News Desk

Curated cybersecurity news and updates from CI Security®.

Get your cybersecurity briefing, curated by Mike Hamilton.

Mike Hamilton, founder and CISO of CI Security, has decades of experience in the Information Security industry. In that time, he has developed a keen eye for IT news that affects how security professionals approach their jobs and the news that will have meaningful impacts on daily life.

Every weekday, Mike curates the top news stories in cybersecurity, including the latest breaches, security alerts, and industry developments. Readers describe the news blast as their go-to morning source for the latest in InfoSec.

Sign up for the Daily Blast and get it delivered early weekday mornings, just in time for your first cup of coffee.

Get curated cybersecurity news delivered to your inbox.




Latest Cybersecurity News Blast

Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 6-2-2020

George Floyd: Anonymous hackers re-emerge amid US unrest

First, the Minneapolis police department website was temporarily taken offline over the weekend in a suspected Distributed Denial of Service (DDoS) attack. [...] A database of email addresses and passwords claiming to be hacked from the police department's system is also in circulation, and being linked to Anonymous. However, there is no evidence that the police servers have been hacked and one researcher, Troy Hunt, says the credentials are likely to have been compiled from older data breaches.

https://www.bbc.com/news/technology-52879000

 

Minneapolis Police Department Hack Likely Fake, Says Researcher

According to Troy Hunt at Have I Been Pwned (HIBP), the group of allegedly ill-gotten email addresses and passwords has been circulating in multiple forums, with most of them attributing the credential leak to Anonymous, which is a loose affiliation of individuals that carry out hacking to send political messages. According to multiple social-media posts, Anonymous supposedly carried out the breach/leak in response to the MPD’s role in Floyd’s death[.]

https://threatpost.com/anonymous-hack-minneapolis-police-department-fake/156171/

 

Microsoft is blocking the Windows 10 May 2020 Update on lots of devices

Microsoft has a list of 10 issues it’s currently investigating, and 9 of them have resulted in a “compatibility hold” which stops the Windows 10 May 2020 Update from being installed via Windows Update. One issue involving unexpected errors or reboots with always-on, always-connected devices, affects devices like Microsoft’s Surface Pro 7 or Surface Laptop 3.

https://www.theverge.com/2020/6/1/21276653/microsoft-windows-10-may-2020-update-block-known-issues-list

 

What Healthcare And Cybersecurity Can Learn From Each Other

Both cybersecurity and healthcare organizations are tasked with fighting viruses, albeit in completely different contexts. Whether it’s a piece of malware or an airborne pathogen, the key to curing any infection is figuring out what the problem is in the first place. That’s why focusing on accurate diagnostics is critical for both industries. The primary reason governments had to take the drastic step of isolation is the lack of widely available, accurate diagnostics.

https://www.forbes.com/sites/forbestechcouncil/2020/06/01/what-healthcare-and-cybersecurity-can-learn-from-each-other/#36a32d7c6afd

 

Inside Job at Clinics: Mobile Phone Used for Fraud

A former administrative employee of a medical marijuana clinic and several other clinics was recently sentenced to federal prison after pleading guilty to identity theft and wire fraud. [...] Prosecutors alleged that she used her personal cell phone's camera to take photos of dozens of patients' information that she then used to make fraudulent purchases and also sold to others for $100 per image.

https://www.bankinfosecurity.com/inside-job-at-clinics-mobile-phone-used-for-fraud-a-14364

 

Crafting Successful Business Associate Agreements, Breach Response

“But one thing many folks fail to understand about these business associate agreements is that it doesn't really guarantee that covered entity is going to be protected from any business associate related breaches,” Mookencherry said. “But it’s a contact that must be in place.” [...] “One of the key things here is to make sure that the business associate takes reasonable steps to address any breaches or violations on the subcontractors. Business associate agreements make sure the subcontractor knows that they are also being held liable for HIPAA requirements and compliance[.]”

https://healthitsecurity.com/news/crafting-successful-business-associate-agreements-breach-response

 

EasyJet Cyber Attack Likely the Work of Chinese Hackers

The cyber attack, which saw the email addresses and travel details of millions of passengers being robbed—as well as the credit card details of some 2,000—was reportedly conducted by the very same group of Chinese hackers responsible for other attacks on a number of airlines in recent months.

https://www.cpomagazine.com/cyber-security/easyjet-cyber-attack-likely-the-work-of-chinese-hackers/

 

The Perils of Responding to Cyber-Incidents Just Got More Complicated

You feel confident that your investigation of the incident and the accompanying forensic report labeled “prepared at the direction of counsel” is protected by privilege. You may want to think again. Dealing with a cyber-incident has always been a stress-inducing process that involves careful planning and organization. However, a recent decision in the United States District Court for the Eastern District of Virginia just made things more complicated — placing companies who fail to understand its implications in danger of substantial litigation risk.

https://www.jdsupra.com/legalnews/the-perils-of-responding-to-cyber-44219/

 

Rare NSA Advisory About Russia-Based Cyberattacks Unlikely to Stop Them

"We have tried naming and shaming of the individual operators and the unit — obviously sanctions have been tried," he says. "I think that Russian intelligence agencies have a high risk tolerance and feel pretty emboldened to do what they are doing, so I'm not entirely sure what we could potentially do to deter them from conducting these activities."

https://www.darkreading.com/attacks-breaches/rare-nsa-advisory-about-russia-based-cyberattacks-unlikely-to-stop-them/d/d-id/1337962

 

State-sponsored attacks “from China” hindering COVID-19 vaccine development: Bryan Ware

Commenting more on the Coronavirus related attacks, he opined that there has been a shift in the attack surfaces. “From the onset of the COVID-19 pandemic, there have been several scams targeting the healthcare sector. A lot of campaigns have also exploited the pandemic but launching several phishing and ransomware attacks. But the thing that worries CISA and the FBI the most is the increasing number of state-sponsored attacks originating from China.

https://www.cisomag.com/fireside-chat-cisa/

 

Anonymous: Donald Trump and Naomi Campbell named in Epstein ring

The list with hundreds of names on it was uploaded through a file on their social networks under the name of "The Little Black Book of Jeffrey Epstein[.]" Athough names such as Ivanka and Ivana Trump appear, the group of cyber activists also launched a direct threat against the President of the United States, Donald Trump, whose name also appeared on the aforementioned list and has been accused of raping minors. He is also alleged to have a record on organised crime, a reason given for why he is being blackmailed by Russia, a country that has all the necessary evidence against him.

https://en.as.com/en/2020/06/01/other_sports/1591000911_332154.html

 

North Korea issues blanket denial to US hacking accusations

“We know well that the ulterior intention of the United States is to tarnish the image of our state and create a moment for provoking us by employing a new leverage called ‘cyber threat’ together with the issues of nuke, missiles, ‘human rights,’ ‘sponsoring of terrorism’ and ‘money laundering,’” North Korea’s Ministry of Foreign Affairs said in a May 28 statement.

https://www.cyberscoop.com/north-korea-issues-blanket-denial-us-hacking-accusations/

 

Wawa data breach aftermath: Observations from the legal side of things

It has said that it “continues to take steps to enhance the security of our systems.” And, over a dozen lawsuits have been filed arising from the breach, all of which essentially claim that Wawa failed to use reasonable measures to adequately secure its computer systems and timely detect the malware on its servers and that the measures that Wawa has voluntarily offered to its customers do not do enough to cover all the costs and injuries that they have suffered and will suffer. The lawsuits seek, among other things, compensatory damages for any injuries to Wawa’s customers and punitive damages for Wawa’s alleged knowing failure to maintain up-to-date security.

https://www.securityinfowatch.com/cybersecurity/article/21140284/wawa-data-breach-aftermath-observations-from-the-legal-side-of-things

 

Why Contact Tracing Apps Will Be The Biggest Test Yet Of Data Privacy Versus Public Safety

One aspect of this app that does give me cause to feel optimistic is that it is entirely open-source. The code is available in its entirety to be dissected and analyzed, so people with more programming knowledge than myself will at least be able to verify that it is doing what it says it does, nothing more and nothing less. For example, this means that we'll know for sure that the app does not, as was originally widely assumed, use locational data to track where we go and who we see. Instead, it uses Bluetooth signals to detect your proximity to other people.

https://www.forbes.com/sites/bernardmarr/2020/06/01/why-contact-tracing-apps-will-be-the-biggest-test-yet-of-data-privacy-versus-public-safety/#641e29284da2

 

The governor's office says the NSA isn't involved in the response to Minnesota's protests. But here's how it could be.

Generally speaking, the NSA, the Pentagon’s foreign signals intelligence agency, does not target U.S. citizens to collect electronic communications information. But there are specific times when it can. Walz’s comments — combined with speculation about how those legal circumstances might apply to the protests — were enough to fuel questions about the NSA’s involvement. [...] “They also were able to provide their intelligence support of what they’re seeing, what they’re signal intercepting, they have obviously from NSA, from others, massive support to be able to see who these operators are,” Walz said of the military.

https://www.cyberscoop.com/george-floyd-minnesota-nsa-surveillance/

 

Apple releases iOS 13.5.1, patching out the Unc0ver jailbreak

Apple has released iOS 13.5.1 today, which the company says “provides important security updates and is recommended for all users,” albeit without much detail in the change log. But as noted by Twitter account Apple Software Updates, the update is meant to patch out the kernel vulnerability used by the recent Unc0ver jailbreak.

https://www.theverge.com/2020/6/1/21277281/apple-ios-13-5-1-patch-unc0ver-jailbreak-update-software-install

 

Steganography Anchors Pinpoint Attacks on Industrial Targets

The script is executed in spite of the configured policy, in a hidden window and without loading the user configuration,” according to Kaspersky. [...] The data is hidden in the downloaded image, and is parsed out by the malware from pixels as defined by an algorithm in the script. Hiding malware in an image file, known as steganography, is a well-known though not that common way to circumvent detection – many filters and gateways let image file formats pass without too much scrutiny.

https://threatpost.com/steganography-pinpoint-attacks-industrial-targets/156151/

 

Hacker leaks database of dark web hosting provider

Today, a hacker going by the name of KingNull uploaded a copy of DH's stolen database on a file-hosting portal, and notified ZDNet, since we broke the news about the DH hack in March. "The leaked database contains sensitive information on the owners and users of several thousand darknet domains," threat intelligence firm Under the Breach told ZDNet today after we asked the company to analyze the leak. Under the Breach said the leaked data can be used to tie the owners of leaked email addresses to certain dark web portals.

https://www.zdnet.com/article/hacker-leaks-database-of-dark-web-hosting-provider/

 

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe

Real people hunt for threats, investigate events, and respond with incident action plans.

Contact us Request a demo