Global Cyber News Digest

National Guard looks to help states help with ransomware response

Source: FCW
By: Lauren C. Williams
Published: August 28, 2019

* The National Guard is contemplating expanding its cybersecurity vulnerability assessment pilot following recent ransomware attacks in Texas and Louisiana.
* The National Guard is running a pilot program with three states -- Hawaii, Washington and Ohio -- with a 10-person cyber mission assurance team checking federal installations for vulnerabilities from reliance on outside utilities, such as electricity and water.

US cyberattack took out Iran's ability to target oil tankers: report

Source: The Hill
By: Maggie Miller
Published: August 28, 2019

* A cyberattack carried out by U.S. Cyber Command against Iran in June severely impacted a database used by Iran to target oil tankers, The New York Times reported Wednesday.
* U.S. Cyber Command targeted a network run by Iran's Revolutionary Guard Corps, Iran's paramilitary forces, that U.S. intelligence reported was involved in an attack on American oil tankers earlier this year.

A ransomware revival leads to 2.2 billion stolen credentials on the dark web in Q1

Source: TechRepublic
By: Jonathan Greig
Published: August 28, 2019

* In a new report, McAfee Labs said cybercriminals were focusing in on attacking weak IoT devices and extracting huge troves of data from large companies.
* The 40-page survey of the security landscape found more than 2.2 billion stolen account credentials were made available on the cybercriminal underground this quarter and hackers had even figured out ways to break into Wi-Fi enabled coffee makers.

Why testing user behaviour is crucial to your cyber security

Source: Information Age
By: FNU LNU
Published: August 28, 2019

* Cyberattacks and security breaches have become so widespread that companies are now spending billions of dollars collectively to deal with these threats.
* No matter how much companies spend on security, their investment can become moot if they fail to address vulnerabilities from within.

More than 180K patients affected by data breach at Presbyterian

Source: Health Data Management
By: Greg Slabodkin
Published: August 28, 2019

* New Mexico's Presbyterian Healthcare Services was the victim of a phishing attack on its email system that affected 183,370 individuals, according to the Department of Health and Human Services breach portal.
* The breach, which occurred around May 9, did not affect Presbyterian's electronic health records or billing systems.

Yes, But Were You Hurt? Another Data Breach Case Dismissed for Lack of Damages

Source: JDSupra
By: Bradley Arant Boult
Published: August 27, 2019

* While a war rages on the issue of standing in data breach cases, the need to prove damages is presenting an even greater hurdle for plaintiffs
* Focusing on damages, both at the pleading stage, through discovery and in motion practice, can pay decided dividends, particularly in cases where damages are frequently evanescent for many in the putative class (e.g., consumer data breach and statutory violation claims), and in cases where damages are likely to be highly variable.

Middle East cyber-espionage is heating up with a new group joining the fold

Source: ZDNet
By: Catalin Cimpanu
Published: August 27, 2019

* The Middle East cyber-espionage scene has gotten a little bit more crowded this month with the discovery of a new hacking group that's been targeting the region since mid-2018.
* In a report published earlier this month, ICS security firm Dragos said that Lyceum (Hexane) had repeatedly targeted oil and gas companies in the Middle East, with "Kuwait as a primary operating region."

Your Ultimate Guide to Cybersecurity: At Home, at Work, and on the Go

Source: International Business Times
By: Staff reporter
Published: August 27, 2019

* People know they should protect their physical valuables with locks and alarms, but when it comes to cybersecurity, most find themselves a little lost.
* Most people will face at least one cyberattack throughout their lives, either at home or at work.

Cybersecurity Firm Imperva Discloses Breach

Source: KrebsonSecurity
By: Krebs
Published: August 27, 2019

* Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users.
* "On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017," wrote Heli Erickson, director of analyst relations at Imperva.

Chrome's new password leak protection alerts you when your login has been hacked

Source: Komando
By: Janet Perez
Published: August 27, 2019

* Americans are not very careful about their passwords. Even with the growing number of large data breaches, it's hard to get people to change their passwords.
* In February, Google released the Chrome Extension Password Checkup. As you log in to a site, the extension automatically scans your passwords as you enter them.
* If it matches an exposed password you'll receive an alert to change it, as well as some suggestions on how to make your new password more secure.