Cybersecurity News of the Week, July 26, 2020

SecureTheVillage Calendar

Technology & Security Management HappyHour: Introduction to the ME-ISAC with Founder Chris Taylor. July 28 @ 4:30 pm – 5:30 pm PDT

CiAM Webinar: Protect Your Private and Personal Information from Hacker July 28 @ 2:00 pm – 3:30 pm PDT

Information Security Management Webinar: NIST Cyberprivacy Frameworks. August 13 @ 10:00 am – 11:00 am PDT

Dealing With Cyber Bullies: A Personal Account August 13 @ 2:00 pm – 3:00 pm PDT

Financial Services Cybersecurity Roundtable – August 2020. August 21 @ 8:00 am – 10:00 am PDT

CyberFreedomWebinar: Taming The Tiger: How to Detect, Deter, & Defeat Disinformation with Marc Ambinder. September 8 @ 10:00 am – 11:00 am PDT

Information Security Management Webinar: The Great Reboot: Succeeding in a World of Catastrophic Risk and Opportunity with Bob Zukis & Others. September 10 @ 10:00 am – 11:00 am PDT

Individuals at Risk

Cyber Privacy

7 VPNs that leaked their logs – the logs that “didn’t exist”: VPNs are all the rage these days, because they’re supposed to boost your privacy and stop you being tracked. NakedSecurity, July 20, 2020

Cyber Defense

Got An Email From A Hacker With Your Password? Do These 3 Things: Almost every week, I will get contacted by readers who have received an email from a hacker who not only claims to have access to their computer but has the password to prove it. These online extortion scams have surged during the COVID-19 pandemic, and scams are precisely what they are, coming in many flavors. Perhaps the most common being the sextortion email that demands money to prevent compromising sexual material being sent to friends, family and work colleagues. The perpetrator will suggest that they are a successful hacker who has not only gained access to your computer but installed malware to record your activity, including taking control of your webcam. What’s more, to validate their hacking credentials, they will present you with a username and password that you will likely recognize as being one that you use. This is the point at which the recipient panics and sends me an email asking what they can do. I’ll share the answer here, so if you experience this, you can skip sending me an email. Forbes, July 24, 2020

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

NY Charges First American Financial for Massive Data Leak: In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties. KrebsOnSecurity, July 23, 2020

Information Security Management and Governance

Cybersecurity Lessons from the Pandemic: How does cybersecurity support business and society? The pandemic shows us. DarkReading, July 22, 2020

4 Steps to Help You Plan a Cyber Resilience Roadmap: What is cyber resilience? SecurityIntelligence, July 22, 2020

Cyber Defense

Business Email Compromise: What it is, and how to stop it: Business Email Compromise is a damaging form of cybercrime, with the potential to cost a company millions of dollars. Even the most astute can fall victim to one of these sophisticated schemes. Microsoft, July 23, 2020

The challenges and opportunities of shadow IT: The shadow IT genie is out of the bottle and offers benefits and threats. Learn some tips from the experts on how to effectively harness shadow IT in your company. TechRepublic, July 23, 2020

Cyber Warning

Ransomware Adopts a Game-Changing Blackmail Model for Information Theft: Initially, most ransomware schemes have relied primarily on malicious encryption to render a victims’ data inaccessible, but ever since the Maze ransomware took the spotlight in 2019, the dynamics have changed. Numerous ransomware strains are now adopting a double-edged, blackmail model for information theft. Info Security, July 24, 2020

Email Security Features Fail to Prevent Phishable ‘From’ Addresses: The security features for verifying the source of an email header fail to work together properly in many implementations, according to a team of researchers. DarkReading, July 24, 2020

Ransomware attacks jump as crooks target remote working: Ransomware attacks are getting bigger and bolder – at a time where many organisations don’t have the resources to fight them off. ZDNet, July 21, 2020

Cybersecurity in Society

Cyber Crime

Will Garmin Pay $10m Ransom To End Two-Day Outage?: Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days. Forbes, July 25, 2020

Sports team nearly paid a $1.25m transfer fee… to cybercrooks … in attempted BEC scheme: If you were about to spend more than a million dollars, how careful would you be about where you sent the money? NakedSecurity, July 23, 2020

Cyber Attack

A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs … Emotet botnet activity goes down as Emotet admins are wrestling with a vigilante for control over parts of their infrastructure: An unknown vigilante hacker has been sabotaging the operations of the recently-revived Emotet botnet by replacing Emotet payloads with animated GIFs, effectively preventing victims from getting infected. ZDNet, July 24, 2020

Exclusive: More than 1,000 people at Twitter had ability to aid hack of accounts: SAN FRANCISCO (Reuters) – More than a thousand Twitter employees and contractors as of earlier this year had access to internal tools that could change user account settings and hand control to others, two former employees said, making it hard to defend against the hacking that occurred last week. Reuters, July 24, 2020

Twitter Hacking for Profit and the LoLs: The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. These individuals said they were only customers of the person who had access to Twitter’s internal employee tools, and were not responsible for the actual intrusion or bitcoin scams that took place that day. But new information suggests that at least two of them operated a service that resold access to Twitter employees for the purposes of modifying or seizing control of prized Twitter profiles. KrebsOnSecurity, July 22, 2020

Cyber Espionage

FBI warns US companies about backdoors in Chinese tax software: Following the GoldenHelper and GoldenSpy malware reports, the FBI is now warning US companies operating in China. ZDNet, July 24, 2020

Know Your Enemy

The Hacker Infrastructure and Underground Hosting … An Overview of the Cybercriminal Market: Cybercriminals are in the business of making money at their victims’ expense. Unfortunately, this involves a great deal of money and countless victims. Criminals do this by stealing identities and credit card numbers, encrypting user data (and offering to restore it for a fee), and employing many other methods. TrendMicro Research

Russia’s GRU Hackers Hit US Government and Energy Targets … A previously unreported Fancy Bear campaign persisted for well over a year—and indicates that the notorious group has broadened its focus: RUSSIA’S GRU MILITARY intelligence agency has carried out many of the most aggressive acts of hacking in history: destructive worms, blackouts, and—closest to home for Americans—a broad hacking-and-leaking operation designed to influence the outcome of the 2016 US presidential election. Now it appears the GRU has been hitting US networks again, in a series of previously unreported intrusions that targeted organizations ranging from government agencies to critical infrastructure. Wired, July 24, 2020

Cyber Talent

Thinking of a Cybersecurity Career? Read This: Thousands of people graduate from colleges and universities each year with cybersecurity or computer science degrees only to find employers are less than thrilled about their hands-on, foundational skills. Here’s a look at a recent survey that identified some of the bigger skills gaps, and some thoughts about how those seeking a career in these fields can better stand out from the crowd. KrebsOnSecurity, July 24, 2020

Cyber Freedom

Anatomy of an Election ‘Meltdown’ in Georgia: Last month, Daryl Marvin got his first taste of voting in Georgia. The New York Times, July 25, 2020

The Twitter Hacks Have to Stop: Twitter was hacked this week. Not a few people’s Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in credentials of one of Twitter’s system administrators. Those are the people trusted to ensure that Twitter functions smoothly. Schneier on Security, July 18, 2020

Cyber Warning

FBI issues warning to the trucking industry about Electronic Logging Devices (ELDs): This week, the Federal Bureau of Investigation (FBI) issued a warning to the trucking industry about the vulnerability of Electronic Logging Devices (ELDs) to threats from hackers. CDL, July 23, 2020

Cyber Law

EU Court Invalidates Privacy Shield – What’s Next for Data Transfers and International Trade?: One of the keys to the European’s Union data protection regime has been the prohibition against transferring personal data from EU countries to jurisdictions that do not have regimes that, in the determination of the EU, provide adequate protection to consumers. Beginning in 2000 the U.S. – EU Safe Harbor Framework allowed U.S. companies to certify their compliance with EU data protection requirements, and facilitated the transfer of data between the EU and the U.S. On October 6, 2015, the Court of Justice of the European Union, the European Union’s highest court, overturned the Safe Harbor Framework. In response, the EU and the U.S., primarily through the Department of Commerce, developed International Safe Harbor Privacy Principles, commonly called the “Privacy Shield,” and a more robust framework was adopted, allowing substantially the benefits of the Safe Harbor. Robert Braun, JMBM Cybersecurity Lawyer Forum, July 17, 2020. Bob is a member of the SecureTheVillage Leadership Council.

Critical Infrastructure

NSA, CISA issue joint warning that hackers are increasingly targeting OT and critical infrastructure: Remote Access by Decentralized Workforce Creates Risks. BankInfoSecurity, July 24, 2020

Cyber Miscellany

This sculpture at CIA headquarters holds one of the world’s most famous unsolved mysteries: (CNN)In the middle of CIA headquarters, there sits a sculpture that contains a secret code that has stumped top cryptologists for decades. CNN, July 25, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge