Individuals at Risk
Identity Theft
Mass General Hospital Confirms 3rd-Party Breach Compromised Information of ~ 4,300 Dental Patients: A breach at Massachusetts General Hospital has potentially compromised the information of roughly 4,300 dental patients, the hospital warned Wednesday. ThreatPost, June 30, 2016
9.2 Million More US Healthcare Records Go Up for Sale on the Dark Web: The Dark Overlord is lording it over the US healthcare industry once again. The hacker is offering a fresh trove of 9.2 million patient records on a Dark Web marketplace, for 750 Bitcoin (about $477,000). InfoSecurity, June 27, 2016
Cyber Privacy
Facebook wins appeal, CPP warns of “massive violations of privacy”: Facebook has collared Belgium’s privacy watchdog: it’s won an appeal in a privacy case and can now resume tracking any Belgian it wants to, including people who’ve never registered for an account and those who aren’t logged in. NakedSecurity, July 1, 2016
My Activity: a tool to see what Google knows about you: How much does Google really know about us? Well, let’s see… how deep is the ocean, and how high is the sky? Probably both are a bit tighter than the ever-expanding capacity of Google’s maw. NakedSecurity, July 1, 2016
Cyber Danger
Cracking Android’s full-disk encryption is easy on millions of phones – with a little patience: Android’s full-disk encryption on millions of devices can be cracked by brute-force much more easily than expected – and there’s working code to prove it. TheRegister, July 1, 2016
1.2 million infected: Android malware ‘Hummer’ could be biggest trojan ever: Security researchers recently issued warnings against a trojan family known as Hummer, which affects more than a million phones by installing malware and unwanted apps. TechRepublic, June 30, 2016
Don’t fall for this Android malware that pretends to be Uber, Facebook, or WhatsApp: Security researchers from FireEye recently uncovered a new piece of Android malware that can mimic the look and feel of app interfaces from the likes of Uber, WhatsApp and Google Play. The malware reportedly struck first in Denmark and is now making its way through a handful of other European countries, including Italy, Germany and Austria. BGR, June 29, 2016
Cyber Update
FOXIT PATCHES 12 VULNERABILITIES IN PDF READER: Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could allow an attacker to directly execute arbitrary code on vulnerable installations of the product. ThreatPost, June 30, 2016
Critical Symantec update as cybercriminals can exploit vulnerabilities just by sending email: A Google security researcher has found high severity vulnerabilities in enterprise and consumer products from antivirus vendor Symantec that could be easily be exploited by hackers to take control of computers. PCWorld, June 29, 2016
Information Security Management in the Organization
Information Security Governance
It’s Time To Think Of Cybersecurity As A Business Enabler: Last year, CIO, CSO and PricewaterhouseCoopers released a new Global State of Information Security survey, which polled more than 10,000 executives from 127 countries about IT security. The results were a mixed bag, with security incidents up 38% over 2014 but corresponding budgets rising only 24%. Forbes, July 1, 2016
Boost your security: Get IT and HR to collaborate: Ask what department is responsible for data security in an organization and the most likely answer is, “IT.” But some experts are saying it shouldn’t be IT alone – that better security requires a closer collaboration with Human Resources (HR). CSO, June 27, 2016
Cyber Warning
Anatomy of an exploit: the Microsoft Word bug that just won’t die: If you’re a regular reader, you’re probably familiar with our technical papers on the topics of exploit kits and malware attacks that rely on booby-trapped Word documents. NakedSecurity, July 1, 2016
Meet Jigsaw, the ransomware that taunts victims and offers live support: The crypto ransomware racket is a booming business that generates lots of revenue, so it only makes sense that the scourge is growing. And with new titles entering the market on almost a weekly basis, how do the criminals behind them make their malware stand out? ars technica, June 28, 2016
Microsoft Office 365 hit with massive Cerber ransomware attack, report: Millions of Microsoft Office 365 users were potentially exposed to a massive zero-day Cerber ransomware attack last week that not only included a ransom note, but an audio warning informing victims that their files were encrypted. SCMagazine, June 27, 2016
How Oracle’s business as usual is threatening to kill Java: Stop me if you’ve heard this one before: Oracle has quietly pulled funding and development efforts away from a community-driven technology where customers and partners have invested time and code. It all seems to be happening for no reason other than the tech isn’t currently printing money. ars technica, June 27, 2016
Cybercriminals up their game with new easier-to-deploy lower-cost ransomware: A new ransomware program making the rounds uses a simple, yet effective technique to make user files inaccessible: locking them in password-protected ZIP archives. PCWorld, June 27, 2016
Cyber Defense
infrastructure: A majority of organizations report that they lack visibility into their cloud infrastructure, file shares, user activity and mobile devices, greatly impacting data security and system uptime, according to Netwrix. HelpNetSecurity, July 1, 2016
: Hackers almost exclusively use standard network admin tools to move around a compromised network once they’ve broken in using malware or other hacking techniques. TheRegister, June 30, 2016
CISO challenges: Addressing cybersecurity blind spots: Every enterprise has cybersecurity blind spots that it fails to recognize and address. Sean Martin explains what they are and how they create more CISO challenges. TechTarget, June 30, 2016
CISO challenges: Identifying and addressing common problems: Enterprises often struggle to identify and prioritize the most pressing security concerns and threats. Sean Martin explains the common CISO challenges facing organizations today. TechTarget, June 30, 2016
xDedic: What to Do If Your RDP Server Was Pwned: As many as 250,000 credentials for Remote Desktop Protocol servers around the world may have been offered for sale on the now-shuttered xDedic cybercrime marketplace. If an organization suspects credentials to servers may have been traded by cybercriminals, what can they do to mitigate related risks and avoid a major network intrusion? InfoRiskToday, June 28, 2016
Cyber Law
Why Brexit could cause data privacy headaches for US companies: The impact of the United Kingdom vote to withdraw from the European Union could have far-reaching consequences for international companies, which may need to rethink their data management policies. NetworkWorld, June 28, 2016
Cyber Security in Society
Cyber Privacy
Database of 2.2m suspected terrorists, money launderers leaked online: A database that classifies people, major charities, activists, and mainstream religious institutions as potential terrorists or money launderers was found available to anybody who knew where to look online, with no credentials needed to access it. NakedSecurity, July 1, 2016
700,000 Muslim Match dating site private messages leaked online: Hackers have leaked the personal details of 150,000 users of the Muslim Match website after breaking into the niche dating portal. TheRegister, July 1, 2016
Cyber Fraud
Scientology Seeks Captive Converts Via Google Maps, Drug Rehab Centers: Fake online reviews generated by unscrupulous marketers blanket the Internet these days. Although online review pollution isn’t exactly a hot-button consumer issue, there are plenty of cases in which phony reviews may endanger one’s life or well-being. This is the story about how searching for drug abuse treatment services online could cause concerned loved ones to send their addicted, vulnerable friends or family members straight into the arms of the Church of Scientology. KrebsOnSecurity, June 27, 2016
Cyber Law
ACLU argues Computer Fraud & Abuse Act blocks discrimination research: The American Civil Liberties Union is challenging a key computer crime law, arguing that it violates the Constitution and specifically prevents researchers from identifying systemic discrimination, such as those related to housing and job searches. The Washington Post, June 29, 2016
Health Care
CONFICKER USED IN NEW WAVE OF HOSPITAL IOT DEVICE ATTACKS: Internet-connected medical devices such as MRI machines, CT scanners and dialysis pumps are increasingly being targeted by hacker seeking to steal patient medical records from hospitals. Attackers consider the devices soft digital targets, seldom guarded with same security as client PCs and servers within hospitals. ThreatPost, June 30, 2016
Here’s How a Hacker Extorts a Clinic: Security experts are sounding alarms about extortion attempts, where hackers steal data and then threaten to publicly release it unless a fee is paid. Unlike attacks involving file-encrypting ransomware, these kinds of incidents don’t result in total system blackouts, which in recent months have forced hospitals and universities to reveal their woes. BankInfoSecurity, June 29, 2016
Internet of Things
IoT botnet: 25,513 CCTV cameras used in crushing DDoS attacks: Researchers discovered over 25,000 hacked internet-connected CCTV cameras being used in DDoS attacks to hammer websites; the denial-of-service botnet could deliver a whopping 50,000 HTTP requests per second. NetworkWorld, June 28, 2016
Cyber Research
Clever Attack Uses the Sound of a Computer’s Fan to Steal Data: IN THE PAST two years a group of researchers in Israel has become highly adept at stealing data from air-gapped computers—those machines that for security reasons, are never connected to the internet or connected to other machines that are connected to the internet, making it difficult to extract data from them. Wired, June 28, 2016
Cyber Miscellany
Steptoe Cyberlaw Podcast – Interview with ‘Dark Territory’ Author Fred Kaplan: Was Iran’s cyberattack that bricked vast numbers of Saudi Aramco computers justified by a similar attack on the National Iranian Oil Company a few months’ earlier? Does NSA have the ability to “replay” and attribute North Korean attacks on companies like Sony? And how do the last six NSA directors stack up against each other? Those and other questions are answered by our guest for episode 122, Fred Kaplan, author of Dark Territory: The Secret History of Cyber War. Steptoe Cyberblog, June 28, 2016
Chrome DRM bug makes it easy to download streaming video: Security researchers have discovered a vulnerability in the Google Chrome browser that could allow users to bypass itscopy protection system and download content from streaming video services like Netflix and Amazon Prime Video. According to Wired, Google was alerted to the problem on May 24, but is yet to issue a patch. ars technica, June 27, 2016
Steptoe Cyberlaw Podcast – Blockchain Interview with Jamie Smith: With Stewart on vacation, the blockchain takes over the podcast! In episode 121, Jason Weinstein and Alan Cohn talk all things bitcoin, blockchain, and distributed ledger technology, and interview Jamie Smith, Global Chief Communications Officer for the BitFury Group, one of the largest full-service blockchain technology companies. Steptoe Cyberblog, June 23, 2016