A Review of the Best News of the Week on Cybersecurity Management & Strategy
New SHA-1 Attack (Schneier on Security, Jan 08 2020)
“There’s a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack. We managed to significantly reduce the complexity of collisions attack against SHA-1”
Hackers claiming to be from Iran deface U.S. gov’t website (SC Magazine, Jan 06 2020)
The hackers defaced the Federal Depository Library Program, fdlp.gov, website with a picture of bleeding Trump as he’s being punched in the face
The Hidden Cost of Ransomware: Wholesale Password Theft (Krebs on Security, Jan 06 2020)
“Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.”
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~12,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
New Standards Set to Reshape Future of Email Security (Dark Reading, Jan 07 2020)
Emerging specs and protocols expected to make the simple act of opening an email a less risky proposition
Tricky Phish Angles for Persistence, Not Passwords (Krebs on Security, Jan 07 2020)
“Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim’s email, files and contacts — even after the victim has changed their password.”
Lawsuit Filed Against LifeLabs Over Data Breach (Infosecurity Magazine, Jan 06 2020)
A class-action lawsuit has been filed against LifeLabs following a data breach
City of Las Vegas said it successfully avoided devastating cyber-attack (ZDNet, Jan 10 2020)
Security breach took place on January 7, but the city said it detected the intrusion in time to prevent any damage.
Chicago Healthcare Provider Reports Data Breach (Infosecurity Magazine, Jan 02 2020)
Data of nearly 13,000 people possibly exposed in Sinai Health System breach
Breach of email accounts impacts 50,000 patients of Minnesota hospital (SC Magazine, Jan 07 2020)
Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November.
New Iranian data wiper malware hits Bapco, Bahrain’s national oil company (ZDNet, Jan 10 2020)
Saudi Arabia’s cyber-security agency spots new Dustman data-wiping malware.
How Cybersecurity’s Metrics of Misery Fail to Describe Cybercrime Pain (Dark Reading, Jan 02 2020)
Dollars lost and data records exposed are valuable measurements, but the true pain of a cybersecurity incident goes far beyond that. We asked infosec pros how they put words to the pain they feel when their defenses fall apart.
Continental Drift: Is Digital Sovereignty Splitting Global Data Centers? (Dark Reading, Jan 03 2020)
The recent proposal by Germany, backed by France, to fuse the infrastructures of Europe’s cloud providers could challenge every data center storing a European’s data.
DHS finds no tampering of Durham County election devices (SC Magazine, Jan 02 2020)
The Department of Homeland Security’s CISA Hunt and Incident Response Team (HIRT) found no direct malicious activity affecting the ePollbook laptops used in certain Durham County, N.C., precincts during the 2016 election.
It’s Time for the C Suite and Boards to Truly Engage in Third-Party Cyber Risk Management (SecurityWeek, Jan 02 2020)
global consulting firm Protiviti recently found a high correlation between board involvement and highly mature vendor risk management (VRM) systems.
Austria’s Foreign Ministry Hit by Cyber-Attack (Infosecurity Magazine, Jan 06 2020)
State-sponsored threat actor may be responsible for cyber-attack on Austria
Insight Partners Acquires IoT Security Firm Armis at $1.1 Billion Valuation (SecurityWeek, Jan 06 2020)
Venture Capital and private equity investment firm Insight Partners has agreed to acquire IoT security firm Armis in a cash deal valuing the firm at $1.1 billion.
Chinese Cyber-Espionage Group Targeted NGOs for Years (SecurityWeek, Jan 08 2020)
A cyber-espionage group supposedly linked to the Chinese government is targeting non-governmental organizations (NGOs) in South and East Asia, Secureworks has revealed.
15% of Ransomware Victims Paid Ransom in 2019, Quadrupling 2018 (Dark Reading, Jan 09 2020)
Increasing sophistication of ransomware attacks might be forcing victims to open their wallets.
Accenture to Acquire Symantec’s Cyber Security Services Business (Infosecurity Magazine, Jan 09 2020)
Symantec’s cybersecurity arm to be acquired by Accenture Security