoft Reports: COVID-19 Attacks Still Less Than 2% of Total Threats: COVID-19-themed cyber-attacks comprised only a tiny amount of overall threat volumes over the past four months despite sensational headlines, according to Microsoft. InfoSecurity, June 18, 2020

Privacy Management

French Privacy Watchdog Offers New Guidance for Web Scraping and Its Use in Direct Marketing: Explicit General Data Protection Regulation (GDPR) guidance on the subject of web scraping for purposes of direct marketing has finally been laid out to the public following the publication of a set of guidelines by France’s data watchdog, the CNIL. CPO, June 19, 2020

Cyber Warning

Phishing Campaign Targeting Office 365, Exploits Brand Names: Attackers use trusted entities to trick victims into giving up their corporate log-in details as well as to bypass security protections. ThreatPost, June 18, 2020

Cybercriminals Continue To Attack MSPs And IT Vendors … ConnectWise MSP Partners Hit By Ransomware: Multiple ConnectWise partners have had their customers hit with ransomware through a software flaw that the company revealed last week with one having several end users compromised, according to a source who spoke on condition of anonymity. CRN, June 18, 2020

Cybersecurity in Society

Cyber Crime

Elon Musk Bitcoin vanity addresses used to scam users out of $2 million: While Bitcoin giveaway scams have been around for more than two years, new trick helps scammers net massive profits. ZDNet, June 19, 2020

Maze Ransomware Gang Continues Data-Leaking Spree: Latest Named Victims Include Engineering Firm, Furniture Manufacturer, Pet Spa. BankInfoSecurity, June 18, 2020

Cognizant Says Maze Ransomware Attackers Hijacked Tax ID, Social Security, Passport Data: The cybercriminals who hit Cognizant this spring “exfiltrated” data related to employees’ corporate credit cards among other personal data including Social Security numbers, tax IDs, financial account information, and driver’s license and passport details, according to two letters Cognizant filed with California state regulators. CRN, June 18, 2020

Cyber Attack

Hidden Cyber War Between Israel and Iran Spills Into Public View With Attacks on Physical Infrastructure: For decades now there has been something of a tacit agreement among nations that spying and hacking are not enough to constitute acts of war, and that these battles are to be kept in the shadows for the most part. The general public is occasionally impacted by this quiet cyber war in the form of a personal information breach or a state-sponsored raid on the confidential assets of a private company, but attackers have generally stopped short of executing virtual attacks that create real damage in the physical world. CPO, June 19, 2020

Australia says it has been targeted by a ‘sophisticated’ state-based cyber attack. China suspected: Sydney/Hong Kong (CNN Business)The Australian government is grappling with massive cyber attacks from what Prime Minister Scott Morrison has described as a “malicious” and “sophisticated” state-based actor. CNN, June 19, 2020

AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever: The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, recorded in March 2018. ZDNet, June 17, 2020

No, The U.S. Has Not Suffered The Biggest Cyber-Attack In History: Here’s What Actually Happened at T-Mobile: As hundreds of thousands of people reported mobile carriers and internet services down, and ‘DDoS’ started trending on Twitter, ‘Anonymous’ laid the blame on China and suggested a major cyber-attack was underway. Here’s what actually happened. Forbes, June 16, 2020

Know Your Enemy

Cybercrime Has Undergone an Industrial Revolution – How to Keep Up: Cybercrime is an industry, with its own service economy, tools for hire, solution providers and end users, and this shadow economy is growing. Over several years, the cyber-criminal underground has undergone its own industrial revolution, a profound and far-reaching process of modernization and innovation. InfoSecurity, June 18, 2020

Ransomware News Roundup: Maze Gang Forms Extortion Cartel: In early June 2020, the Maze gang teamed up with other crypto-malware actors to extort non-paying victims using its shared data leaks platform. Maze wasn’t the only strain that made news. Those behind the REvil family also attracted the security community’s attention when it began auctioning off data stolen by their creation. Additionally, security researchers discovered two new crypto-malware groups: Kupidon and Avaddon. SecurityIntelligence, June 18, 2020

National Cybersecurity

When Security Takes a Backseat to Productivity: So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division. The analysis highlights a shocking series of security failures at one of the world’s most secretive entities, but the underlying weaknesses that gave rise to the breach also unfortunately are all too common in many organizations today. KrebsOnSecurity, June 17, 2020

Cyber Freedom

Nation State Hackers Take Aim at Trump and Biden Campaigns: Nation state hackers originating from foreign governments have launched phishing attacks against campaign staff belonging to US presidential candidates Joe Biden and Donald Trump, according to observations by the Google Threat Analysis Group (TAG). While ultimately unsuccessful, the attacks have prompted mixed responses from the campaigns involved and have raised fresh alarm about cybersecurity preparedness among presidential candidates and their susceptibility to nation state hackers more broadly. CPO, June 18, 2020

Systemic Racism Is a Cybersecurity Threat. Understanding how systemic racism influences cybersecurity is integral to protecting the American people, deterring U.S. adversaries, & defending American businesses: For years there have been well documented discussions about the need to expand gender and racial diversity in cybersecurity. People have argued that if we address social and systemic issues separately, we will get the technology right. However, the social and the technological are mutually constitutive. Bringing in new points of view is crucial to cybersecurity, but we also have to change the systems in which technology is embedded and review technology against the backdrop of larger systemic issues to reduce vulnerabilities. Council on Foreign Relations, June 16, 2020

Cyber Law

A New CCPA Data Breach Lawsuit Is “Minted.” Online stationery and craft company Minted Inc. has been hit with a CCPA class action lawsuit, stemming from a massive data breach the company disclosed in late May: Online stationery and craft company Minted Inc. has been hit with a CCPA class action lawsuit, stemming from a massive data breach the company disclosed in late May. The proposed class action lawsuit, filed in a California federal court, claims that Minted Inc. failed to implement “reasonable security measures” and to properly encrypt certain personal information. See Atkinson v. Minted, Inc., No. 3:20-cv-03869 (N.D. Cal. June 11, 2020). As a result, the hackers allegedly accessed the company’s database that contained customers’ names and login credentials, including unredacted and unencrypted account information. Some 73.2 million records were allegedly stolen and included passwords, names, and other information. JDSupra, June 17, 2020

Cyber Enforcement

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy: An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web. KrebsOnSecurity, June 18, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge