Posts

Showing posts from February, 2022

Threat Post - Toyota to Close Japan Plants After Suspected Cyberattack

The plants will shut down on Tuesday, halting about a third of the company’s global production. Toyota doesn’t know how long the 14 plants will be unplugged. from Threatpost https://threatpost.com/toyota-to-close-japan-plants-after-suspected-cyberattack/178686/

KnowBe4 - Wartime Suffering as Phishbait

Image
It’s easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only gives them another pretext to dangle in front of the unwary. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/wartime-suffering-as-phishbait

Dark Reading - How to Boost Shift-Left Security in the SDLC

Organizations will see big wins from applying security controls early in the development life cycle. from Dark Reading https://www.darkreading.com/application-security/how-to-boost-shift-left-security-in-the-sdlc

Schneier - Insurance Coverage for NotPetya Losses

Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Merck’s insurance policy, and that the insurers must pay the $1B+ claim. Wheeler and Wolff argue that the judge “did the right thing for the wrong reasons..” from Schneier on Security https://www.schneier.com/blog/archives/2022/02/insurance-coverage-for-notpetya-losses.html

KnowBe4 - [EYES OPEN] The Kremlin Propaganda Machine Now Works Overtime. INFOGRAPHIC

Image
With an ongoing land war in Ukraine, everyone needs to be alert for the Kremlin's parallel disinformation campaigns. Many people simply are not aware of the massive amount of false data that is being spread by an extensive, Russia-controlled network of media outlets, websites and social media accounts. The Russian government is spreading disinformation to at least 4 different audiences :  from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/eyes-open-the-kremlin-propaganda-machine-now-works-overtime.-infographic

Dark Reading - Ukrainian Troops Targeted in Phishing Attacks by Suspected Belarusian APT

Ukraine's Computer Emergency Response Team calls out UNIC1151 nation-state hacking group out of Belarus as behind the attacks. from Dark Reading https://www.darkreading.com/endpoint/ukrainian-troops-targeted-in-phishing-attacks-by-suspected-belarusian-apt

Threat Post - 6 Cyber-Defense Steps to Take Now to Protect Your Company

Ransomware is getting worse, but Daniel Spicer, chief security officer at Ivanti, offers a checklist for choosing defense solutions to meet the challenge. from Threatpost https://threatpost.com/latest-insights-ransomware-threats/178391/

Dark Reading - Top 5 Interview Questions to Ask DevOps Candidates in 2022

It's worthwhile to find candidates who have experience with models that embed security into their processes. from Dark Reading https://www.darkreading.com/edge-articles/top-5-interview-questions-to-ask-devops-candidates-in-2022

Dark Reading - The Future of Cyber Insurance

Having cyber insurance is a good idea if the costs make sense — it could be the difference between going out of business and staying afloat. But it shouldn't be your first course of action. from Dark Reading https://www.darkreading.com/risk/the-future-of-cyber-insurance

Dark Reading - Putting the X Factor in XDR

While extended detection and response (XDR) is effectively considered an upgrade from endpoint detection and response, enterprises must still begin with a strong EDR foundation. from Dark Reading https://www.darkreading.com/crowdstrike/putting-the-x-factor-in-xdr

Schneier - Privacy Violating COVID Tests

A good lesson in reading the fine print : Cignpost Diagnostics, which trades as ExpressTest and offers £35 tests for holidaymakers, said it holds the right to analyse samples from seals to “learn more about human health” — and sell information on to third parties. Individuals are required to give informed consent for their sensitive medical data to be used ­ but customers’ consent for their DNA to be sold now as buried in Cignpost’s online documents. Of course, no one ever reads the fine print. from Schneier on Security https://www.schneier.com/blog/archives/2022/02/privacy-violating-covid-tests.html

KnowBe4 - [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

Image
The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya , which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.   from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/heads-up-the-ukraine-war-started-a-new-wiper-malware-spillover-risk

Schneier - An Elaborate Employment Con in the Internet Age

The story is an old one, but the tech gives it a bunch of new twists : Gemma Brett, a 27-year-old designer from west London, had only been working at Madbird for two weeks when she spotted something strange. Curious about what her commute would be like when the pandemic was over, she searched for the company’s office address. The result looked nothing like the videos on Madbird’s website of a sleek workspace buzzing with creative-types. Instead, Google Street View showed an upmarket block of flats in London’s Kensington. […] Using online reverse image searches they dug deeper. They found that almost all the work Madbird claimed as its own had been stolen from elsewhere on the internet — and that some of the colleagues they’d been messaging online didn’t exist. […] At least six of the most senior employees profiled by Madbird were fake. Their identities stitched together using photos stolen from random corners of the internet and made-up names. They included Madbird’s co-founder, ...

Threat Post - Creaky Old WannaCry, GandCrab Top the Ransomware Scene

Nothing like zombie campaigns: WannaCry's old as dirt, and GandCrab threw in the towel years ago. They're on auto-pilot at this point, researchers say. from Threatpost https://threatpost.com/wannacry-gandcrab-top-ransomware-scene/178589/

Dark Reading - Why Passwordless Is at an Impasse

Many widely used business applications aren't built to support passwordless login because identity and authentication remain siloed. from Dark Reading https://www.darkreading.com/operations/why-passwordless-is-at-an-impasse

Dark Reading - Ransomware Trained on Manufacturing Firms Led Cyberattacks in Industrial Sector

Meanwhile, a few "alarming" infiltrations of OT networks by previously unknown threat groups occurred last year as well. from Dark Reading https://www.darkreading.com/attacks-breaches/ransomware-trained-on-manufacturing-firms-led-cyberattacks-in-industrial-sector

Schneier - Bypassing Apple’s AirTag Security

A Berlin-based company has developed an AirTag clone that bypasses Apple’s anti-stalker security systems. Source code for these AirTag clones is available online. So now we have several problems with the system. Apple’s anti-stalker security only works with iPhones. (Apple wrote an Android app that can detect AirTags, but how many people are going to download it?) And now non-AirTags can piggyback on Apple’s system without triggering the alarms. Apple didn’t think this through nearly as well as it claims to have. I think the general problem is one that I have written about before : designers just don’t have intimate threats in mind when building these systems. from Schneier on Security https://www.schneier.com/blog/archives/2022/02/bypassing-apples-airtag-security.html

Schneier - A New Cybersecurity “Social Contract”

The US National Cyber Director Chris Inglis wrote an essay outlining a new social contract for the cyber age: The United States needs a new social contract for the digital age — one that meaningfully alters the relationship between public and private sectors and proposes a new set of obligations for each. Such a shift is momentous but not without precedent. From the Pure Food and Drug Act of 1906 to the Clean Air Act of 1963 and the public-private revolution in airline safety in the 1990s, the United States has made important adjustments following profound changes in the economy and technology. A similarly innovative shift in the cyber-realm will likely require an intense process of development and iteration. Still, its contours are already clear: the private sector must prioritize long-term investments in a digital ecosystem that equitably distributes the burden of cyberdefense. Government, in turn, must provide more timely and comprehensive threat information while simultaneously...

KnowBe4 - CyberheistNews Vol 12 #08 [Eye Opener] Here Are the 4 Traits of Most Scams

Image
  CyberheistNews Vol 12 #08  |   Feb. 22nd., 2022 [Eye Opener] Here Are the 4 Traits of Most Scams Written by Roger Grimes There are a lot of scams in the world, and they seem to be proliferating at an exponential rate. My Facebook friends' accounts are compromised all the time and I get sent scam requests for easy money. I get at least one scam message via SMS every day. My email inbox is full of phishing scams. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-12-08-eye-opener-here-are-the-4-traits-of-most-scams

KnowBe4 - New Phishing Campaign Angles for Monzo Banking Customers

Image
A phishing campaign is targeting users of the UK-based digital banking company Monzo, BleepingComputer reports. Security researcher William Thomas came across an SMS phishing (smishing) campaign that’s sending text messages that purport to come from Monzo. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/new-phishing-campaign-angles-for-monzo-banking-customers

KnowBe4 - 20 Year-Old “Right-to-Left Override” Functionality Used in Attacks to Trick Microsoft 365 Users Out of Credentials

Image
Used to disguise malicious file extensions, this legacy functionality is being repurposed in attacks to obfuscate attachment types and steal credentials in an impressive way. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/20-year-old-right-to-left-override-functionality-used-in-attacks-to-trick-microsoft-365-users-out-of-credentials

KnowBe4 - New QBot Attack Only Takes 30 Minutes to Elevate Privileges and Steal Data

Image
This banking trojan-turned-information-stealer has been around for nearly 15 years. But its latest iteration – seen even in the past few weeks – has stepped up in its’ ability to act quickly. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/new-qbot-attack-only-takes-30-minutes-to-elevate-privileges-and-steal-data

Threat Post - NFT Investors Lose $1.7M in OpenSea Phishing Attack

Attackers took advantage of a smart-contract migration to swindle 17 users. from Threatpost https://threatpost.com/nft-investors-lose-1-7m-in-opensea-phishing-attack/178558/

KnowBe4 - Phishing Campaign Targets NFT Speculators

Image
Scams follow fashion because money follows fashion. So it’s no surprise that non-fungible tokens (NFTs), which have become a hot speculative property, have drawn scam artists for phishing campaigns. They’re not so much interested in the NFTs themselves as they are in the speculators’ cash. OceanSea, a leading NFT marketplace, has responded to panicky tweets from users to reassure them that it’s on top of rumors of “an exploit” connected to the smart contracts traders use. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/phishing-campaign-targets-nft-speculators

SBS CyberSecurity - In The Wild 263

Image
     In The Wild - CyberSecurity Newsletter Welcome to the 263 rd       issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!            Kerberoasting – The Potential Dangers of SPN Accounts SBS Educational Resources SBS CyberSecurity’s networ...