Posts

Showing posts from July, 2019

KnowBe4 - Scam Of The Week: Equifax Settlement Phishing

Image
Well, that did not take long! The Equifax Data Breach resulted in a settlement and those affected have a choice between free credit monitoring or a $125 payment. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/scam-of-the-week-equifax-settlement-phishing

KnowBe4 - Buyers of Facebook’s Libra Cryptocurrency are the Latest Target in Phishing Scams

Image
Scammers are impersonating Facebook to trick potential buyers of Facebook’s new cryptocurrency into parting with their money. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/buyers-of-facebooks-libra-cryptocurrency-are-the-latest-target-in-phishing-scams

US-CERT - CIS Releases Newsletter on Cleaning Up Data and Devices

Original release date: July 31, 2019 The Center for Internet Security (CIS) July Newsletter reminds users to properly dispose of old or unused data and devices. Without careful management of online accounts, cloud storage, physical storage, and electronic devices, users could inadvertently disclose sensitive information that can be exploited by cyber criminals. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), a Cybersecurity and Infrastructure Security Agency (CISA) partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities. CISA encourages users and administrators to review the CIS Newsletter on Cleaning Out Your Old Data and Devices and the CISA Tip on Proper Disposal of Electronic Devices for more information. This product is provided subject to this Notification and this Privacy & Use policy. from CISA All NCAS Products https://www.us-cert.gov/nc

KnowBe4 - Russian Phishing: Swiss-based Email Provider ProtonMail Hit By Cyber Attack

Image
Reporters investigating Russian military intelligence have been targeted by highly sophisticated cyber attacks through their encrypted email accounts, with evidence suggesting Moscow was responsible, the email service provider ProtonMail and journalists said on Saturday. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/russian-espionage-swiss-based-email-provider-protonmail-hit-by-cyberattack

KnowBe4 - CEO Fraud Phishing Scams Versus The U.K. Solicitors

Image
The UK’s Solicitors Regulation Authority (SRA) has warned of another email scam that impersonated a real law firm in order to hijack a real estate transaction, according to Martin Parrin at Today’s Conveyancer. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/ceo-fraud-phishing-scams-versus-the-u.k.-solicitors

Schneier - Another Attack Against Driverless Cars

In this piece of research, attackers successfully attack a driverless car system -- Renault Captur's "Level 0" autopilot (Level 0 systems advise human drivers but do not directly operate cars) -- by following them with drones that project images of fake road signs in 100ms bursts. The time is too short for human perception, but long enough to fool the autopilot's sensors. Boing Boing post . from Schneier on Security https://www.schneier.com/blog/archives/2019/07/another_attack_.html

KnowBe4 - 5 Things You Need to Know About Facebook’s $5 Billion Fine

Image
By Lecio De Paula, KnowBe4's Director of Data Privacy. On July 24, 2019, it was announced that Facebook, Inc. will pay a 5 billion dollar penalty to the U.S. Federal Trade Commission (FTC) and will be required to revamp their whole privacy and security program. Previously, the largest fine ever imposed by the FTC was $275 million for a privacy enforcement action. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/5-things-you-need-to-know-about-facebooks-5-billion-fine

US-CERT - CISA Releases Advisory on Wind River VxWorks Platform

Original release date: July 30, 2019 The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following products, apply the recommended mitigations, and refer to vendors for appropriate patches, when available. ICS Advisory ICSA-19-211-01 Canadian Centre for Cyber Security Alert AL19-015 Wind River Security Bulletin TCP/IP Network Stack This product is provided subject to this Notification and this Privacy & Use policy. from CISA All NCAS Products https://www.us-cert.gov/ncas/current-activity/2019/07/30/cisa-releases-advisory-wind-river-vxworks-platform

SANS - Issue #59 - Volume XXI - SANS Newsbites - July 30th, 2019

from SANS Institute | Newsletters - Newsbites - RSS https://www.sans.org/newsletters/newsbites/xxi/59

US-CERT - Steps to Safeguard Against Ransomware Attacks

Original release date: July 30, 2019 The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) have released a Joint Ransomware Statement with recommendations for state and local governments to build resilience against ransomware : Back up systems—now (and daily). Immediately and regularly back up all critical agency and system configuration information on a separate device and store the backups offline, verifying their integrity and restoration process. If recovering after an attack, restore a stronger system than the one lost, fully patched and updated to the latest version. Reinforce basic cybersecurity awareness and education. Ransomware attacks often require the human element to succeed. Refresh employee training on recognizing cyber threats, phishing, and suspicious links—the most common vectors

Krebs - Capital One Data Theft Impacts 106M People

Image
Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp . Incredibly, much of this breached played out publicly over several months on social media and other open online platforms. What follows is a closer look at the accused, and what this incident may mean for consumers and businesses. Paige “erratic” Thompson, in an undated photo posted to her Slack channel. On July 29, FBI agents arrested Paige A. Thompson  on suspicion of downloading nearly 30 GB of Capital One credit application data from a rented cloud data server. Capital One said the incident affected approximately 100 million people in the United States and six million in Canada. That data included approximately 140,000 Social Security numbers and approximately 80,000 bank account numbers on U.S. consumers, and roughly 1 million Social Insurance Numbers (SINs) for Canadian credit card customers. “Importantly, no credit c

KnowBe4 - CyberheistNews Vol 9 #31 Louisiana Declares Cybersecurity State of Emergency

Image
from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-9-31-louisiana-declares-cybersecurity-state-of-emergency

KnowBe4 - You Don't Want *THAT* In Your Wallet

Image
Capital One has announced a data breach that has exposed the personal information of 106 million people that includes transaction data, credit scores, payment history, balances, and for some, linked bank accounts and social security numbers. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/you-dont-want-that-in-your-wallet

Schneier - ACLU on the GCHQ Backdoor Proposal

Back in January, two senior GCHQ officials proposed a specific backdoor for communications systems. It was universally derided as unworkable -- by me , as well. Now Jon Callas of the ACLU explains why . from Schneier on Security https://www.schneier.com/blog/archives/2019/07/aclu_on_the_gch.html

KnowBe4 - 15-year old MyDoom Remains a Common Phish Hook

Image
The destructive email worm MyDoom is still very active more than fifteen years after it was first spotted, according to ZDNet. Researchers at Palo Alto Networks’ Unit 42 observed 663,000 emails carrying MyDoom last year, making up one percent of all malware-laden emails. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/15-year-old-mydoom-remains-a-common-phish-hook

KnowBe4 - New Ransomware Strain Spreads Via SMS

Image
A new Android ransomware strain was discovered by ESET researchers. It uses the victim's contact list to spread further using SMS messages that have malicious links. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/new-ransomware-strain-spreads-via-sms

Krebs - No Jail Time for “WannaCry Hero”

Image
Marcus Hutchins , the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday. Marcus Hutchins, just after he was revealed as the security expert who stopped the WannaCry worm. Image: twitter.com/malwaretechblog The British security enthusiast enjoyed instant fame after the U.K. media revealed he’d registered and sinkholed  a domain name that researchers later understood served as a hidden “kill switch” inside WannaCry , a fast-spreading, highly destructive strain of ransomware which propagated through a Microsoft Windows exploit  developed by and subsequently stolen from the U.S. National Security Agency. In August 2017, FBI agents arrested then 23-year-old Hutchins on suspicion of authoring and spreading the “ Kronos ” banking trojan and a related malwa

US-CERT - Vulnerability Summary for the Week of July 22, 2019

Original release date: July 29, 2019   The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD . In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.    High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info chinamobileltd -- gpn2.4p21-c-cn_firmware ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only authenticaed users. The attack vector is: Remote. 2019-07-19 7.8 CVE-2019-1010136 EXPLOIT-DB MISC foxitsoftware -- phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.10. The applicat