IT Security Newsletter - 09/14/2020
US staffing firm Artech discloses ransomware attack, data breach
Artech Information Systems, one of the largest US IT staffing companies, has disclosed a data breach caused by a ransomware attack that affected some of its systems during early January 2020. Artech is a privately-held firm with an estimated $810 million annual revenue run rate for 2019 and more than 10,500 employees and consultants across the 40 US states, Canada, India, and China. The company provides staffing and workforce solutions, program management, and government services, and its customer list. READ MORE...
Fairfax County schools hit by Maze ransomware, student data leaked
Fairfax County Public Schools (FCPS), the 10th largest school division in the US, was recently hit by ransomware according to an official statement published on Friday evening. The school district is also the largest in the Baltimore-Washington Metropolitan Area and it has a budget of $3.1 billion approved for 2021. FCPS has over 188,000 current students and approximately 25,000 full-time employees working in 198 schools and centers within the U.S. commonwealth of Virginia. READ MORE...
Development Bank of Seychelles hit by ransomware attack
The Development Bank of Seychelles (DBS) was hit by ransomware according to a press statement published earlier today by the Central Bank of Seychelles (CBS). DBS was founded in 1977 as a joint venture by the Seychelles government and several other shareholders including the European Investment Bank, Standard Chartered Bank, Barclays Bank, Deutsche Investitions und Entwicklungsgesellschaft (DEG), and Caisse Francaise de Cooperation. Since then, the government and DBS bought the shares of Barclays Bank and DEG. READ MORE...
Interesting Attack on the EMV Smartcard Payment Standard
It's complicated, but it's basically a man-in-the-middle attack that involves two smartphones. The first phone reads the actual smartcard, and then forwards the required information to a second phone. That second phone actually conducts the transaction on the POS terminal. That second phone is able to convince the POS terminal to conduct the transaction without requiring the normally required PIN. The researchers were able to demonstrate that it is possible to exploit the vulnerability in practice. READ MORE...
Ransomware to blame for nearly half the cyber-insurance claims filed in early 2020
Nearly half of the cyber-insurance claims filed in the first half of this year were the result of ransomware attacks, further proof that digital extortion attempts are having a ripple effect throughout the private sector. Ransomware attacks were the cause of 41% of the cyber-insurance claims filed over the first six months of 2020, according to a report published by Coalition, a cyber-insurance vendor that compiled the data based on findings from 25,000 small and medium-sized companies in the U.S. and Canada. READ MORE...
Serious Security: Hacking Windows passwords via your wallpaper
Our cybersecurity antennae always start vibrating when we see warnings about attacks that involve a new type of file. We're sure you have the same sort of reaction. After all, if a file type that you've treated for years as mostly harmless suddenly turns out to be possibly very dangerous, you're faced with a double dilemma: - How long will it take to unlearn an ingrained habit of trusting those files? - How long will the crooks take to start abusing this new-found knowledge? READ MORE...
Vulnerabilities Expose Thousands of MobileIron Servers to Remote Attacks
Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron's mobile device management (MDM) solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers. The vulnerabilities were identified by researchers at security consulting firm DEVCORE and they were reported to MobileIron in early April. Patches were released on June 15 and the vendor released an advisory on July 1. READ MORE...
It's No 'Giggle': Managing Expectations for Vulnerability Disclosure
Vulnerability-disclosure policies (VDPs), if done right, can help provide clarity and clear guidelines to both bug-hunters and vendors when it comes to going public with security flaws. Sometimes vulnerability disclosure goes well - and sometimes it doesn't. Security researchers still face legal action for "hacking" when reporting the bugs they find - as is the case with a flaw recently reported to the Giggle social network. However - while the vendor-researcher relationship is still fraught with pitfalls. READ MORE...
Postal Service left vulnerable IT applications unaddressed for years, inspector general finds
Officials at the U.S. Postal Service let multiple vulnerable applications languish on the agency's IT network for years - flaws that could have been exploited by hackers to steal sensitive data, an inspector general audit has found. The inspector general investigation, distributed to Postal Service leadership in July, faults IT officials at the agency for not keeping a slew of applications up to date. Six of the IT applications were left on the Postal Service network for up to seven years with things like incomplete certification. READ MORE...
Price gouging and defective products rampant on Amazon, reports find
New reports released this week serve as a cautionary tale for consumers who shop at Amazon, by far the largest online retailer in the US. While complaints about Amazon's third-party vendor marketplace are by now commonplace, the new reports find that not only did Amazon itself price-gouge customers during the height of the pandemic, but also that many of its white-label, Amazon-branded products are just as likely to be dangerously defective as third-party goods. READ MORE...
New Google Nest Thermostat hits the FCC, possibly with air gesture controls
A new Google Nest thermostat has hit the FCC. Droid-Life was the first to spot this listing on the government's site. The listing is in confidential mode, so it's sparse on details, but the details we do have are kind of weird. We think it has air gesture controls. First, the RF exposure report lists the device as a "thermostat" and says it has 802.11n Wi-Fi and Bluetooth, which all seems pretty normal. Then, it lists the device with a "60GHz Transmitter," which has not been on a previous Nest Thermostat. READ MORE...
- ...in 1956, the IBM RAMAC 305 was introduced.
- ...in 1959, the Soviet probe Luna 2 crashes onto the Moon, becoming the first man-made object to reach it.
- ...in 1994, Major League Baseball cancels the 1994 season and the World Series.
- ...in 2000, Microsoft introduced the last update to the OS, MS-DOS. (Version 8.0)