Cyber Security News for 21Apr2020

/ cyber security, cybersecurity, Privacy, Security / By
  1. “The Mootbot botnet has been using a pair of zero-day exploits to compromise multiple types of fiber routers. According to researchers, other botnets have attempted to do the same, but have so far failed.” https://threatpost.com/mootbot-fiber-routers-zero-days/154962/
  2. “The Orleans Parish Assessor’s Office, a City of New Orleans government agency responsible for property assessments and taxes, last week discovered that cybercriminals used ransomware to breach its server.  It is unclear what type of ransomware was used during the attack and how much damage it caused, or if the incident is related to the New Orleans cyberattack that was identified in 2019. No personal or confidential Orleans Parish Assessor’s Office information was stolen during the ransomware attack, office officials indicated. In addition, the Orleans Parish Assessor’s Office is working with the FBI to investigate the incident.” https://www.msspalert.com/cybersecurity-breaches-and-attacks/ransomware/attacks-new-orleans-government-agency/
  3. “While your network at home or at work may be secure, you should assume that any network you connect to when traveling cannot be trusted. You never know who else is on it and what they may be doing.” https://www.sans.org/security-awareness-training/ouch-newsletter/2017/staying-secure-road
  4. “Building an effective and resilient organization on a budget isn’t a small task. When it comes to cybersecurity budgets, there are many different aspects that need to be considered. Thankfully, alignment with industry best practice and recognized security frameworks adds a small amount of clarity to this challenge.” https://www.tripwire.com/state-of-security/featured/building-effective-cybersecurity-budgets/
  5. “While all businesses continue to adjust to the remote work environment, it’s business as usual for cybercriminals. Although there are reports of phishing schemes tied to the COVID-19 pandemic, we are not really seeing different types of incidents or new tactics from the threat actors. Incident volume has increased slightly, but we are not seeing the surge that many expected as governments around the world instituted stay-at-home orders.” https://www.dataprivacymonitor.com/cybersecurity/threat-actors-are-finding-new-ways-to-commoditize-data/
  6. “In these uncertain times, our most important focus is on health and safety. Like so many of you, most of us at NIST are working remotely. But we are still working hard to support our cybersecurity mission. While NIST had to cancel the Advancing Cybersecurity Risk Management Conference scheduled for May 2020, we look forward to continuing our cybersecurity efforts through virtual meetings and discussions with you. We continue our international work and welcome your feedback on how we can strengthen our engagement in different and creative ways. After all, our international connections are more important than ever.” https://www.nist.gov/blogs/cybersecurity-insights/continuing-strengthen-international-connections-cybersecurity-framework
  7. “Sophos security researcher Paul Duckling wrote in a blog post that the fix in Chrome version 81.0.4044.113 patches a vulnerability that lets attackers avoid Chrome’s usual security checks (via Tom’s Guide). It also bypasses what Duckling calls “are you sure” dialog boxes — those pop-ups that appear when you might be approving something you shouldn’t. ” https://www.blackhatethicalhacking.com/news/google-chrome-issues-critical-security-warning-for-2-billion-users-heres-the-fix/
  8. “Romanian antivirus company BitDefender noted a surge in attempted phishing attacks that try to trick users into downloading malware by masquerading as Enppi, an oil company owned by the Egyptian government. The malware, known as Agent Tesla, is a spyware tool which enables hackers to monitor keystrokes, steal data about file downloads and collect username and password credentials from internet browsers, among other capabilities.” https://www.cyberscoop.com/agent-tesla-oil-company-opec-phishing/
  9. “The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refused to address the issues. The IBM Data Risk Manager is an enterprise security product that aggregates feeds from vulnerability scanning tools and other risk management tools allowing to analyzed security events and data-related business risks.” https://securityaffairs.co/wordpress/101982/hacking/ibm-data-risk-manager-zero-day.html
  10. “Microsoft has released a Windows 10 update that fixes multiple bugs in Windows 10, version 1909 and Windows 10, version 1903, including issue causing Windows Update to stop responding and the lock screen to stop appearing.” https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4550945-update-released-with-windows-update-fixes/
  11. “Hats off to the UK’s National Cyber Security Centre, or NCSC for short. They’ve just announced a simple-to-follow set of instructions on what you can do with the apparently ever-growing number of scammy, spammy and phishy emails that coronavirus stay-home rules seem to have unleashed on us.” https://nakedsecurity.sophos.com/2020/04/21/at-last-a-use-for-all-those-phishing-emails-youve-been-getting/
  12. “The OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. This is the first issue addressed in OpenSSL in 2020. The CVE-2020-1967 vulnerability has been described as a “segmentation fault” in the SSL_check_chain function.” https://securityaffairs.co/wordpress/101997/security/openssl-cve-2020-1967-dos-issue.html
  13. “The U.S. Federal Bureau of Investigation (FBI) today warned of ongoing phishing campaigns targeting US healthcare providers using COVID-19 themed lures to distribute malicious attachments.” https://www.bleepingcomputer.com/news/security/fbi-warns-of-covid-19-phishing-targeting-us-health-providers/
  14. “Four zero-day vulnerabilities found in an IBM enterprise security software were disclosed today by a security researcher after IBM refused to fix them and to accept the vulnerability report sent via CERT/CC.” https://www.bleepingcomputer.com/news/security/researcher-discloses-four-ibm-zero-days-after-refusal-to-fix/
  15. “The City of Torrance of the Los Angeles metropolitan area, California, has allegedly been attacked by the DoppelPaymer Ransomware, having unencrypted data stolen and devices encrypted. The attackers are demanding a 100 bitcoin ($689,147) ransom for a decryptor, to take down files that have been publicly leaked, and to not release more stolen files.” https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-hits-los-angeles-county-city-leaks-files/
  16. “During our research into COVID-19 threats, FortiGuard Labs has run into a number of unique types of spearphishing lures. For example, one of these targets companies that engage with biomedical firms, and as a result, they may be at risk of losing financial resources, data, or intellectual property. Within the last couple of days, for example, our spam traps noticed the following email sent out into the wild.” https://www.fortinet.com/blog/threat-research/deconstructing-an-evasive-formbook-campaign-leveraging-covid-19-themes.html
  17. “The NFL draft is slated to start Thursday, and thanks to the COVID-19 pandemic, it will be the first virtual version of the event ever presented. This raises a few cybersecurity concerns, according to researchers and the teams themselves — but the NFL is planning on knocking the security ball straight through the uprights.” https://threatpost.com/nfl-tackles-cybersecurity-2020-draft-day/155004/

#security #cybersecurity #itsecurity #privacy #mootboot #botnet #zeroday #ransomware #nist #fbi #spearphishing #openssl #ncsc #ibm #doppelpaymer #ssl