Security Headlines

The Security News can be sent directly to you.  As a citizen, you can receive security information relating to consumer products and as a technology community member, you can receive additional technical information.

Subscribe


Malware/Phishing

Botnet Operator Indicted
September 2, 2018
A 20-year-old was indicted on federal hacking charges and for operating the “Satori” botnet, a malware strain unleashed last year that infected hundreds of thousands of wireless routers and other “Internet of Things” (IoT) devices.
Source: Krebs on Security
https://krebsonsecurity.com/2018/09/alleged-satori-iot-botnet-operator-sought-media-spotlight-got-indicted/

Facebook Pulls Accounts Peddling Misinformation From Iran, Russia
August 21, 2018
Facebook Inc. dismantled a new set of influence campaigns originating in Iran and Russia designed to sow division in global politics, part of the social-media company’s broader purge of bad actors on its site. 
Source: Wall Street Journal
https://www.wsj.com/articles/facebook-pulls-652-fake-accounts-engaged-in-coordinated-influence-campaign-1534896500

Back to School? Time to Talk Online Safety 
August 16, 2018
As students across the country head back to school, the Federal Trade Commission has advice for parents on talking to their kids about online safety and protecting their children’s personal information.
Source: Federal Trade Commission
https://www.consumer.ftc.gov/blog/2018/08/back-school-time-talk-online-safety

Iranian Hackers Turn to Ransomware, Bitcoin as Economy Stalls
August 8, 2018
Iranian hackers are developing software attacks that render computer systems inoperable until a digital ransom is paid.
Source: Wall Street Journal 
https://www.wsj.com/articles/iranian-hackers-turn-to-ransomware-bitcoin-as-economy-stalls-1533671703

State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China
July 27, 2018
Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China.
Source: Krebs on Security 
https://krebsonsecurity.com/2018/07/state-govts-warned-of-malware-laden-cd-sent-via-snail-mail-from-china/

Emotet Malware
July 20, 2018
Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans.
Source: US-CERT
https://www.us-cert.gov/ncas/alerts/TA18-201A

“Stylish” Browser Extension Steals Internet History
July 6, 2018
Since January 2017 the Stylish browser extension​ has been augmented with spyware that records website visits.
Source: ArsTechnica
https://arstechnica.com/information-technology/2018/07/stylish-extension-with-2m-downloads-banished-for-tracking-every-site-visit/ 


Security News

British Airlines Data Breach 
September 6, 2018
British Airlines apologizes after 380,000 customers hit in cyber attack on its website and app. 
Source: Reuters
https://www.reuters.com/article/us-iag-cybercrime-british-airways/ba-apologizes-after-380000-customers-hit-in-cyber-attack-idUSKCN1LM2P6

Combating Foreign Influence
September 4, 2018
The FBI launched a webpage on combating foreign influence to educate the public about the threats faced from disinformation campaigns, cyber attacks, and the overall impact of foreign influence on society. 
Source: Federal Bureau of Investigation
https://www.fbi.gov/investigate/counterintelligence/foreign-influence

Texas Voter Records Exposed
August 23, 2018
A file of Texas voter data was left on an unsecured server without a password. The file had an estimated 14.8 million records with names, addresses and voter history.
Source: Statesman
https://www.statesman.com/news/state--regional-govt--politics/report-texas-voter-records-exposed-online/uUUoNKlH0ArChpuOPC8X6J/ - Removed

Trump, Seeking to Relax Rules on U.S. Cyberattacks, Reverses Obama Directive
August 15, 2018
President Trump signed an order reversing the classified rules, known as Presidential Policy Directive 20, that had mapped out an elaborate interagency process that must be followed before U.S. use of cyberattacks, particularly those geared at foreign adversaries.
Source: Wall Street Journal
https://www.wsj.com/articles/trump-seeking-to-relax-rules-on-u-s-cyberattacks-reverses-obama-directive-1534378721

UnityPoint Warns 1.4 Million Patients Their Information Might Have Been Breached
July 30, 2018
UnityPoint has notified about 1.4 million patients that their information might have been breached.
Source: Des Moines Register
https://www.desmoinesregister.com/story/news/health/2018/07/30/unitypoint-data-breach-million-patients-email-hack-hacked-phishing-e-mail-health-care-iowa/866760002/
https://www.iowaattorneygeneral.gov/for-consumers/unitypoint-data-breach-identity-theft

Russian Hackers Reach U.S. Utility Control Rooms, Homeland Security Officials Say
July 23, 2018
Hackers working for Russia claimed “hundreds of victims” last year in a giant and long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts.
Source: Wall Street Journal
https://www.wsj.com/articles/russian-hackers-reach-u-s-utility-control-rooms-homeland-security-officials-say-1532388110

Microsoft Stopped Russia From Hacking 3 Congressional Campaigns
July 20, 2018
Microsoft's security team detected a site set up by Russian actors that was being used in an attempt to target congressional candidates.
Source: ArsTechnica
https://arstechnica.com/information-technology/2018/07/microsoft-detected-russian-attempt-to-hack-3-congressional-candidates-this-year/

Mueller Indicts 12 Russian Officials for 2016 Election Hacking
July 13, 2018
The U.S. special counsel charged 12 Russian military intelligence officers with computer attacks meant to undermine the Democratic Party.
Source: Associated Press
https://apnews.com/1ddb174446a34785becd670275fedcbf/Moscow-now-accused-of-US-election-meddling,-in-indictment


Software\Hardware

Browser Extensions: Are They Worth the Risk?
September 5, 2018
Legitimate browser extensions can and periodically do fall into the wrong hands. It makes good security sense to limit your exposure to such attacks by getting rid of extensions that are no longer useful or actively maintained by developers.
Source: Krebs on Security
https://krebsonsecurity.com/2018/09/browser-extensions-are-they-worth-the-risk/

Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records
September 4, 2018
mSpy has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, and notes.
Source: Krebs on Security
https://krebsonsecurity.com/2018/09/for-2nd-time-in-3-years-mobile-spyware-maker-mspy-leaks-millions-of-sensitive-records/

Apache Struts Vulnerability
August 22, 2018
Possible Remote Code Execution when using results with no namespace and in same time, its upper action(s) have no or wildcard namespace. Same possibility when using url tag which doesn’t have value and action set. 
Source: Apache.org
https://cwiki.apache.org/confluence/display/WW/S2-057

​​Huawei and ZTE Handed 5G Network Ban in Australia
August 23, 2018
The Australian government banned Huawai and ZTE from providing 5G technology for the country's wireless networks because of national security concerns.
Source: BBC
https://www.bbc.co.uk/news/technology-45281495

British and Canadian Governments Exposed Passwords and Security Plans
August 16, 2018
By misconfiguring pages on Trello, a project management website, the United Kingdom and Canada exposed details of software bugs and security plans, as well as passwords for servers, official internet domains, conference calls, and an event-planning system.
Source: The Intercept
https://theintercept.com/2018/08/16/trello-board-uk-canada/

What Your Car Knows About You
August 18, 2018
With millions of cars rolling off dealer lots with built-in connectivity, auto companies are gaining access to unprecedented amounts of real-time data that allow them to track everything from where a car is located to how hard it is braking and whether or not the windshield wipers are on.
Source: Wall Street Journal
https://www.wsj.com/articles/what-your-car-knows-about-you-1534564861 

Samsung Galaxy S7 Smartphones Vulnerable to Hacking
August 8, 2018
Samsung’s Galaxy S7 smartphones contain a microchip security flaw, uncovered earlier this year, that has put tens of millions of devices at risk to hackers looking to spy on their users.
Source: Reuters
https://www.reuters.com/article/us-cyber-conference-samsung-elec/samsung-galaxy-s7-smartphones-vulnerable-to-hacking-researchers-idUSKBN1KT0NL

Security Update for Chrome
July 24, 2018
Google has released Chrome version 68.0.3440.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
Source: Google
https://chromereleases.googleblog.com/search/label/Stable%20updates

Cisco Security Updates
July 18, 2018
Cisco has released updates to address vulnerabilities affecting Cisco products.
Source: Cisco
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

Speculative Buffer Overflows: Attacks and Defenses 
July 10, 2018
Practical attacks that exploit speculative execution can leak confidential information via microarchitectural side channels.
Source: MIT \ Intel
https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf 
https://people.csail.mit.edu/vlk/spectre11.pdf 

Multiple Vulnerabilities in Adobe Acrobat and Reader Could Allow for Arbitrary Code Execution
July 10, 2018
Multiple vulnerabilities have been discovered in Adobe Acrobat and Reader, the most severe of which could allow for arbitrary code execution.
Source: Adobe
https://helpx.adobe.com/security/products/acrobat/apsb18-21.html 


Research

Insider Trading Ahead of Cyber Breach Announcements
July 2018
Stock market reactions to cybersecurity breach announcements are generally negative. In virtually all cases, information asymmetry exists between firm management and investors between the date of cybersecurity breach discovery and the public announcement of the breach.
Source: Iowa State University
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3205489

Why the Cybersecurity Framework Will Make Us Less Secure
July 2018
This paper describes dynamic cybersecurity provision, contrasts this with the shortcomings of the Cybersecurity Framework, and proposes better reforms to improve dynamic cybersecurity provision for critical infrastructure. 
Source: George Mason University
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3211631 

Foreign Economic Espionage in Cyberspace
July 2018
This report provides a baseline assessment of the many dangers facing the U.S. research, development, and manufacturing sectors when operating in cyberspace.
Source: National Counterintelligence and Security Center
https://www.dni.gov/files/NCSC/documents/news/20180724-economic-espionage-pub.pdf

ELECTION SECURITY UPDATE Top 18 Most Vulnerable States
July 10, 2018
This report looks at the eighteen states with the most vulnerable election infrastructure.
Source: Committee on House Administration 
https://democrats-cha.house.gov/sites/democrats.cha.house.gov/files/Election_Security_Update.pdf - No longer available

Supply Chain Risks Affecting Federal Agencies
July 12, 2018
Reliance on a global supply chain introduces multiple risks to federal information systems. Supply chain threats are present during the various phases of an information system's development life cycle and could create an unacceptable risk to federal agencies.
Source: Government Accountability Office
https://www.gao.gov/products/GAO-18-667T

Building the UK Financial Sector's Operational Resilience
July 5, 2018
British banks and other financial services firms were given three months to explain how they can avoid damaging IT breakdowns and respond to the growing threat of cyber attacks. 
Source: Financial Conduct Authority 
https://www.fca.org.uk/publications/discussion-papers/dp-18-4-building-uk-financial-sector-operational-resilience


Information Crime

Treasury Targets North Korea for Multiple Cyber-Attacks 
September 6, 2018
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned one entity and one individual tied to the Government of North Korea’s malign cyber activities. 
Source: US Department of the Treasury
https://home.treasury.gov/news/press-releases/sm473 

Ukrainian Sentenced for Trafficking in Hacked Financial Information
August 24, 2018
A Ukrainian national was sentenced to six years in prison for trafficking stolen financial information obtained through computer hacking. The information had been stolen from approximately 40,000 hacked computers, included over 62,000 credit card numbers as well as usernames and passwords to victims’ online banking accounts.
Source: US Department of Justice
https://www.justice.gov/opa/pr/ukrainian-sentenced-trafficking-hacked-financial-information

Indian Bank Hit in $13.5M Cyberheist After FBI ATM Cashout Warning
August 17, 2018
A bank in India disclosed hackers had broken into its servers, stealing nearly $2 million in fraudulent bank transfers and $11.5 million unauthorized ATM withdrawals from cash machines in more than two dozen countries.
Source: Krebs on Security
https://krebsonsecurity.com/2018/08/indian-bank-hit-in-13-5m-cyberheist-after-fbi-atm-cashout-warning/

Watch Out For Card Skimming At The Gas Pump
August 7, 2018
The FTC is warning drivers about skimming scams at the pump.
Source: Federal Trade Commission
https://www.consumer.ftc.gov/blog/2018/08/watch-out-card-skimming-gas-pump

Idaho Inmates Hacked Prison Service for $225,000 in Credit
July 27, 2018
Hundreds of prison inmates in Idaho found a way to add hundreds of thousands of dollars worth of credit to their personal accounts, officials discovered this month.
Source: New York Times
https://www.nytimes.com/2018/07/27/us/idaho-prison-hack-jpay-nyt.htmlrref=collection%2Fsectioncollection%2Ftechnology&action=click&contentCollection=technology&region=stream&module=stream_unit&version=latest&contentPlacement=3&pgtype=sectionfront - Removed

Scam Uses Recipient’s Hacked Passwords
July 18, 2018
A clever new twist on an old email scam makes the con more believable. The message purports to have been sent from a hacker who’s compromised your computer.
Source: Krebs on Security
https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/ 

Task Force on Market Integrity and Consumer Fraud
July 12, 2018
The Task Force on Market Integrity and Consumer Fraud was created to provide guidance for the investigation and prosecution of cases involving fraud on the government, the financial markets, and consumers, including cyber-fraud.
Source: White House
https://www.whitehouse.gov/presidential-actions/executive-order-regarding-establishment-task-force-market-integrity-consumer-fraud/

Former Programmer Tried to Sell Secrets on Dark Web
July 5, 2018
An employee who worked at a cyber espionage firm was accused of stealing company secrets and attempting to sell them on the dark web for $50 million. The worker stole the software after learning he was being fired from the company.
Source: The Jerusalem Post
https://www.jpost.com/Israel-News/Cyber-Crime-Israeli-tried-to-sell-secrets-on-dark-web-for-USD-50-million-561704

Printed from the Information Security Division website on August 11, 2020 at 4:06am.