Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • UN probing 30 North Korean cyber attacks in 17 countries

    Source: The Straits Times
    By: FNU LNU
    Published: August 14, 2019

    * UN experts say they are investigating at least 30 instances in 17 countries of North Koreans using cyber attacks to raise money for weapons of mass destruction programmes - and they are also calling for sanctions against ships providing petrol and diesel to the isolated country.
    * Last week, The Associated Press (AP) quoted a summary of a report from the experts which said North Korea illegally acquired as much as US$2 billion (S$2.77 billion) from its increasingly sophisticated cyber activities against financial institutions and cryptocurrency exchanges.

  • Security warning for software developers: You are now prime targets for phishing attacks

    Source: ZDNet
    By: Danny Palmer
    Published: August 13, 2019

    * Cybercriminals targeting the technology industry commonly direct their phishing campaigns at software developers
    * Software developers are the people most targeted by hackers conducting cyberattacks against the technology industry, with the hackers taking advantage of the public profiles of individuals working in the high-turnover industry to help conduct their phishing campaigns.

  • Recent Phishing Attack on ProtonMail Accounts of Bellingcat Journalists Linked to Russia

    Source: CPO Magazine
    By: Scott Ikeda
    Published: August 13, 2019

    * Investigative news outlet Bellingcat has focused much of its eight years of work on high-level government controversies and cover-ups, particularly on issues in Russia in the past two years.
    * It would appear that someone in the country has taken an interest in them.
    * The ProtonMail email accounts of several Bellingcat journalists were targeted by a phishing campaign, which was ultimately not successful but provided leads that indicate Russian hacking groups backed by the government were involved.

  • Cybercriminals sell nearly 7 Million User credentials from recent StockX data breach

    Source: CyWare
    By: Ryan Stewart
    Published: August 12, 2019

    * The database contained personal information including user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords.
    * The stolen user accounts came from a StockX data breach that occurred in July 2019.

  • State Farm Hit by Data Breach

    Source: AutoBody News
    By: Bethan Moorcraft
    Published: August 12, 2019

    * State Farm · the largest property and casualty insurance provider in the US - has been compromised in a credential stuffing attack. * The firm acknowledged the cyberattack, filing a data breach notification with the California Attorney General, and on Wednesday, Aug. 7, it sent out =93Notice of Data Breach=94 emails to users whose online account log-in credentials were obtained by a bad actor.

  • Automakers warm up to friendly hackers at cybersecurity conference

    Source: Reuters
    By: Tina Bellon
    Published: August 11, 2019

    * At a conference where hackers can try their hand at picking locks and discover cyber vulnerabilities in a makeshift hospital, they can also endeavor to break into the control units of cars and take over driving functions.
    * Those efforts at the DEF CON security convention in Las Vegas this weekend are sponsored by carmakers and suppliers that have increasingly recognized the need to collaborate with so-called white hat hackers - cyber experts who specialize in discovering vulnerabilities to help organizations.

  • Teen Tells DEF CON How He Hacked Millions of Student Records From Popular Education Software

    Source: Gizmodo
    By: Alyse Stanley
    Published: August 10, 2019

    * "Hello from Bill Demirkapi :)" read the message sent to thousands of parents, students, and teachers in his school district after the aforementioned teenager hacked his school's education software.
    * During Demirkapi's freshman year, a mixture of boredom and aimless ambition led him to start investigating the companies' interfaces.

  • Anatomy of an attack: How Coinbase was targeted with emails booby-trapped with Firefox zero-days

    Source: The Register
    By: Thomas Claburn
    Published: August 9, 2019

    * Coinbase chief information security officer Philip Martin this week published an incident report covering the recent attack on the cryptocurrency exchange, revealing a phishing campaign of surprising sophistication.
    * "Stage one of this attack first identified the operating system and browser, and displayed a convincing error to macOS users who were not currently using Firefox, instructing them to install the latest version from Mozilla," Martin wrote. "After visiting the page in Firefox, the exploit code was delivered from a separate domain, analyticsfit[.]com, which was registered on May 28."

  • Hackers launch phishing attack disguised as DocuSign document

    Source: TechRadar.pro
    By: Anthony Spadafora
    Published: August 9, 2019

    * Cybercriminals use fake DocuSign email to phish for credentials
    * The Cofense Phishing Defense Center has identified a new wave of phishing attacks, disguised as an email from DocuSign.

  • Ransomware attackers have gone from 'spray and pray' to 'slayin' prey'

    Source: The Register
    By: Shaun Nichols
    Published: August 8, 2019

    * Black Hat Ransomware infections may be down, but only because attackers are getting better at targeting them. * Overall, the numbers would show that ransomware numbers have fallen. After peaking at more than 5.7 million total detections in August of 2018, just over 3 million attacks by lockup malware were detected in June 2019. * This is not, however, because criminals are losing interest in using ransomware. Rather, they are getting a much better return from fewer attempts on higher-value targets: namely, enterprises.