Cybersecurity News of the Week, November 8, 2020

SecureTheVillage Calendar

Invitational Cybersecurity Workforce Workshop — Linking Supply & Demand. November 10 @ 10:00 am – 12:00 pm PST

Information Security Management Webinar: Conversation on the Cyber Risk Landscape with Deron T. McElroy, CISA. November 12 @ 10:00 am – 11:00 am PST

Insurance Brokers Cybersecurity Roundtable: Case Study of a Breach: Helping Your Clients Prepare for the Inevitable. November 17 @ 2:00 pm – 3:00 pm PST

Financial Services Cybersecurity Roundtable: November 2020. November 20 @ 8:00 am – 10:00 am PST

Information Security Management Webinar: PCI DSS 4.0 with Scott Pierangelo. December 10 @ 10:00 am – 11:00 am PST

Insurance Brokers Cybersecurity Roundtable: What Your Clients Need to Know About Information Security Management with Dr. Stan Stahl, PHD. December 15 @ 2:00 pm – 3:00 pm PST

Financial Services Cybersecurity Roundtable: December 2020. December 18 @ 8:00 am – 10:00 am PST

Individuals at Risk

Cyber Update

Apple Patches 24 Vulnerabilities Across Product Lines: The vulnerabilities include three for which exploits have already been seen in the wild. DarkReading, November 6, 2020

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

How COVID-19 Changed the VC Investment Landscape for Cybersecurity Companies: What trends can startups and investors expect to see going forward? DarkReading, November 6, 2020

Why Paying to Delete Stolen Data is Bonkers: Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion that victims might have any real expectation the attackers will actually destroy the stolen data, new research suggests a fair number of victims who do pay up may see some or all of the stolen data published anyway. KrebsOnSecurity, November 4, 2020

Cybersecurity threats to corporate America are present now ‘more than ever,’ SEC chair says: Securities and Exchange Commission Chairman Jay Clayton is telling corporate America it needs to get much more vigilant on security. CNBC, November 2, 2020

Information Security Management

Think 3,2,1 to Protect Your Business Against Ransomware: The war on ransomware is real. In the past few years, this form of attack has become a valid threat to businesses. We have seen huge attacks that have rendered multinational organizations, even governments, vulnerable and unable to continue mission-critical operations. In 2017, WannaCry brought hospital IT departments across Europe to a standstill, with over 200,000 computers across affected, demonstrating the destructive potential of ransomware. CPO, November 3, 2020

These software bugs are years old. But businesses still aren’t patching them: Many organisations still haven’t applied security patches issued years ago, putting them at risk from common cyberattacks. ZDNet, November 3, 2020

Don’t Torpedo Your Data Security Program: 5 Best Practices to Consider: If you are like most security leaders responsible for protecting your company’s crown jewels, you’ve certainly asked: Can malicious insiders access my organization’s sensitive and mission-critical data? Indeed, it’s a good question to ask, because there may be unseen torpedoes in motion that can sink your efforts to curtail this volatile behavior. SecurityIntelligence, October 29, 2020

Threat Analysis: How the Rapid Evolution of Reporting Can Change Security: With the advancements in data reporting gleaned from security information and event management (SIEM) tools and adjacent solutions, every security team today can face information overload and paralysis. To gain clarity within this murk, the practice of threat analysis has emerged and continues to evolve with time. With it, security professionals can find and fix the most pressing issues among the incidents reported daily. SecurityIntelligence, October 29, 2020

Cyber Privacy

What Businesses Need to Know About the New California Privacy Rights Act of 2020: Many races and initiatives that California voters considered on November 3 are still undecided, but Proposition 24, the California Privacy Rights Act of 2020 (the “CPRA”) isn’t one of them. The California electorate approved Proposition 24 by a comfortable margin – 56% of Californians voted in favor. Robert Braun, Esq., JMBM Cybersecurity Lawyer Forum, November 5, 2020

Cyber Warning

Linux version of RansomEXX ransomware discovered … This marks the first time a major Windows ransomware strain has been ported to Linux to aid hackers in their targeted intrusion: Security firm Kaspersky said today that it discovered a Linux version of the RansomEXX ransomware, marking the first time a major Windows ransomware strain has been ported to Linux to aid in targeted intrusions. ZDNet, November 6, 2020

Hackers are exploiting unpatched VoIP flaws to compromise business accounts: Over 1,200 organisations have fallen victim to a campaign that uses known exploits to remotely gain access to VoIP accounts – and the attackers are selling access to the highest bidder. ZDNet, November 5, 2020

50% of Ransomware Attacks Lead to Data Exfiltration; Payments Hit $234K: Ransom demands rose 31 percent from Q2 to Q3 2020, with an average of $234,000, while hackers threaten victims with extortion using exfiltrated data in nearly 50 percent of ransomware attacks. HealthITSecurity, November 4, 2020

Ransomware Alert as Emotet Detections Surge 1200%: Detected attacks using the Emotet Trojan soared by over 1200% from Q2 to the third quarter of this year, supporting a surge in ransomware campaigns, according to the latest data from HP Inc. InfoSecurity, November 3, 2020

Cybersecurity in Society

Cyber Crime

Capcom hacked in latest cyber-attack on game-makers: Video game-maker Capcom said its computer systems were hacked earlier this week, in the latest cyber-attack to hit the games industry. BBC, November 6, 2020

Toy maker Mattel discloses ransomware attack: Mattel said the ransomware attack had “no material impact to [its] operations or financial condition.” ZDNet, November 5, 2020

Italian beverage vendor Campari knocked offline after ransomware attack: Campari has refused to engage with the ransomware gang and is restoring systems. ZDNet, November 5, 2020

Army National Guard Deployed to UVM to Assist Ransomware Recovery: The Vermont Governor deployed the Army National Guard’s Cyber Response team to the University of Vermont (UVM) Health Network a week after ransomware attack hobbled its network. HealthITSecurity, November 5, 2020

Company that runs US illegal immigration detention centers discloses ransomware attack: Data for inmates and employees at three centers in California, Florida, and Pennsylvania was exposed in a ransomware attack on August 19. ZDNet, November 5, 2020

Know Your Enemy

When Hackers Have PR Departments: Tens of Thousands in Stolen Bitcoins Donated To Charity Organizations: An unknown ransomware group is on some sort of a public relations offensive, donating thousands of dollars in stolen Bitcoins to various charitable causes. While it’s unclear what the true motives of the hackers are, the fact that the money was obtained illegally will likely render the move nothing more than an empty and self-serving gesture. CPO, November 6, 2020

As Maze retires, clients turn to Sekhmet ransomware spin-off Egregor: The ransomware’s ‘retirement’ has left a hole that Egregor operators may capitalize on. ZDNet, November 4, 2020

Maze, a notorious ransomware group, says it’s shutting down: One of the most active and notorious data-stealing ransomware groups, Maze, says it is “officially closed.” TechCrunch, November 2, 2020

Cyber Freedom

Better Election Security Preparation Meant No “Russia, Russia, Russia” in 2020 Vote: As ballot counting continues in states across the country and potential election fraud is being flagged and litigated, we are thankfully not hearing about another form of election meddling; namely, foreign interference. The Heritage Foundation, November 6, 2020

The Cybersecurity 202: The security of future elections could ride on this one’s outcome: As Americans await the outcome of the 2020 election, the security of future elections may hang in the balance. The Washington Post, November 6, 2020

Cyber Law

Common Law Negligence and Ransomware Attacks: An Old Tool for a New Job: In the Cyber Age, legislative and regulatory bodies must play a perpetual game of catch-up, chasing dexterous bad actors whose evolving tactics and capabilities outpace the legal response., November 3, 2020

Blackbaud sued in 23 class action lawsuits after ransomware attack: Leading cloud software provider Blackbaud has been sued in 23 proposed consumer class action cases in the U.S. and Canada related to the ransomware attack that the company suffered in May 2020. BleepingComputer, November 3, 2020

Cyber Enforcement

Feds Seize $1B in Bitcoin from Silk Road: The illegal marketplace was hacked prior to it’s takedown — the IRS has now tracked down those stolen funds, it said. ThreatPost, November 6, 2020

Two Charged in SIM Swapping, Vishing Scams: Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. KrebsOnSecurity, November 4, 2020

Russian authorities make rare arrest of malware author: Malware dev made the grave error of deploying his malware inside Russia’s borders. ZDNet, November 4, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge