Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Will APIs be the gateway to effective cyber attacks in 2021?

    • Global organizations are struggling to maintain consistent application security across multiple platforms, and they are also losing visibility with the emergence of new architectures and the adoption of APIs.
    • Nearly 40 percent of organizations surveyed reported that more than one-half of their applications are exposed to the Internet or third-party services via APIs.
    • Bot management is also a major concern because enterprises are not prepared to properly manage bot traffic.
    • The most common Bot attack is denial-of-service, taking different shapes.
    • Denial-of-service at the application layer is frequently in the form of HTTP/S floods.
    | January 21, 2021
    hak-iq.us20.list-manage.comJanuary 21, 2021

  • Ransomware is now the biggest cybersecurity concern for CISOs

    • Almost half – 46% – of CSOs and CISOs surveyed said that ransomware or other forms of extortion by outsiders represents the biggest cybersecurity threat.
    • A significant percentage of organisations will pay the ransom – which can amount to millions of dollars – because they perceive it as the quickest means of restoring the network and the least amount of further disruption to the business. And it's because these ransoms are paid that ransomware remains so appealing – and lucrative – for cybercriminals.
    • Some of the other cyberattacks that CISOs consider the to be the biggest threats this year include cloud account compromise, insider threats, phishing and business email compromise attacks.
    • In addition to training and awareness schemes, organisations can help protect against ransomware and other attacks by applying security patches when they're released, preventing hackers from exploiting known vulnerabilities.
    • Using additional protection like two-factor authentication across the organisation can also help prevent damaging attacks by making it much harder for hackers to move around the network, even if they've got the correct credentials.
    - Danny Palmer | January 21, 2021
    hak-iq.us20.list-manage.comJanuary 21, 2021

  • The Cyber Risks Of Non-Compliance

    • There are a host of measures that businesses need to consider when ensuring their IT systems are compliant. These include keeping software up to date such as operating systems, maintaining the best practice security and firewall measures, meeting the requirements of industry specific measures such as the Payment Card Industry Data Security Standard (PCI DSS) or the General Data Protection Regulation (GDPR), and accounting for local and regional government regulations.
    • Non-compliance across any aspect of an IT system can leave it vulnerable to a cyber-attack.
    • Not only can cyber-attacks result in massive financial cost to a business in terms of fines from regulatory bodies, such as a £20m fine in the case of British Airways failing to protect the personal details of more than 400,000 of its customers, but it can also be detrimental in a much wider sense depending on the industry. For example, for organisations that are part of extensive supply chains or providing systems to other businesses, a single cyber-attack can prove significant across organisations that rely on partners and third-party software.
    • The pandemic, in combination with rapidly changing regulations, gives organisations even greater reason to utilise tools to discover and combat non-compliance and lean on the right expertise to ensure updated systems are in place.
    - Mat Clothier | January 21, 2021
    hak-iq.us20.list-manage.comJanuary 21, 2021

  • US spinal care practice among first to issue healthcare data breach warning in 2021

    • Precision Spine Care, a Texas-based spinal care center, has warned of a potential data breach after an unauthorized individual gained remote access to an employee’s email account in an attempt to fraudulently divert funds from the organization.
    • While the healthcare organization said the attacker’s attempt to defraud the company was unsuccessful, a subsequent investigation led to the discovery that “personal information within the email account… could have been accessed”.
    • A filing on the US Department of Health and Human Services’ breach portal indicates that just over 20,000 individuals are potentially impacted.
    - James Walker | January 20, 2021
    hak-iq.us20.list-manage.comJanuary 20, 2021

  • Malwarebytes said it was hacked by the same group who breached SolarWinds

    • Malwarebytes said its intrusion is not related to the SolarWinds supply chain incident since the company doesn't use any of SolarWinds software in its internal network.
    • Malwarebytes said it learned of the intrusion from the Microsoft Security Response Center (MSRC) on December 15, which detected suspicious activity coming from the dormant Office 365 security app.
    • At the time, Microsoft was auditing its Office 365 and Azure infrastructures for signs of malicious apps created by the SolarWinds hackers, also known in cyber-security circles as UNC2452 or Dark Halo.
    • Malwarebytes becomes the fourth major security vendor targeted by the UNC2452/Dark Halo threat actor, which US officials have linked to a Russian government cyber-espionage operation.
    • Previously targeted companies include FireEye, Microsoft, and CrowdStrike.
    - Catalin Cimpanu | January 19, 2021
    hak-iq.us20.list-manage.comJanuary 19, 2021

  • COVID-19 Vaccine Data Manipulated Before Leak to Impair Public Trust

    • The hackers who stole COVID-19 vaccine data belonging to Pfizer and BioNTech from the European Medicines Agency (EMA), a regulatory agency, and leaked the information online in December, first manipulated the exfiltrated data beforehand to undermine public trust in the vaccine.
    • The highly targeted attack struck on December 9, which gave the attackers access to some documents tied to the regulatory submission for the impacted pharmaceutical companies that were stored on the compromised server.
    • Pfizer and BioNTech were awaiting final approval for their vaccine, which was issued temporary authorization for emergency use in the UK on December 2.
    • The latest update revealed the stolen and altered data included internal, confidential email correspondence from November that were tied to the evaluation processes for COVID-19 vaccines.
    • Federal agencies have repeatedly warned that hackers are actively, and successfully, targeting healthcare organizations tasked with the COVID-19 response for these exact purposes. Nation-state actors have also targeted healthcare employees in an effort to gain access to valuable COVID-19 data.
    - Jessica Davis | January 19, 2021
    hak-iq.us20.list-manage.comJanuary 19, 2021

  • Biden inauguration: How security threats and Covid have changed ceremony

    • In some ways, the inauguration will be much the same as previous ones - Mr Biden will take the oath of office on the steps of the Capitol and then make his way to the White House.
    • But with the event happening just two weeks after supporters of President Donald Trump stormed the Capitol - and coming amid a global pandemic - there will be lots of differences.
    • Here's a look at what measures have been put into place to deal with heightened concerns about security and Covid-19:
      • US troops descend on DC
      • Travel restrictions stepped up
      • Road closures as DC is locked down
      • Ceremony the same, but different
      • Deep cleaning the White House
    | January 18, 2021
    hak-iq.us20.list-manage.comJanuary 18, 2021

  • OpenWRT reports data breach after hacker gained access to forum admin account

    • The maintainers of OpenWRT, an open-source project that provides free and customizable firmware for home routers, have disclosed a security breach that took place over the weekend.
    • "It is not known how the account was accessed: the account had a good password, but did not have two-factor authentication enabled."
    • No passwords were included in the downloaded data, but citing an "abundance of caution," OpenWRT administrators have reset all forum user passwords and API keys.
    • OpenWRT admins said that only forum user data appears to have been compromised for now. The OpenWRT wiki, which provides official download links and information about how users could install the firmware on various proprietary router models, was not breached, based on current evidence.
    - Catalin Cimpanu | January 18, 2021
    hak-iq.us20.list-manage.comJanuary 18, 2021

  • Biden-Harris American Rescue Plan includes more than $10b in cyber, IT funds

    • The American Rescue Plan also includes plans to modernize federal information technology to protect against future cyberattacks. 
      • "The recent cybersecurity breaches of federal government data systems underscore the importance and urgency of strengthening U.S. cybersecurity capabilities," says the plan, which will attempt to launch "the most ambitious" to modernize and secure federal IT and network by:
        • Expanding and improving the Technology Modernization Fund
        • Surging cybersecurity technology and engineering expert hiring
        • Building shared, secure services to drive transformational projects
        • Improving security monitoring and incident response activities
    • The $200 million allocated for hiring experts to support the federal Chief Information Security Officer and U.S. Digital Service could definitely attract new talent into the public sector.
    - Maria Henriquez | January 18, 2021
    hak-iq.us20.list-manage.comJanuary 18, 2021

  • MAS announces new rules in Singapore after SolarWinds cyber attack exposes firms around the world

    • All financial services and e-payment firms in Singapore must, from Monday (Jan 18), follow a new set of central banking rules to better mitigate technology risks in the wake of a recent cyber attack which impacted organisations around the world.
    • The Monetary Authority of Singapore (MAS) now requires all financial institutions to assess the suppliers of their technology vendors.
    • In a typical assessment, suppliers may be asked to prove that their software source code is rigorously tested and they do not use unsafe programming practices. Suppliers may also be asked to reveal their security measures and how often they monitor cyber risks.
    • Risks through the use of open application programming interface (API), a code that lets different applications talk to one another, are also addressed in the newly updated TRM rules.
    • Banks have used APIs to automatically share foreign exchange rates, for example. This has allowed many external developers to build currency conversion apps using the data.
    • Under the revised TRM rules, financial services firms must vet entities that access their APIs by looking at the nature of their business, cyber security posture, industry reputation and track record.
    • They must also secure the development of the APIs and encrypt sensitive data transmitted to prevent leaks or hackers injecting malicious codes in the APIs.
    - Irene Tham | January 18, 2021
    hak-iq.us20.list-manage.comJanuary 18, 2021

451 A Street, Suite 500
San Diego, CA 92101

[email protected]

CONNECT WITH US

Linkedin Twitter

Cyber Center of Excellence is a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all.

JOIN US
Linkedin Twitter
Cyber Center of Excellence | Privacy Policy  |  Terms & Conditions
Linkedin Twitter
Privacy Policy  |  Terms & Conditions
© 2024 Cyber Center of Excellence