IT Security Newsletter

IT Security Newsletter - 09/24/2020

Written by Cadre | Thu, Sep 24, 2020

IG finds data security practices lacking at Customs and Border Protection before big hack

The U.S. Customs and Border Protection agency failed to enforce basic security practices at a contractor that was hacked last year, exposing some 100,000 individual photos of travelers, a new inspector general report has found. Some of the hacked images ended up on the dark web, but the entire episode "may damage the public's trust in the government's ability to safeguard biometric data," the Department of Homeland Security's inspector general concluded in a report released Wednesday. READ MORE...

U.S. fitness chains suffer data breach affecting 600K customers

New York fitness chain Town Sports has suffered a data breach after a database containing the personal information of over 600,000 people was exposed on the Internet. Town Sports International is the owner of well-known United States fitness centers and gyms, including New York Sports Clubs, Boston Sports Clubs, Philadelphia Sports Clubs, Washington Sports Clubs, Lucille Roberts, and Total Woman Gym and Spa. Due to the Coronavirus pandemic and closing of gyms to battle the disease's spread, Town Sports International was forced to file for bankruptcy. READ MORE...

Phishers are targeting employees with fake GDPR compliance reminders

Phishers are using a bogus GDPR compliance reminder to trick recipients - employees of businesses across several industry verticals - into handing over their email login credentials. "The attacker lures targets under the pretense that their email security is not GDPR compliant and requires immediate action. For many who are not versed in GDPR regulations, this phish could be merely taken as more red tape to contend with rather than being identified as a malicious message," Area 1 Security researchers noted. READ MORE...

Making the Case for Medical Device Cybersecurity

Despite the increasing use of Internet-connected medical devices, professionals from both sides of the equation -- medicine and technology-- are still in the process of fully understanding the strong overlap between the two industries. Current views in both fields still largely hold medical device manufacturers responsible for secure programming, while the responsibility of securing the clinic or hospital network and protecting health information on systems belong to healthcare administration. READ MORE...

India's Cybercrime and APT Operations on the Rise

Growing geopolitical tensions with China in particular are fueling an increase in cyberattacks between the two nations, according to IntSights. A combination of economic, political, and social factors is driving an increase in cyber threat activity out of India. Much of the activity involves scams, online extortion schemes, hacktivist campaigns, and the sale of narcotics and other illicit goods online. But also operating out of the country is a handful of relatively sophisticated advanced persistent threat actors and hacker-for-hire groups. READ MORE...

NIST guide to help orgs recover from ransomware, other data integrity attacks

The National Institute of Standards and Technology (NIST) has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., destructive malware and ransomware attacks, malicious insider activity or simply mistakes by employees that have resulted in the modification or destruction of company data (emails, employee records, financial records, and customer data). Ransomware is currently one of the most disruptive scourges affecting enterprises. READ MORE...

Hackers sell access to your network via remote management apps

Remote monitoring and management (RMM) software is starting to get attention from hackers as these types of tools provide access to multiple machines across the network. At least one network access broker has been advertising access to networks of organizations in various regions of the world that use the ManageEngine Desktop Central from Zoho to manage their Windows, Linux, and Mac systems. Some of the breached companies are attractive targets for ransomware operators, who may already have jumped at the opportunity. READ MORE...

Credential stuffing is just the tip of the iceberg

Credential stuffing attacks are taking up a lot of the oxygen in cybersecurity rooms these days. A steady blitz of large-scale cybersecurity breaches in recent years have flooded the dark web with passwords and other credentials that are used in subsequent attacks such as those on Reddit and State Farm, as well as widespread efforts to exploit the remote work and online get-togethers resulting from the COVID-19 pandemic. But while enterprises are rightly worried about weathering a hurricane of credential-stuffing attacks. READ MORE...

Instagram bug allowed crashing the app via image sent to device

Technical details about a high-severity vulnerability in Facebook's Instagram app for Android and iOS show how an attacker could exploit it to deny user access to the app, take full control of their account, or use their mobile device to spy on them. To trigger the bug, an attacker had only to send the target a specially crafted image via a common messaging platform or over email. The issue was in the way Instagram parsed images, so as long as the app could access it to show it as options for a post. READ MORE...

AgeLocker ransomware targets QNAP NAS devices, steals data

QNAP NAS devices are being targeted in attacks by the AgeLocker ransomware, which encrypts the device's data, and in some cases, steal files from the victim. AgeLocker is ransomware that utilizes an encryption algorithm called Age (Actually Good Encryption) designed to replace GPG for encrypting files, backups, and streams. In July 2020, we reported about a new ransomware called AgeLocker that was utilizing this algorithm to encrypt victims' files. READ MORE...

California bans new internal combustion engines, starting in 2035

On Wednesday, California Governor Gavin Newsom signed an executive order requiring that all new passenger cars and trucks sold in the state from 2035 be zero-emissions vehicles. Additionally, all drayage trucks-the ones that move containers around at places like the Port of Los Angeles-must also go emissions free by this date, as well as off-road vehicles and equipment. Medium- and heavy-duty vehicles get an extra decade to comply, but by 2045 these too must ditch internal combustion engines. READ MORE...

  • ...in 1852, Henri Giffard made the first ever powered and controlled flight in his hydrogen-filled dirigible, travelling 27 km from Paris to Elancourt.
  • ...in 1893, blues singer Lemon Henry Jefferson, AKA "Blind Lemon" Jefferson, is born in Coutchman, TX.
  • ...in 1948, comedian and actor Phil Hartman ("Saturday Night Live", "The Simpsons") is born in Brantford, Ontario.
  • ...in 1968, TV newsmagazine "60 Minutes" debuts on CBS.