Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • 5 Reasons Why Web Security Is Important to Avoid Ransomware
    1. Ransomware Is a Result of Attack Escalation
    2. Web Attacks Are Used to Spread Ransomware
    3. Move to Cloud Means that More Criminals Aim for the Cloud
    4. Organizations Do Not Report Attack Details
    5. Media Focuses on the Problem, Not the Solution
    - Tomasz Andrzej Nidecki | November 9, 2020
  • (hak-iq.us20.list-manage.com)
  • Cyber threat: Avoiding the phishing net

    • According to Verizon’s 2018 Data Breach Investigations Report, email is the number one vector used for 92.5% of malware distribution and 96% of phishing attacks.
    • Ever since the occurrence of the Covid-19, cybercriminals have been launching phishing email attacks to exploit the pandemic fear for their malicious gain. Within the span of the first four months of 2020, 18 million Covid-19 phishing emails were blocked by Gmail every day. In addition to that, in one week, 240 million Covid-19 spam emails were blocked on a daily basis.
    • According to a Threat Report, around 1.5 million new phishing websites are created every month.
    • Secure outbound mail flow with email authentication protocols like DMARC, SPF and DKIM. It further protects the email domain against spoofing and other email-based attacks.
    - Pavan Kushwaha | November 9, 2020
  • (hak-iq.us20.list-manage.com)
  • Case for Identity and Access Management

    • On average, five hours every week was spent just managing user passwords, a 25 per cent increase from the results gathered in a similar survey in 2019.
    • Not surprisingly many respondents (45 per cent) expressed frustration at the time spent managing passwords. Of greater concern, however, was users forgetting their passwords and using the same password across multiple applications.
    • Many businesses use Microsoft Active Directory (AD) to manage their users. It is the single source of truth about who works at a company, the things they need to access and their permission levels.
    • Many people use the same password for multiple online services. If one of these is compromised the hackers gain access to, potentially, millions of email address and password combinations that they can use try and gain access to other services, including corporate resources.
    • This article appears to be an advertisement for LastPass. My goal was/is to get us thinking about IAM, not necessarily LastPass.
    - Tony Kirkby | November 9, 2020
  • (hak-iq.us20.list-manage.com)
  • Data breach at BigBasket hits 20 mn users’ privacy

    • Online grocer Bigbasket may have suffered a massive data breach following which details of more than 20 million users may have been leaked on the dark web.
    • Bigbasket.com, which is run by Innovative Retail Concepts Pvt Ltd, is one of India’s largest online food and grocery store and is valued at $2 billion.
    • Bigbasket has a robust information security framework that employs best-in-class resources and technologies to manage information, it said. “We will continue to proactively engage with best-in-class information security experts to strengthen this further," it said.
    • The online retailer has more than 18,000 products and 1,000 brands in its catalogue and services customers in more than 20 cities across India.
    - Sharan Poovanna | November 9, 2020
  • (hak-iq.us20.list-manage.com)
  • DDoS attacks fell by 73% in Q3 of 2020, says Kaspersky

    • The analysis of commands received from command and control servers also demonstrates this decline, said a DDoS Protection report from Kaspersky, adding that despite the overall stabilization of the DDoS market during the year, the quarter still saw a year-on-year rise, and the year’s highest number of attacks in a single day, totalling 323.
    • In Q3 2020, the company said that it detected 73 per cent fewer attacks than in the previous quarter. However, compared to the same period in 2019, this figure has seen a one-and-a-half times year-on-year increase.
    • This means that the decline observed during Q3 can mostly be explained by the abnormal rise of attacks in the second quarter.
    | November 5, 2020
  • (hak-iq.us20.list-manage.com)
  • Cyber-attack concerns behind Norfolk canceling virtual classes on Monday

    • Worries about a potential cyber-attack forced Norfolk Public Schools to cancel virtual classes earlier this week.
    • The school district initially said that virtual classes were canceled Monday due to a "computer network outage" and that it would resume on Wednesday.
    • In a new statement, an NPS spokesperson clarified that the reason for the outage was that they recently got word from Microsoft recently about cyber-attacks in the region that could affect schools.
    • The IT department disconnected everything just as a precaution, and canceled class on Monday.
    | November 5, 2020
  • (hak-iq.us20.list-manage.com)
  • Capcom hacked. Resident Evil game developer discloses cyber attack

    • The maker of such well-known video games as “Resident Evil” and “Street Fighter” disclosed in a short press release that in the early hours of Monday some of its networks “experienced issues” that affected access to email and file servers.
    • In response, the company has shut down some of its systems. However, in what must be a big relief to fans of Capcom video games, the attack is said not to have affected players’ online access to the firm’s video games and websites.
    • Even if no customer information has been stolen from Capcom’s internal servers and email accounts, there might have been other sensitive data stolen – such as intellectual property from the video game developer, or details of the firm’s plans for future video game releases.
    • Presently it is unclear how long it will take Capcom to return to its normal operations.
    - Graham Clueley | November 5, 2020
  • (hak-iq.us20.list-manage.com)
  • How to deal with the escalating phishing threat

    • For attackers, it’s almost a no-brainer: phishing is cheap and humans are fallible, even after going through anti-phishing training.
    • When something gets through and someone clicks on a malicious URL, defenders must be able to simultaneously block the attack and show the victim what the phisher was attempting to do.
    • Most CISOs assume phishing is a corporate email problem and their current line of defense is adequate, but they are wrong.
    • “You’ve got to take a comprehensive, multi-layer phishing defense approach outside the firewall, where your biggest user population is working remotely, and inside the firewall for your internal users. You need to protect mobile devices and PC/Mac endpoints, with end-to-end encryption (E2EE) deployed.”
    • “You also have to be mindful of corporate users’ personal side as their personal and business lives have converged, and many people use the same devices and same credentials across personal and business accounts."
    - Zeljka Zorj | November 4, 2020
  • (hak-iq.us20.list-manage.com)
  • Polls close on Election Day with no apparent cyber interference

    • After years of planning and worry, polls closed on Election Day 2020 without the country's having seen any substantial public cyberattack.
    • It's impossible to state for sure how much the lack of an apparent cyberattack was due to successful planning, a lack of a serious attempt from a dedicated adversary or pre-emptive cyberattacks from U.S. Cyber Command.
    • While polls appeared to have closed without a major hitch, CISA cautioned that the window for hackers to affect the perception of the election's integrity could be open for weeks.
    - Kevin Collier | November 3, 2020
  • (hak-iq.us20.list-manage.com)
  • California’s Proposition 24 – CCPA 2.0 Meets the California GDPR
    • Proposition 24 is known as the California Privacy Rights Act of 2020 (CPRA). It is on the ballot in California on November 3, and if it passes it will amend and expand certain provisions of the California Consumer Privacy Act (CCPA).
    • Two provisions in particular are very GDPR-like; specifically, the creation of the California Privacy Protection Agency (CPPA), which will become the regulator charged with implementing and enforcing both the CCPA and CPRA, and the expanded definition of sensitive personal information.
    • CPRA creates a new category of data, similar to GDPR, for sensitive personal information.
    • The CPRA requires businesses that sell or share personal information to provide notice to consumers and a separate link to the “Do Not Sell or Share My Personal Information” webpage and a separate link to the “Limit the Use of My Sensitive Personal Information” webpage or a single link to both choices.
    • The CPRA triples the fines set forth in CCPA for collecting and selling children’s private information and requires opt-in consent to sell personal information of consumers under the age of 16.
    • The CPRA expands the consumer’s private right of action to include a breach of a consumer’s email address and password/security question and answer.
    • The above is NOT ALL INCLUSIVE.
    JDSUPRA | October 30, 2020
  • (hak-iq.us20.list-manage.com)