IT Security Newsletter - 12/13/2019
Waco water bill attack just the latest in a wave of Click2Gov breaches
The City of Waco has warned residents that their online payments for water services may have been intercepted by hackers who stole credit card details. The heart of the problem lies in the third-party online payment software that Waco and several other cities and municipalities use to let residents pay their bills, pay parking fines, as well as make other financial transactions.
VISA Warns of Ongoing Cyber Attacks on Gas Pump PoS Systems
The point-of-sale (POS) systems of North American fuel dispenser merchants are under an increased and ongoing threat of being targeted by an attack coordinated by cybercrime groups according to a security alert published by VISA. Three attacks that targeted organizations in this type of attack with the end goal of scraping payment card data were observed during the summer of 2019, according to the Visa Payment Fraud Disruption (PFD).
Maze Ransomware Demands $6 Million Ransom From Southwire
Maze Ransomware operators claim responsibility for another cyber attack, this time against leading wire and cable manufacturer Southwire Company, LLC (Southwire) from Carrollton, Georgia. Southwire is one of North America's leading wire and cable makers, "building wire and cable, utility products, metal-clad cable, portable and electronic cord products, OEM wire products and engineered products" per a press release published in January 2019.
Threat spotlight: The curious case of Ryuk ransomware
Ryuk. A name once unique to a fictional character in a popular Japanese comic book and cartoon series is now a name that appears in several rosters of the nastiest ransomware to ever grace the wild web. Unless the threat actors behind its campaigns call it quits, too—Remember GandCrab?—or law enforcement collars them for good, we can only expect the threat of Ryuk to loom large over organizations.
As malware and network attacks increase in 2019, zero day malware accounts for 50% of detections
Amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared for the first time on WatchGuard’s list of most popular network attacks in Q3 2019. The report also highlights a major rise in zero day malware detections and, increasing use of Microsoft Office exploits and legitimate penetration testing tools.
Hackers Can Exploit Siemens Control System Flaws in Attacks on Power Plants
The Siemens SPPA-T3000 distributed control system, which is designed for fossil and renewable power plants, is affected by over 50 vulnerabilities, including flaws that can be exploited to disrupt electricity generation. According to Siemens, the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server is impacted by 35 security holes, including weaknesses rated critical that can be exploited for denial-of-service (DoS) attacks or arbitrary code execution on the server.
Will quantum computing overwhelm existing security tech in the near future?
More than half (54%) of cybersecurity professionals have expressed concerns that quantum computing will outpace the development of other security tech, according to a research from Neustar. Keeping a watchful eye on developments, 74% of organizations admitted to paying close attention to the technology’s evolution, with 21% already experimenting with their own quantum computing strategies.