Individuals at Risk
Identity Theft
600,000 Alaskan voters’ data left exposed: Kromtech Security Center researchers discovered an unsecured U.S. voter database was exposed to the public internet due to a misconfiguration of CouchDB instance. SC Magazine, September 15, 2017
Two Equifax executives will retire following massive data breach: A week after Equifax disclosed it suffered a massive data breach that may have compromised sensitive information belonging to 143 million people, the credit reporting agency’s chief information officer, David Webb, and chief security officer, Susan Mauldin, are retiring, effective immediately, the company said in a statement Friday evening. The Washington Post, September 15, 2017
Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop: Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. At first glance, the private notices obtained by KrebsOnSecurity appear to suggest that hackers initially breached Equifax starting in November 2016. But Equifax says the accounts were all stolen at the same time — when hackers accessed the company’s systems in mid-May 2017. KrebsOnSecurity, September 14, 2017
My Three Years in Identity Theft Hell: Hounded by bill collectors, searched at the airport, thwarted in a house hunt. Here’s how I got free—for now. Bloomberg, September 13, 2017
Failure to patch two-month-old bug led to massive Equifax breach: The Equifax breach that exposed sensitive data for as many as 143 million US consumers was accomplished by exploiting a Web application vulnerability that had been patched more than two months earlier, officials with the credit reporting service said Thursday. ars technica, September 13, 2017
Ayuda! (Help!) Equifax Has My Data!: Equifax last week disclosed a historic breach involving Social Security numbers and other sensitive data on as many as 143 million Americans. The company said the breach also impacted an undisclosed number of people in Canada and the United Kingdom. But the official list of victim countries may not yet be complete: According to information obtained by KrebsOnSecurity, Equifax can safely add Argentina — if not also other Latin American nations where it does business — to the list as well. KrebsOnSecurity, September 12, 2017
Don’t Waste Your Breath Complaining to Equifax about Data Breach: Last Thursday, Equifax reported a data breach that affects 143 million US customers, about 44% of the population. It’s an extremely serious breach; hackers got access to full names, Social Security numbers, birth dates, addresses, driver’s license numbers — exactly the sort of information criminals can use to impersonate victims to banks, credit card companies, insurance companies, and other businesses vulnerable to fraud. Schneier on Security, September 11, 2017
The Equifax Breach: What You Should Know: It remains unclear whether those responsible for stealing Social Security numbers and other data on as many as 143 million Americans from big-three credit bureau Equifax intend to sell this data to identity thieves. But if ever there was a reminder that you — the consumer — are ultimately responsible for protecting your financial future, this is it. Here’s what you need to know and what you should do in response to this unprecedented breach. KrebsOnSecurity, September 11, 2017
Seriously, Equifax? This Is a Breach No One Should Get Away With: Equifax’s main job is to collect and maintain data. Now the hacking at the credit agency uncovers a gaping flaw in regulation over data storage. The New York Times, September 8, 2017
Cyber Defense
Chrome to Label FTP Resources as “Not Secure”: Google announced on Thursday that future versions of Chrome will label resources delivered via the File Transfer Protocol (FTP) as “Not secure.” SecurityWeek, September 15, 2017
Cyber Warning
Android malware in Google Play racked up 4.2M downloads: Are you a victim?: Malware authors cash in on Android users through SMS fraud and unwanted online subscriptions. ZDNet, September 15, 2017
Phishers targeting LinkedIn users via hijacked accounts: A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. HelpNetSecurity, September 13, 2017
Information Security Management in the Organization
Information Security Management and Governance
Why the Equifax breach could force executives to finally take cybersecurity seriously: Equifax was negligent in securing its systems, which lead to a massive breach. In the future, this could make company leaders more liable for security issues. TechRepublic, September 14, 2017
Information security is not information technology: Recent news coverage has been filled with talk of the split of U.S. Cyber Command from the National Security Agency. It’s a transition that makes sense. Cyber Command is focused on warfighting within the cyber domain while the NSA is focused on intelligence collection, and while the techniques are often the same, the objectives are extremely different. In fact they’re governed by two completely different laws. CSO, September 14, 2017
Cyber Warning
Backdoor Found in WordPress Plugin With More Than 200,000 Installations: For the past two and a half months, a WordPress plugin named Display Widgets has been used to install a backdoor on WordPress sites across the Internet. BleepingComputer, September 13, 2017
Unpatched D-Link Router Vulnerabilities Disclosed: A researcher has disclosed the details of several unpatched vulnerabilities affecting D-Link DIR-850L routers and mydlink cloud services. SecurityWeek, September 8, 2017
Cyber Defense
Google, Spotify Build Open-Source Community for GCP Security: Google and Spotify create Forseti, an open-source community with tools to secure projects on the Google Cloud Platform. DarkReading, September 15, 2017
Cyber Update
Adobe Patches Security Bugs in Flash Player, ColdFusion, RoboHelp: Adobe just released its monthly security updates and this month the company patched vulnerabilities in three products — Adobe Flash Player, Adobe ColdFusion, and Adobe RoboHelp, the company’s lesser known help authoring tool (HAT), used for the creation of online or offline documentation and help files. BleepingSecurity, September 12, 2017
Microsoft September Patch Tuesday Fixes 82 Security Issues, Including a Zero-Day: Moments ago, Microsoft published the September 2017 Patch Tuesday, and this month the OS maker fixed 82 security bugs. BleepingComputer, September 12, 2017
Content Security
Networks Beef Up Press-Screener Security as Piracy Increases: Each network has its own system for delivering screeners to TV critics and reporters — from physical DVDs to videos hosted on their press sites. But as piracy concerns mount, those methods are changing in favor of more secure alternatives. Variety, September 6, 2017</em
Cybersecurity in Society
Cyber Privacy
ACLU, EFF sue DHS over electronic device searches at border: The American Civil Liberties Union, the Electronic Frontier Foundation (EFF), and the ACLU of Massachusetts filed suit against the Department of Homeland Security (DHS) for searching the laptops and smartphones of travelers at the U.S. border. SC Magazine, September 13, 2017
Cyber Defense
What Will Cybersecurity Look Like 10 Years From Now?: The future of cybersecurity is tightly connected to the future of information technology and the advancements of the cyberspace. While I personally have never taken the liberty of predicting the future, it is clear that the role of cyber will become even larger in our personal and business lives. Forbes, September 14, 2017
Know Your Enemy
HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure: This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information related to HIDDEN COBRA activity, go to https://www.us-cert.gov/hiddencobra. US-CERT, August 23, 2017
Cyber Freedom
Virginia decertifies certain voting machines over hacking, integrity concerns: Twenty-two localities in Virginia have roughly two months to replace their election technology after the state’s board of elections decertified all Direct Recording Electronic (DRE) voting devices over hacking concerns. SC Magazine, September 12, 2017
National Cybersecurity
Kaspersky software banned from US government agencies: Kaspersky: We have “never helped, nor will help, any government with cyberespionage.” ars technica, September 13, 2017
Cyber Enforcement
US Sanctions Iranian Nationals Over DDoS Bank Attacks: The U.S. Treasury Department has announced sanctions against 11 individuals and organizations with alleged ties to Iran, some of whom have been accused of helping to launch distributed denial-of-service attacks against dozens of U.S. banks from 2011 to 2013. BankInfoSecurity, September 15, 2017
SecureTheVillage Calendar
SecureTheVillage: Financial Services Cybersecurity Roundtable: The Financial Services Cybersecurity Roundtable is a cross-organizational, cross-functional “learning community” committed to working together to better protect our community from bank fraud, credit card theft, identity theft and other forms of cyber crime. September 22, 7:30 – 10:00, Grandpoint Bank
SecureTheVillage: San Fernando Valley-East (Pasadena / Glendale) Cybersecurity Roundtable: The San Fernando Valley-East (Pasadena / Glendale) Cybersecurity Roundtable is designed to support communication and collaboration between C-Suite executives, IT managers, and cybersecurity experts. The San Fernando Valley-East Roundtable is intended for both for-profit and nonprofit organizations. The Roundtable functions as a cross-organizational “learning community” committed to working together to better protect our community from cybercrime. September 28, 7:30 -10AM. Datastream, Glendale.
Glendale Tech Week: SecureTheVillage and Citadel President Stan Stahl will join Louie Sadd, Datastream Managing Partner and SecureTheVillage Leadership Council member, and other cybersecurity panelists. October 12, 10:00 – 11:00, Glendale Central Library.
SecureTheVillage: Cybersecure Los Angeles 2017 — Get Cyber Prepared: SecureTheVillage joins UCLA Extension for its first cybersecurity conference. Learn from leading information security professionals and law enforcement, including: information security providers, cyber-insurance, financial services, law, the FBI, LA County District Attorney’s Office, and more. Leave with SecureTheVillage’s Information Security Management and Leadership ResourceKit: A practical guide for implementing an information security management and leadership program in your organization. October 19, 9:00 – 2:00, UCLA Extension, Figueroa Courtyard