Cyber Security News for 29Apr2020

/ Compliance, cyber security, cybersecurity, Privacy, Risk Management, Security / By
  1. “Cyber attackers continue to evolve an email attack called CEO Fraud, or Business Email Compromise (BEC). These are targeted email attacks that trick their victim into taking an action they should not take. In most cases, the bad guys are after money. What makes these attacks so dangerous is cyber attackers research their victims before launching their attack.” https://www.sans.org/security-awareness-training/resources/ceo-fraudbec
  2. “Security begins by securing the accounts owned by Amazon customers. To keep accounts safe from hackers, malware and unauthorized access, having strong account security is a must. Large and complex projects are usually configured to have several different types of accounts: for administrators, content creators, database operators, etc.” https://www.tripwire.com/state-of-security/security-data-protection/cloud/cloud-under-pressure-keeping-aws-projects-secure/
  3. “There’s no doubt about it, attackers want your credentials more than anything, especially administrative credentials. Why burn a zero-day or risk noisy exploits when you can just log in instead? If you were to break into a house, would you rather throw a brick through a window or use a key to the front door?” https://www.tripwire.com/state-of-security/mitre-framework/the-mitre-attck-framework-credential-access/
  4. “Planting a variety of backdoors ensures the success of the campaign – in the event that the vulnerability is patched or the JavaScript injection is removed, the attackers will still be able to access the compromised environment.” https://nakedsecurity.sophos.com/2020/04/29/flaw-in-defunct-wordpress-plugin-exploited-to-create-backdoor/
  5. “On the surface, the interconnectivity offered by the IoT seems to be highly advantageous, and although that might be true to a certain extent, it also offers several entry points for cybercriminals to profit off of naive internet users.” https://hackercombat.com/how-to-spot-an-online-scam/
  6. “The discovery urges Apple into implementing additional security measures to protect these components, following the approach already adopted by Google to protect multimedia processing libraries.” https://securityaffairs.co/wordpress/102459/hacking/apple-zero-click-vulnerabilities.html
  7. “Check Point researchers discovered a new Cerberus variant which is targeting a multinational conglomerate, and is distributed by the company’s Mobile Device Manager (MDM) server. This malware has already infected over 75% of the company’s devices. Once installed, this Cerberus variant can collect large amounts of sensitive data, including user credentials, and send it to a remote command and control (C&C) server.” https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
  8. “One phishing technique that has gotten a significant amount of mileage in recent years is known as the compromised account technique. This technique relies on the behavior of a user who’s been frightened by receiving an email informing them that their account has been breached. ” https://resources.infosecinstitute.com/overview-of-phishing-techniques-compromised-account/
  9. “Privacy advocates are urging developers to proceed with caution as they use technology released by Apple and Google to build COVID-19 contact-tracing apps — and are warning against the potential for cybercriminal use.” https://threatpost.com/google-apple-contact-tracing-system-cyberattacks/155287/
  10. “In recent months, two distinct Chinese internet campaigns have sought to influence public opinion with fake news ahead of an election in Taiwan, and intimidate pro-democracy protesters in Hong Kong by posting their personal data online. Both efforts mimic similar Russian operations, and reflect how governments’ use of social media for propaganda efforts have become an everyday reality for much of the world’s population.” https://www.cyberscoop.com/chinese-disinformation-recorded-future/
  11. “Encryption is a strong information privacy safeguard, supports information integrity, and can even help you avoid regulatory fines if you are in a heavily regulated industry. Windows has kept up with this trend and offers users a couple different options for information encryption. Among these options in Windows 10 is Encrypted File System (EFS).” https://resources.infosecinstitute.com/category/certifications-training/securing-windows-ten/data-security-in-windows-10/encrypted-file-system-efs-in-windows-10/
  12. “Cisco Talos has observed a new Aggah campaign consisting of the distribution of malicious Microsoft Office documents (maldocs) via malicious spam (malspam) emails distributing a multi-stage infection to a target user’s endpoint.” https://blog.talosintelligence.com/2020/04/upgraded-aggah-malspam-campaign.html
  13. “A critical GitLab vulnerability, which could be leveraged by a remote attacker to execute code, recently netted a researcher a $20,000 bug-bounty award.” https://threatpost.com/critical-gitlab-flaw-bounty-20k/155295/
  14. “Radware noted that cybercriminals use bots in many ways: Sophisticated bots built to circumvent security measures and take over user accounts by mimicking human behavior; denial-of-service bots that prevent online checkouts or take down specific pages; bots built for mobile environments; those that exploit vulnerabilities in applications and APIs; and custom, targeted bots that are built to attack specific companies or competitors.” https://threatpost.com/threatlist-bots-spike-e-commerce-and-travel/155302/
  15. “Security researchers at Kaspersky, almost all countries have seen tremendous growth in the number of brute-force attacks launched by threat actors against exposed RDP services since the beginning of March 2020.” https://www.bleepingcomputer.com/news/security/rdp-brute-force-attacks-are-skyrocketing-due-to-remote-working/
  16. “Microsoft has released Sysmon 11, and it now comes with an important feature that allows you to monitor for and automatically archive deleted files on a monitored system.” https://www.bleepingcomputer.com/news/software/microsoft-releases-sysmon-11-with-auto-backup-of-deleted-files/
  17. “Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a recent research published today.” https://www.bleepingcomputer.com/news/security/numerous-sites-leak-user-emails-to-advertising-analytics-services/
  18. “Microsoft has released Windows 10 Insider Preview Build 19619 to Insiders in the Fast ring with fixes for frequent freezes on some systems, music controls to the Your Phone app, and quick access to COVID-19 info from search.” https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-19619-with-freeze-fixes/
  19. “At least 400 apps in Google’s Play Store come embedded with proprietary software that is designed to help app developers monetize their program by serving ads. Scammers are exploiting that process, though, by inserting malicious ads into the software development kits (SDKs) which are meant to help developers earn a living.” https://www.cyberscoop.com/ad-network-malware-android-startapp-adsalsa-wandera/
  20. “Google today updated the Chrome Web Store’s spam policy to block extension spam so that users can have a real chance to avoid potentially malicious extensions while sifting through 200,000 add-ons available in the store.” https://www.bleepingcomputer.com/news/security/google-updates-chrome-web-store-policy-to-block-extension-spam/
  21. “The flaw (CVE-2019-16011) has a CVSS 3.0 score of 7.8 out of 10, which makes it high severity. Fixed releases for Cisco IOS XE SD-WAN” https://threatpost.com/cisco-ios-xe-flaw-sd-wan-routers/155319/
  22. “In an effort to maximize their financial gain, cyber criminals have shifted their operations from credit card data theft to ransomware attacks.  Almost one in five (18%) of incidents in 2019 involved ransomware attacks where victims found all or part of their network compromised and faced a ransom demand from the cyber criminals.” https://protocol46.com/ransomware-biggest-online-menace/
  23. “The Cybersecurity and Infrastructure Security Agency (CISA) today issued an update to its Microsoft Office 365 security best practices as part of an alert distributed via the US National Cyber Awareness System. These recommendations were compiled to address Office 365 security configuration errors that can weaken an organization’s otherwise sound security strategy while migrating from on-premise to cloud collaboration solutions during the pandemic.” https://www.bleepingcomputer.com/news/security/us-govt-updates-microsoft-office-365-security-best-practices/
  24. “What happens to our digital presence when we die or become incapacitated? Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Should we consider some type of digital will? Should we create a “digital inheritance” plan?” https://www.sans.org/security-awareness-training/resources/digital-inheritance

#security #cybersecurity #itsecurity #privacy #ceo #fraud #ceofraud #bec #aws #mitre #att&ck #cerberus #mdm #google #apple #china #efs #aagh #malspam #sysmon #cisco #sdwan #cisa #digitalinheritance