Tuesday, January 28, 2020
Internet Storm Center Infocon Status

LATEST

DtSR Podcast

DtSR Episode 380 – Gadi Tells It Like It Is

Welcome to episode 380 of the DtSR Podcast. We have a special treat for you this episode, with long-time friend Gadi Evron, and he holds nothing back in his start discussion of our industry. We virtually guarantee this will...
SANS ISC

ISC StormCast for Tuesday, January 28th 2020

Coronavirus Preparedness and Associated Scamshttps://isc.sans.edu/forums/diary/Network+Security+Perspective+on+Coronavirus+Preparedness/25750/ RD Gateway RCE Exploit Demoedhttps://twitter.com/layle_ctf/status/1221514332049113095?s=12
ZDNet

DEF CON China conference put on hold due to coronavirus outbreak

DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
The Register

Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates

We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma  More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...

Average Ransomware Payments More Than Doubled in Q4 2019

Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
The Security Ledger

Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable

Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...
Reduce Cyber Risk

RCR 062: Understanding Asset Ownership (Domain 2) – CISSP Study and Training!

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training...

Good news! Maryland bill would make ransomware… a crime.

Enlarge / Sure, this will work. (credit: onathan Newton / The Washington Post via Getty Images) Remember last May, when Baltimore City was brought to a standstill by ransomware? Hot on the heels of that—in fact, the same...
SC Magazine

Tampa Bay Times hit by Ryuk, new variant of stealer aimed at gov’t, finance

On the heels of a Ryuk ransomware attack on the Tampa Bay Times, researchers reported a new variant of the Ryuk stealer being aimed at government, financial and law enforcement targets. The Times attack didn’t result in a breach, noted...
TechRepublic

Risk managers: Here are the must-have skills for 2020

The risk management field is growing more challenging as threats evolve. How will these changing threats affect your organization in 2020?

Magecart-related arrests made in Indonesia

Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger...
The CyberWire Podcast

A cyber espionage campaign is to use DNS hijacking. More observations on l’affaire Bezos. Operation Night Fury versus e-commerce hackers. Farewell to Clayton Christensen.

Someone has been running a DNS hijacking campaign against governments in southeast Europe and southwest Asia, and Reuters thinks that someone looks like Turkey. Experts would like to see a more thorough forensic analysis of Mr. Bezos’ iPhone: that...
SC Magazine

Pre-Olympics cybersecurity exercise kicks off in Tokyo

A three-day cybersecurity wargame began today in Tokyo in preparation for the upcoming Olympic Summer Games. This particular exercise has 140 workers from 58 critical infrastructure firms defend against malware attacks that attempt to disrupt devices used for telecommuting, according to the Nippon News...

Who Watches The Watchers: Privacy Abuse By Security Vendors

Antivirus companies have to unequivocally not be in the data brokering business. Buyer beware in the wake of AVAST being discovered selling privacy-related data: there’s no such thing as a free lunch. If the product or service is free,...
SC Magazine

Bill seeks to reform NSA surveillance, aiming at Section 215, FISA process

Congress took on dual issues of Fourth Amendment and privacy rights in a bill meant to reform the Patriot Act to end the authority of NSA’s phone recording program, as well as, reform the FISA process, addressing the problems...
ZDNet

Hackers hijack Twitter accounts for Chicago Bears and Green Bay Packers

OurMine hacking crew returns after two years of inactivity.
The Register

Google halts paid-for Chrome extension updates amid fraud surge: Web Store in lockdown ‘due to the scale of abuse’

Meanwhile, probe reveals how Avast's 'anonymized' user data can be, er, deanonymized On Saturday, Google temporarily disabled the ability to publish paid Chrome apps, extensions, and themes in the Chrome Web Store due to a surge in fraud.…
SecurityWeek

Rui Pinto: Hacker Who Targeted Football and Angola’s ‘Princess’

Prosecutors in Portugal have denounced him as a criminal hacker, but his supporters describe the man behind the "Luanda Leaks" revelations as a public interest whistleblower. read more
SecurityWeek

Attacks on ADC Ramp Up as Citrix Releases Remaining Patches

Citrix has released the full set of patches for the recently disclosed security flaw tracked as CVE-2019-19781, but attacks on vulnerable systems are ramping up. read more
SC Magazine

Three Magecart operatives arrested in Indonesia

Several members of a group allegedly behind hundreds of Magecart-style attacks were arrested last month in Indonesia as the result of an international law enforcement operation. Interpol’s ASEAN Cyber Capability Desk and the Indonesian National Police just announced late last...
SecurityWeek

German Privacy Watchdog Investigates Clothing Retailer H&M

A German privacy watchdog says it has opened an investigation into clothing retailer H&M amid evidence that the Swedish retailer had committed “massive data protection breaches” by spying on its customer service representatives in Germany. read more

Ransomware Strikes Again: Using Peacetime To Prepare For Crisis

Ransomware victims go offline and suffer. No one should be blamed for being targeted; it’s time to prepare in peacetime for future crisis with cold, methodical planning and insight. Businesses need to get ready now, so their future selves...
Brian Krebs

Russian Cybercrime Boss Burkov Pleads Guilty

Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive...
Bruce Schneier

Modern Mass Surveillance: Identify, Correlate, Discriminate

Communities across the United States are starting to ban facial recognition technologies. In May of last year, San Francisco banned facial recognition; the neighboring city of Oakland soon followed, as did Somerville and Brookline in Massachusetts (a statewide ban...
The Register

Maryland: Make malware possession a crime! Yes, yes, researchers get a free pass

Hardened cybercrooks must be shaking in their boots A US state that was struck by a ransomware attack last year is now proposing a local law that would ban possession of malicious software.…
603FollowersFollow

LEADERS

Brian Krebs

Russian Cybercrime Boss Burkov Pleads Guilty

Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive...
Bruce Schneier

Modern Mass Surveillance: Identify, Correlate, Discriminate

Communities across the United States are starting to ban facial recognition technologies. In May of last year, San Francisco banned facial recognition; the neighboring city of Oakland soon followed, as did Somerville and Brookline in Massachusetts (a statewide ban...
Graham Cluley

A Magecart hacking gang may have been caught by police for the first ever time

Police in Indonesia, working alongside Interpol, have arrested three men suspected of being part of a gang engaged in Magecart attacks that skimmed payment card information from online shoppers.
Graham Cluley

Microsoft’s Internet Explorer zero-day workaround is breaking printers

Microsoft’s workaround for an unpatched vulnerability that is being exploited in targeted attacks by hackers appears to be breaking printers.
Bruce Schneier

Smartphone Election in Washington State

This year: King County voters will be able to use their name and birthdate to log in to a Web portal through the Internet browser on their phones, says Bryan Finney, the CEO of Democracy Live, the Seattle-based voting company...