Global Cyber News Digest

Iranian hackers resume credential-stealing phishing attacks against universities around the world

Source: ZDNet
By: Danny Palmer
Published: September 11, 2019

* Over 60 universities in the US, the UK, Australia and more have been targeted by the Colbalt Dickens hacking group in attacks attempting to steal research and intellectual property.
* Dubbed Colbalt Dickens, the campaign was initially detailed in August last year, with researchers at Secureworks blaming cyberattacks targeting universities in 14 countries on a hacking group linked to the Iranian government.
* The purpose of the attacks is to steal intellectual property, which can either be exploited or sold on for profit.

Remembering Those Lost 18 Years Ago on 9/11

Source: NY Times
By: James Barron
Published: September 11, 2019

* Once more, families gathered at ground zero, where nearly 3,000 people died on that bright September morning. Once more, there was an outpouring of grief. Once more, there was the sound of a bell tolling in mourning. And there was the rhythm of names being recited.
* At 8:46 a.m. on Wednesday, the time when the first plane slammed into the north tower, there was a moment of silence, the first of six marking the strikes at the trade center and the Pentagon, and the plane crash in Shanksville, Pa., as well as the collapse of the twin towers in a blizzard of toxic dust and flaming debris. Bagpipers played "America the Beautiful."

Email hack sends strange message to students

Source: Marquette Wire
By: Natallie St. Onge
Published: September 10, 2019

* Marquette students were puzzled Tuesday afternoon when a new message appeared in their inboxes.
* The sender was another Marquette student, claiming their aunt recently moved to the area. The aunt was offering $350 weekly for students interested in pet sitting her dogs.

Data Is the New Copper

Source: Dark Reading
By: Shuman Ghosemajumder
Published: September 10, 2019

* Data breaches fuel a complex cybercriminal ecosystem, similar to copper thefts after the financial crisis.
* After the mortgage crisis, as buildings were left abandoned, thieves stole copper wiring and piping. The copper could then be sold for $3 a pound to buyers willing to not ask questions about where it came from.

Risks of being unprepared for a cyber attack

Source: TheBusinessDesk.com
By: Kayley Worsley
Published: September 10, 2019

* Experts in cyber security across have highlighted the potential risks a data breach caused by a cyber attack to a business, including costly business down time, fines from the Information Commissioners Office (ICO) and reputational damage.
* "It is not whether you suffer a data breach, but when you do. Then, how will it be reported in the tabloid or industry press? How will you be able to reassure your customers, clients, supply chain? Can you retain trust that you are a company that can keep personal data safe, who will do the right thing?"

Uninstall These 24 Android Apps Infected with New 'Joker' Malware

Source: LifeHacker
By: David Murphy
Published: September 9, 2019

* Another day, another batch of Android apps that made it into the Google Play Store-accumulating hundreds of thousands of downloads-with some sneaky malware embedded in their code.
* This time around, the malware is called "Joker."

Texas Refuses to Pay $2.5M in Massive Ransomware Attack

Source: Dark Reading
By: FNU LNU
Published: September 9, 2019

* The ransomware campaign affected 22 local governments, none of which have paid the attackers' $2.5 million ransom demand.
* The state of Texas is so far refusing to comply with the demands of a ransomware attack that affected 22 local governments, the Texas Department of Information Resources (DIR) reports.
* None of the affected municipalities have paid the $2.5 million ransom demanded.

Wikipedia and World of Warcraft Classic targeted by DDoS attacks

Source: Security Boulevard
By: Graham Cluley
Published: September 9, 2019

* According to the Wikimedia Foundation, nonprofit charitable organization behind Wikipedia, the site was hit with a malicious attack that made the site inaccessible from several countries for intermittent periods.
* Players of World of Warcraft Classic found they had difficulties connecting to the game's servers after they too were impacted by a DDoS attack.

Secret Service Investigates Breach at U.S. Govt IT Contractor

Source: KrebsonSecurity
By: Brian Krebs
Published: September 9, 2019

* The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground.
* In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S. government IT contractor that does business with more than 20 federal agencies, including several branches of the military.
* The seller bragged that he had access to email correspondence and credentials needed to view databases of the client agencies, and set the opening price at six bitcoins (~USD $60,000).

Newsletter: Consumers would be more forgiving of data breaches if companies just came clean

Source: LA Times
By: David Lazarus
Published: September 9, 2019

* Ninety percent of survey respondents said they'd be more forgiving of a company or organization that responded to a breach in a prompt and transparent manner. Conversely, two-thirds of respondents said they'd stop doing business with a company that dithered in the face of a security lapse.
* A California law set to take effect in January will allow state residents to find out what kinds of information a business has collected. The Consumer Privacy Act also permits customers to request that a company delete any personal information it holds.