Individuals at Risk
Cyber Defense
90% of Gmail users could improve their security easily, but don’t: Google has finally admitted something alarming about the world’s one billion regular Gmail users – barely any have turned on two-step verification (2SV) security. Naked Security, January 19, 2018
Google removes 53 apps from official Play Store because they were spreading a new breed of Android malware named GhostTeam that could steal Facebook credentials and push ads to infected phones: Google has removed 53 apps from the official Play Store because they were spreading a new breed of Android malware named GhostTeam that could steal Facebook credentials and push ads to infected phones. BleepingComputer, January 18, 2018
Intel Confirms Fresh Spectre, Meltdown Patch Problems: Intel says the firmware updates it developed to help protect users against Meltdown and Spectre flaws are causing stability problems in its newest chips. BankInfoSecurity, January 18, 2018
Internet of Things
Some Basic Rules for Securing Your IoT Stuff: Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldn’t begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and “smart” lightbulbs. KrebsOnSecurity, January 17, 2018
Cyber Warning
Hackers are using recent Microsoft Office vulnerabilities to distribute malware: Malware can steal passwords, bitcoin wallets, software keys, as well as carry out DDoS attacks and more — and a campaign distributing it is targeting telecommunications, insurance, and financial services. ZDNet, January 19, 2018
Hackers cast out 300% more phishing attacks via messages: This research provides a clear warning that everyone must be thorough and diligent when it comes to clicking on links, always be sceptical. CBR, January 18, 2018
Chromecast and Google Homes reportedly overloading home Wi-Fi: Users on the Google help forums and Reddit are reporting that Google Home and Google Chromecast devices are causing issues with their Wi-Fi networks. Users say hooking up these Google hardware products leads to an unstable Wi-Fi network or a network that goes down entirely. ars technica, January 17, 2018
Found: New Android malware with never-before-seen spying capabilities: Last year, researchers found what at the time was quite possibly the world’s most sophisticated espionage app ever written for the Android mobile operating system. Now, in a discovery that underscores the growing arms race among competing malware developers, researchers have uncovered a new Android spying platform that includes location-based audio recording and other features that have never been seen in the wild before. ars technica, January 16, 2018
MaMi malware targets Mac OS X DNS settings: A researcher has discovered a strain of malware in the wild which targets Mac OS X users. ZDNet, January 15, 2018
Fake Meltdown/Spectre Patch Installs Malware: Cybercriminals are already taking advantage of the massive attention the recently detailed Meltdown and Spectre CPU flaws have received, in an attempt to trick users into installing malware instead, Malwarebytes warns. SecurityWeek, January 15, 2018
Information Security Management in the Organization
Information Security Management and Governance
Supply Chain Cyber Attacks Illustrate Importance of Vendor Risk Management: While the attack surface has increased exponentially because of the cloud and everything-as-a-service providers, there are still ways in which host companies can harden supply chain security. DarkReading, January 19, 2018
Cyberattacks on Hotels — What Should Hotel Owners and Operators Do?: Almost as soon as there were data breaches, hotels became a prime target of hackers, and the hospitality industry has consistently been one of the most commonly targeted businesses. Since 2010, hotel properties ranging from major multinational corporations to single location hotels have been impacted. Robert Braun, SecureTheVillage Leadership Council, JMBM Cybersecurity Lawyer Forum, January 12, 2018
Cyber Awareness
Google’s Confusing Gmail Security Alert Looks Exactly Like a Phishing Attempt: Last week, my partner got a strange email alert from Google—or at least it looked like it came from Google. Motherboard, January 16, 2018
Staying Secure on the Road: We want you to be able to make the most of technology at all times, including when you travel. In this newsletter, we cover how you can connect to the Internet and use your devices securely on the road. SANS, February 2017
Cyber Warning
Linux and Windows Servers Targeted with RubyMiner Cryptocurrency Malware: Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers. BleepingComputer, January 15, 2018
Box users scramble as files disappear for several days: Business user file sync and sharer Box “sank” for some users late last week, who took to forums and social media complaining they could not see any of their files. TheRegister, January 15, 2018
Cyber Defense
Fujitsu will replace passwords and keycards with palm scanning for 80K employees in Japan: The new authentication method, which verifies a user based on a vein in their palm, will give employees access to buildings and desktops. TechRepublic, January 19, 2018
Meltdown-Spectre: More businesses warned off patching over stability issues: Industrial companies are being told to avoid some Meltdown and Spectre fixes after reports of problems. ZDNet, January 15, 2018
Cybersecurity in Society
Cyber Crime
Hospital Pays $55K Ransomware Demand Despite Having Backups: An Indiana hospital paid a ransom of $55,000 to get rid of ransomware that had infected its systems and was hindering operations last week. BleepingComputer, January 16, 2018
OnePlus suspends credit card payments after customers report fraudulent purchases: OnePlus has temporarily shut down credit card payments on its website following reports that customers’ payment details were stolen after they bought goods through its online store. The company says it’s disabling credit card payments “as a precaution,” but will still be accepting purchases through PayPal. OnePlus also says it’s looking for “alternative secure payment” options. TheVerge, January 16, 2018
Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter after phony emergency call to Kansas police last month triggered fatal shooting: Tyler Raj Barriss, a 25-year-old serial “swatter” whose phony emergency call to Kansas police last month triggered a fatal shooting, has been charged with involuntary manslaughter and faces up to eleven years in prison. KrebsOnSecurity, January 15, 2018
Hackers Hijack DNS Server of BlackWallet to Steal $400,000: Unknown hackers (or hacker) have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM), and has stolen over $400,000 from users’ accounts. BleepingComputer, January 14, 2018
Cyber Danger
Cyber-attacks are a top three risk to society, alongside natural disaster and extreme weather: A report has warned that ransomware, Internet of Things hacks, and industrial attacks could be almost as big a problem as natural disasters and extreme weather. ZDNet, January 17, 2018
Cyber Privacy
iPhone’s Apple Health data used as evidence in murder trial: If you have an iPhone running iOS 6S or later, you’ve got Apple’s Health App, which accurately records steps. You’ve also got the Altimeter app, which keeps track of changes in elevation, to track how many stairs you’ve climbed. NakedSecurity, January 15, 2018
Cyber Attack
How the Triton malware shut down critical infrastructure in the Middle East: The December attack leveraged a zero-day flaw, and user error, to infect industrial equipment. TechRepublic, January 19, 2018
Know Your Enemy
North Korean Hacker Group Seen Behind Crypto Attack in South: The same North Korean hacking outfit associated with the Sony Pictures Entertainment data theft was behind attacks on South Korean cryptocurrency users and exchanges toward the end of last year, U.S.-based researchers said. Bloomberg, January 16, 2018
Cyber Freedom
Researchers uncover mobile, PC surveillance platform tied to different nation-state actors: The Electronic Frontier Foundation (EFF) and mobile security company Lookout have uncovered a new malware espionage campaign that has targeted activists, journalists, lawyers, military personnel, and enterprises in more than 20 countries in North America, Europe, the Middle East, and Asia. HelpNetSecurity, January 19, 2018
National Cybersecurity
Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes: The CIA has attributed to Russian military hackers a cyberattack that crippled computers in Ukraine last year, an effort to disrupt that country’s financial system amid its ongoing war with separatists loyal to the Kremlin. The Washington Post, January 12, 2018
Cyber Sunshine
Canadian Police Charge Operator of Hacked Password Service Leakedsource.com: Canadian authorities have arrested and charged a 27-year-old Ontario man for allegedly selling billions of stolen passwords online through the now-defunct service Leakedsource.com. KrebsOnSecurity, January 15, 2018
Cryptocurrency
World’s Largest Spam Botnet Is Pumping and Dumping an Obscure Cryptocurrency: Necurs, the world’s largest spam botnet, is currently sending millions of spam emails that push an obscure cryptocurrency named Swisscoin. BleepingComputer, January 17, 2018
Cyber Miscellany
21 states sue FCC to restore net neutrality rules: Twenty-one states and the District of Columbia today kicked off a lawsuit to overturn the Federal Communications Commission’s repeal of net neutrality rules. Advocacy groups are also suing the FCC. ars technica, January 16, 2018