Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Warshipping: Attackers can access corporate networks through the mailroom

    Source: HelpNetSecurity
    By: Zeljka Zorz
    Published: August 7, 2019

    * Most infosecurity professionals have heard of wardialing and wardriving, but what about warshipping?
    * The expression has been coined by IBM X-Force Red researchers to describe a new attack vector, which consists of covertly delivering to the target's premises small devices that can be used to gain access to the home or office wireless network and assets connected to it.

  • (helpnetsecurity.com)
  • Hacker Bribed AT&T Employees to Unlock Millions of Company Phones, DOJ Says

    Source: The Daily Beast
    By: Blake Montgomery
    Published: August 6, 2019

    * A Pakistani man allegedly bribed AT&T employees in a suburb of Seattle with more than $1 million to illegally access 2 million of their company's phones from 2012 to 2017 in a complex reselling scheme, the Justice Department announced Tuesday.
    * "This defendant thought he could safely run his bribery and hacking scheme from overseas, making millions of dollars while he induced young workers to choose greed over ethical conduct," said U.S. Attorney Brian Moran.

  • (news.yahoo.com)
  • DHS warns of potential cyber scams tied to El Paso, Dayton shootings

    Source: The Hill
    By: Maggie Miller
    Published: August 6, 2019

    * The Department of Homeland Security (DHS) on Tuesday warned internet users to watch out for potential "malicious cyber activity" that seeks to take advantage of the shootings over the weekend in El Paso, Texas, and Dayton, Ohio.
    * Specifically, DHS's Cybersecurity and Infrastructure Security Agency (CISA) recommended that users should "exercise caution" in opening emails or email attachments that refer to either of the shooting incidents, which together led to the deaths of more than 30 people and to dozens of injuries.
    * CISA noted that these emails and attachments could direct users to malware-infected websites.

  • (thehill.com)
  • Online skimming: An emerging threat that requires urgent awareness and attention

    Source: HelpNetSecurity
    By: FNU LNU
    Published: August 6, 2019

    * A growing threat that all merchants and service providers should be aware of is web-based or online skimming. These attacks infect e-commerce websites with malicious code, known as sniffers or JavaScript (JS) sniffers and are very difficult to detect, according to PCI Security Standards Council and the Retail & Hospitality ISAC. * Once a website is infected, payment card information is =93skimmed=94 during a transaction without the merchant or consumer being aware that the information has been compromised.

  • (helpnetsecurity.com)
  • Murfreesboro City Water Department's Bill Payment Website Hacked by Iranian Hackers

    Source: CyWare
    By: Ryan Stewart
    Published: August 5, 2019

    * Murfreesboro City's payment website for the water and sewage department has been hacked.
    * The compromised webpage displayed an image of the Iranian flag and the Guy Fawkes mask. A message below the image says "Hacked by Iranian Hackers" and "Hacked by Mamad Warning."

  • (cyware.com)
  • We've, um, changed our password policy, says CafePress amid reports of 23m pwned accounts

    Source: The Register
    By: Gareth Corfield
    Published: August 5, 2019

    * Twee T-shirts 'n' merch purveyor CafePress had 23 million user records swiped · reportedly back in February · and this morning triggered a mass password reset, calling it a change in internal policy. * Details of the security breach emerged when infosec researcher Troy Hunt's Have I Been Pwned service · which lists websites known to have been hacked, allowing people to check if their information has been stolen · began firing out emails to affected people in the small hours of this morning. * According to HIBP, a grand total of 23,205,290 CafePress customers' data was swiped by miscreants, including email addresses, names, phone numbers, and physical addresses.

  • (theregister.co.uk)
  • 1 · 8chan, a nexus of radicalization, explained

    Source: VOX
    By: Emily Stewart
    Published: August 5, 2019

    * The platform is a dark, toxic corner of the internet. * On August 4, a 21-year-old man opened fire at an El Paso, Texas, Walmart, killing 22 people and injuring at least two dozen others. * The incident appears to have an eerie similarity with shootings at a San Diego synagogue in April and two mosques in Christchurch, New Zealand, in March: The shooters were spending time in the same dark corner of the internet, specifically, a site called 8chan =97 a notoriously difficult-to-police forum. But the El Paso shooting may finally change that.

  • (vox.com)
  • Ransomware criminals now setting their sights on data backups

    Source: CSO
    By: Theo Hourmouzis
    Published: August 5, 2019

    * Ransomware gained widespread attention in 2017 when criminals used the WannaCry variant to infect more than 200,000 computers across some 150 countries. The impact on victims was disastrous.
    * Rather than being content to infest and disable production environments, actors have shifted their sights to data backups. The logic is that most established businesses will have a data backup strategy in place and, if the criminals can also lockup these backups, the chances that a ransom will have to be paid is significantly higher.

  • (cso.com.au)
  • Online sneaker marketplace failed to come clean about 6.8M record data breach

    Source: The Next Web
    By: Ravie Lakshmanan
    Published: August 5, 2019

    * StockX - a popular online marketplace for sneakerheads and streetwear aficionados to trade apparel - is the latest company to fall victim to a massive data breach affecting millions of its users.
    * As if that wasn't bad enough, TechCrunch reported over the weekend that the incident happened almost three months ago, in May.

  • (thenextweb.com)
  • US utilities targeted with spear-phishing emails impersonating engineering licensing board

    Source: HelpNetSecurity
    By: Zelijka Zorz
    Published: August 2, 2019

    * If you worked in a US company in the utilities sector and received an email notification telling you that you've failed your =93Fundamentals of Engineering=94 NCEES exam, would you download the attached Word file to check what's up? Would you do it even if you know that you took no such exam? * The emails were made to look like they were sent by the US National Council of Examiners for Engineering and Surveying (NCEES), an engineering licensing board, and from a domain that looks like it could belong to the organization (nceess[.]com). * But it doesn't, and the attacked Word file uses macros to install and run malware a remote access Trojan (RAT) module and a proxy mechanism used for C&C communication.

  • (helpnetsecurity.com)