Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • SecOps Struggles as Data Breaches and Security Threats Soar

    • Even before the COVID-19 pandemic struck the globe in March, security operation teams were already struggling with a seemingly never-ending series of security alerts, as well as a growing number of sophisticated data breaches and other cyber-threats that can harm an organization.
    • A report finds that the average SecOps team receives an estimated 11,000 alerts a day, but only 47 percent of those surveyed were able to address most or all of these daily alerts.
    • The study also notes that about one-third of all alerts to the SecOps team are false positives, while 28 percent of interviewees admitted that some alerts are ignored since analysts struggle to keep up with the pace.
    • While the obvious answer to the problem of overworked SecOps teams is to hire talented and dedicated analysts, this is sometimes not practical. For one, study after study finds that there are simply not enough skilled cybersecurity workers to fill all the roles that are currently open.
    | October 22, 2020
  • (hak-iq.us20.list-manage.com)
  • Are You One COVID-19 Test Away From a Cybersecurity Disaster?

    • The president of the United States testing positive for COVID-19 reminds us that there is no guarantee any individual will remain virus-free. That's true in Washington, and it's equally true for those managing and running the cybersecurity of our organizations.
    • Every organization should take the news from Washington as an opportunity to ask the "what-if" question and to carry out a cybersecurity resiliency risk assessment.
    • Many companies have chosen to outsource or augment their network and systems monitoring with organizations that bring a team of qualified analysts who can triage security alerts, hunt for threats, and respond as needed on behalf of (or alongside) internal teams.
    • Because they work across many companies, these organizations have substantial experience in dealing with the range of current and emerging threats and bring analytic and intelligence capabilities that only the largest companies could afford.
    - Alan Brill | October 21, 2020
  • (hak-iq.us20.list-manage.com)
  • 2020 Verizon Data Breach Investigations Report: Summary and key findings for security professionals

    • As previous editions have proven, the Verizon Data Breach Report is packed with useful information about the state of affairs of information security. The 2020 edition is no exception.
    • For organizations, including corporate enterprises, the most commonly reported cost of a breach was $32,200; this is an increase from $29,300.
    • In North America, hacking using stolen credentials was the top attack seen, along with social engineering attacks that encourage the use of said stolen credentials coming in second place.
    INFOSEC | October 21, 2020
  • (hak-iq.us20.list-manage.com)
  • Pharma giant Pfizer exposes patient data on unsecured cloud storage

    • The exposed data was found on a misconfigured Google Cloud storage bucket. The data included hundreds of conversations between Pfizer’s automated customer support software and people using its prescription pharmaceutical drugs including Lyrica, Chantix, Viagra and cancer treatments Ibrance and Aromasin.
    • Disturbingly, the data remained exposed online for months after it was first discovered.
    • Researchers reached out to Pfizer twice in July with no response before further attempting to contact the company on Sept. 22. The company finally responded the third time, with the data being taken offline on Sept. 23.
    - Duncan Riley | October 20, 2020
  • (hak-iq.us20.list-manage.com)
  • E-commerce and Data Breaching: The Next Cyberthreat

    • In the United States alone, more than $586 billion was spent in 2019 online, representing a 14% increase over the year before.
    • With COVID-19 currently wreaking havoc on the world, there is increased dependency on the internet. Globally, e-commerce business is expected to reach $4.5 trillion by 2021.
    • Cybercriminals launch millions of attacks on e-commerce websites each year.
    • These attacks target e-commerce sites in order to get customer personal and financial information in order to steal identities or make unauthorized transactions with their payment information.
    - David Lukić | October 20, 2020
  • (hak-iq.us20.list-manage.com)
  • Barnes & Noble Alerted Customers of Data Breach That Leaked Personal and Transaction Information

    • The major bookseller sent an email notifying customers of the cyber attack that exposed their personal information, including transaction history and email addresses.
    • Many customers were locked out of their accounts while point of sale systems became inoperable during the October 10 cyberattack. Barnes & Noble disclosed that it stored personal information on the affected systems and that hackers might have accessed it.
    • The bookseller was alleged to have been running Pulse Secure VPN servers with an unpatched vulnerability CVE-2019-11510, which allows hackers to steal usernames and passwords to infiltrate corporate systems, install ransomware, and exfiltrate data.
    - Alicia Hope | October 20, 2020
  • (hak-iq.us20.list-manage.com)
  • DDoS Attacks Triple in Size as Ransom Demands Re-Emerge

    • The last quarter of 2020 has seen a wave of web application attacks which have used ransom letters to target businesses across a number of industries.
    • The number of attacks per day increase from one million in January of this year to three million in September. “When we look at the specific data points, and look at the last two big spikes, they were both against financial services." - Akamai
    - Dan Raywood | October 19, 2020
  • (hak-iq.us20.list-manage.com)
  • What Are Data Breaches Actually?

    • There was a data breach, and perhaps your identity and other sensitive information is now in the hands of, well, who knows? But what does this actually mean? What is a “data breach”?
    • Some companies store your information in state-of-the-art data centers with multiple backups and extreme security measures – these are the Googles, Microsofts, and Amazons of the world.
    • Alternatively, your data could be stored on a grimy old laptop that’s been repurposed as a web server and lives in someone’s closet. Maybe small niche websites or forums run by amateur web admins.
    • We have to accept that data breaches are a fact of life and deal with them as they happen.
    • There is no such thing as perfect security, and for high-value information, someone will always be motivated to steal it.
    - Sydney Butler | October 19, 2020
  • (hak-iq.us20.list-manage.com)
  • Three Million Credit Cards Harvested and Sold on Joker’s Stash; Dickey’s BBQ Hack Undetected for Over a Year

    • Since about mid-2019, about three million credit card data were siphoned off from over 150 of the chain’s locations and are currently up for sale on dark web marketplace, Joker’s Stash.
    • The hacker selling them is advertising a “valid rate” of 90 to 100%, indicating that Dickey’s has only just become aware of the breach.
    • While there is still no federal data privacy law in the United States, Dickey’s will likely face substantial fines under the California Consumer Privacy Act (CCPA) given that the bulk of the activity was in that state.
    - Scott Ikeda | October 19, 2020
  • (hak-iq.us20.list-manage.com)
  • Report: Iranian Hacking Group Launched Concentrated Attack on Israeli Companies

    • Cyber companies ClearSky Cyber Security and Profero Cyber Security reported Thursday some disturbing findings, detailing Iranian cyberattacks on Israeli companies.
    • The Iranian hacker group, dubbed MuddyWater, used a relatively new tactic in order to penetrate the Israeli companies’ security systems.
    • The hackers used a Shamoon-based malware that has been employed as a cyber weapon by Iranians for years. The most infamous attack was in 2012, when it wiped tens of thousands of computers’ data from the Saudi National Oil Company.
    • Viruses such as Shamoon are characterized as “Wiper” malware, and are designed to erase data that is stored on a computer or computerized infrastructure.
    - Raphael Kahan | October 18, 2020
  • (hak-iq.us20.list-manage.com)