Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Microsoft Windows vulnerability BlueKeep could bring the new WannaCry, so are you safe?

    Source: ABC News
    By: Elise Thomas
    Published: July 8, 2019
    * While Australians were sleeping, someone on the other side of the world opened an email attachment. That was all it took. * The virus was indiscriminate, hitting everything from French car manufacturers and German railways to Russian banks, from ATMs in India and hospitals in the UK to a mall in Singapore, causing billions of dollars of damage globally.
  • (abc.net.au)
  • INM data breach was not for cost-cutting exercise

    Source: Irish Times
    By: Charlie Taylor
    Published: July 8, 2019
    * Deloitte inquiry concludes data interrogation was not for reason claimed by Leslie Buckley * The alleged data breach at Independent News & Media, in which thousands of emails from journalists, senior staff and advisers were accessed, was not carried out for the reasons originally claimed by the publisher, a new report has found.
  • (irishtimes.com)

    Source: Wired
    By: Andy Greenberg
    Published: July 7, 2019
    * In many modern hacking operations, the difference comes down to atechnique known as 'credential dumping.'
    * The term refers to any means of extracting, or 'dumping,' userauthentication credentials like usernames and passwords from a victimcomputer, so that they can be used to reenter that computer at will andreach other computers on the network.
  • (wired.com)
  • Even UK's Largest Police Forensics Contractor Isn't Safe From Ransomware

    Source: Uber Gizmo
    By: Adnan Farooqui
    Published: July 7, 2019
    * We have been reading about towns in Florida being attacked by ransomware recently. Hackers use this malware to lock down the town's data and don't give it back until a ransom is paid in bitcoin. * The very same thing has happened to Eurofins Scientific, the United Kingdom's largest police forensics lab contractor. It has also paid a ransom to hackers in order to regain access to its data which had been encrypted by the ransomware.
  • (ubergizmo.com)
  • 7-Eleven Japan's weak app security led to a $500,000 customer loss

    Source: Engadget
    By: Mariella Moon
    Published: July 6, 2019
    * 7-Eleven Japan's mobile payment app had such poor securitymeasures, the company had to shut it down just a couple of days after itsrelease.
    * In an announcement explaining the issue, the company admittedthat hackers were able to break into 900 users' accounts and to charge 55million yen ($507,000) in illegal purchases to their debit and credit cardson file within that period, from July 1st when the 7pay app rolled out toJuly 3rd when the service was shut down.
  • (engadget.com)
  • UCSD doctor resigns amid questions about undisclosed Chinese businesses

    Source: iNewsSource
    By: Brian Stauffer
    Published: July 6, 2019

    * A renowned UCSD eye doctor who is part of a Chinese recruitment program under FBI scrutiny has resigned amid inewsource's questions about his foreign government affiliations and businesses.
    * Kang Zhang, the former chief of eye genetics at the UCSD Shiley Eye Institute, is a member of the Thousand Talents Program, which the FBI says incentivizes scientists to illegally take intellectual property developed at U.S. universities to China. The purpose, authorities say, is to advance the country's 'scientific, economic, and military development goals.'

  • (inewsource.org)
  • Man Gets Prison For DDoSing Steam, EA, Microsoft, Sony, Nintendo, DOTA2, Riot Games

    Source: Fossbytes
    By: Aditya Tiwari
    Published: July 5, 2019
    * In one of its kind acts, a Utah-based man named Austin Thompson(23) is going to prison for launching DDoS attacks on servers of variousgaming companies.
    * The hacker, who goes by the online moniker DerpTrolling,compromised the servers of Microsoft Xbox, Sony Play Station, Quake Live,DOTA2, League of Legends, and Steam between December 2013 and January 2014.
  • (fossbytes.com)
  • What the ransomware attack debate is missing

    Source: The Hill
    Published: July 5, 2019
    * High-profile attacks against Atlanta, Baltimore and now RivieraBeach, Lake City and Key Biscayne in Florida expose the challengesgovernors, mayors and local leaders confront in deciding whether to pay aransom to cyber criminals to regain control of their data.
    * Arguments have been made that no government official should pay aransom (Atlanta), that the federal government is to blame for allowingcyber attack tools to be stolen and released on the internet (Baltimore),and that paying a ransom is the only option (Riviera Beach).
  • (thehill.com)
  • Incident Of The Week: Dominion National Finds Evidence of Data Breach Nearly a Decade Later

    Source: Cyber Security Hub
    By: Kayla Matthews
    Published: July 5, 2019
    * In late April 2019, Dominion National investigated an internalalert with the assistance of an outside cybersecurity firm.
    * The results showed that unauthorized parties could have hadaccess to some of the companies servers since August 25, 2010.
  • (cshub.com)
  • House bill targets use of Pentagon networks for child pornography

    Source: The Hill
    By: Maggie Miller
    Published: July 2, 2019
    * The End National Defense Network Abuse (END Network Abuse) wasintroduced in the wake of in an investigation called 'Project Flicker'carried out by U.S. Immigration and Customs Enforcement.
    * This investigation identified over 5,000 individuals, includingmany affiliated with DOD, who were subscribed to child porn websites.
  • (thehill.com)