Topic   Web Sites   
South Korean Cryptocurrency Exchange Loses $32M in Heist
Overview: "A South Korean cryptocurrency exchange suffered a heist in which thieves made off with approximately $32 million in stolen assets," Tripwire reports. 
Author: David Bisson   Web Site:   Date: 6/20/2018
Topics: General Security Awareness

Apple Removes iPhone USB Access Feature, Blocking Out Hackers, Law Enforcement
Overview: "Apple said an upcoming iOS software update will remove the infamous iPhone USB access feature, blocking out both hackers – and law enforcement – from accessing a locked phones’ data via the device port," Threatpost reports. 
Author: Lindsey O'Donnell   Web Site:   Date: 6/14/2018
Topics: Mobile Device Security

FBI announces arrest of 74 email fraudsters
Overview: "The US Justice Department on Monday announced the arrest of 74 individuals, including 42 in the US, for their involvement in 'business email compromise' (BEC) schemes designed to steal money and valuable information from both businesses and individuals," ZDNet reports. 
Author: Stephanie Condon   Web Site:   Date: 6/11/2018
Topics: Electronic Messaging Security, General Security Awareness

Unprotected Server Exposes Weight Watchers Internal IT Infrastructure
Overview: "A critical server for popular weight-loss service Weight Watchers was left unprotected, allowing researchers to take a bite out of dozens of exposed S3 buckets containing company data and AWS access keys...Researchers at Kromtech Security said that they discovered a Weight Watchers Kubernetes administration console earlier this month that was accessible over the Internet – without any password protection," Threatpost reports. 
Author: Lindsey O'Donnell   Web Site:   Date: 6/11/2018
Topics: Cloud Computing Security, Configuration Management

South Korean Cryptocurrency Exchange Coinrail Confirms Hacking Attempt
Overview: "South Korean cryptocurrency exchange Coinrail said it’s cooperating with law enforcement after suffering a hacking attempt," Tripwire reports. 
Author: David Bisson   Web Site:   Date: 6/11/2018
Topics: General Security Awareness

Password reset flaw at internet giant Frontier allowed account takeovers
Overview: "A bug in how cable and internet giant Frontier reset account passwords allowed anyone to take over user accounts," ZDNet reports. 
Author: Zack Whittaker   Web Site:   Date: 6/9/2018
Topics: Authentication, Password Management System

Atlanta Ransomware Attack Wiped Out Years of Police Dashcam Footage
Overview: "A ransomware attack targeting the city of Atlanta wiped out years of dashcam footage generated by the Atlanta Police Department," Tripwire reports. 
Author: David Bisson   Web Site:   Date: 6/5/2018
Topics: Malicious Software Controls

Ex-CEO on TalkTalk mega breach: It woz 'old shed' legacy tech wot done it
Overview: "Infosec Europe Baroness Dido Harding, former chief exec of Brit telco TalkTalk, warned other business leaders of the dangers posed by legacy tech in the opening keynote of the Infosecurity Europe conference," The Register reports. 
Author: John Leyden   Web Site:   Date: 6/5/2018
Topics: Configuration Management, Vulnerability Management

Researchers Warn of Microsoft Zero-Day RCE Bug
Overview: "Researchers have discovered a medium-severity Windows vulnerability that enables remote attackers to execute arbitrary code – and Microsoft hasn’t issued a patch yet," Threatpost reports. 
Author: Lindsey O'Donnell   Web Site:   Date: 6/1/2018
Topics: Vulnerability Management

Hoax alert! Starbucks is NOT inviting you to test its shatterproof windows
Overview: "According to a hoax post that’s been making the rounds on Facebook and anarchist forums such as, Starbucks is installing new shatterproof windows that scientists have been working on for the past three years," Naked Security reports.
Author: Lisa Vaas   Web Site:   Date: 5/31/2018
Topics: Social Engineering (e.g., phishing)

ISP popped router ports, saving customers the trouble of making themselves hackable
Overview: "Singaporean broadband users were left vulnerable to attackers after their ISP opened remote access ports on their modems and forgot to close them...The discovery was made by NewSky Security researcher Ankit Anubhav, who used Shodan to scan for SingTel routers open on port 10,000 – the default Network Data Management Protocol TCP/UDP port," The Register reports. 
Author: Richard Chirgwin   Web Site:   Date: 5/29/2018
Topics: Configuration Management, Network Security

Facebook now supports 2FA via authenticator apps
Overview: "Facebook has good news for users who wish to secure their accounts with two-factor authentication but aren’t comfortable sharing their phone number with the social network: there’s now an option to use authenticator apps to receive the second authentication factor," Help Net Security reports. 
Author: Zeljka Zorz   Web Site:   Date: 5/29/2018
Topics: Access Control, Authentication

Google will force Android OEMs to push out security patches regularly
Overview: "Android P, the ninth major version of the widely-used mobile OS, is expected to be released later this year," Help Net Security reports. 
Author: Zeljka Zorz   Web Site:   Date: 5/18/2018
Topics: Mobile Device Security

CIA’s “Vault 7” mega-leak was an inside job, claims FBI
Overview: "The US government has named a suspect – a former CIA employee who worked in a group that designs surveillance tools – in last year’s leak of a huge cache of the agency’s cyber weapons," Naked Security reports. 
Author: Lisa Vaas   Web Site:   Date: 5/17/2018
Topics: General Security Awareness

Hackers siphon hundreds of millions of pesos out of Mexican banks through shadow transactions
Overview: "A software vulnerability is suspected of being to blame for a hack through which criminals transfer more than 300 million pesos (over US $15 million) out of Mexican banks...Officials from Mexico’s central bank confirmed to Reuters that a series of 'irregular' and unauthorised interbank money transfers involving large sums of money were detected late last month," Tripwire reports. 
Author: Graham Cluley   Web Site:   Date: 5/17/2018
Topics: Data Loss Prevention (DLP), General Security Awareness

Accused 'Dark Overlord' hacker arrested in Serbia
Overview: "Serbian police announced Wednesday they had arrested a man who is accused of having ties to the hacking syndicate known as 'The Dark Overlord,'" CyberScoop reports. 
Author: Patrick Howell O'Neill   Web Site:   Date: 5/17/2018
Topics: General Security Awareness

UPnP joins the 'just turn it off on consumer devices, already' club
Overview:  "Universal Plug 'n' Play, that eternal feast of the black-hat, has been identified as helping to amplify denial-of-service attacks...Researchers at Imperva looked into misbehaving UPnP implementations after spotting odd attack traffic while analysing a Simple Service Discovery Protocol (SSDP, an Internet proposal absorbed into UPnP) amplification attack during April 2018," The Register reports.
Author: Richard Chirgwin   Web Site:   Date: 5/16/2018
Topics: Network Security

Chili’s Restaurants Suffered Payment Card Data Security Incident
Overview: "Some Chili’s restaurant locations suffered a data security incident that might have compromised customers’ payment card details...Brinker International, a Dallas-based multinational hospitality industry company which operates 1,600 Chili’s restaurants, said it learned of the incident on 11 May," Tripwire reports. 
Author: David Bisson   Web Site:   Date: 5/14/2018
Topics: Data Loss Prevention (DLP)

Samsung Patches Six Critical Bugs in Flagship Handsets
Overview: "Samsung began rolling out patches over the weekend to fix six critical bugs found in its flagship Android handsets as part of its May patch bulletin. Flaws range from a remote code execution bug to a buffer overflow vulnerability, plus a peek-and-poke command bug that leaves memory locations open on targeted devices," Threatpost reports. 
Author: Tom Spring   Web Site:   Date: 5/14/2018
Topics: Mobile Device Security, Patch Management

PoS Malware ‘TreasureHunter’ Source Code Leaked
Overview: "Source code for the point-of-sale malware called TreasureHunter has been leaked, according to researchers who said the release offers them unique insights into the malware, but also gives them pause as they brace for expected variants," Threatpost reports. 
Author: Tom Spring   Web Site:   Date: 5/10/2018
Topics: Malicious Software Controls

Half a million pacemakers need a security patch
Overview: "The US Food and Drug Administration (FDA) last month approved a firmware patch for pacemakers made by Abbott’s (formerly St Jude Medical) that are vulnerable to cybersecurity attacks and which are at risk of sudden battery loss," Naked Security reports. 
Author: Lisa Vaas   Web Site:   Date: 5/4/2018
Topics: Patch Management, Vulnerability Management

Facebook announces “Clear History” privacy tool
Overview: "Facebook has announced new products and redesigns of old ones during its annual F8 developer conference, as well as changes meant to reassure users that the company is doing something about user privacy and about controlling the negative effects its products have on various aspects of society," Help Net Security reports. 
Author: Zeljka Zorz   Web Site:   Date: 5/2/2018
Topics: Data Privacy

Massachusetts school district caves to ransomware demand, pays $10,000
Overview: "The Leominster, Mass., school district found itself compelled to pay a $10,000 ransom after the district was hit with ransomware," SC Magazine reports. 
Author: Doug Olenick   Web Site:   Date: 5/1/2018
Topics: Malicious Software Controls

London Police Launch New Cybersecurity Initiative for Local Businesses
Overview: "The City of London police introduced a new initiative on Monday aimed at helping local businesses defend themselves against cyber threats.Called Cyber Griffin, the initiative is based around three key deliverables, including free-of-charge threat briefings, incident response exercises and advisory groups," Tripwire reports. 
Author: Maritza Santillan   Web Site:   Date: 5/1/2018
Topics: Incident Management, Security Awareness and Training

Legitimate Application AnyDesk Bundled with New Ransomware Variant
Overview: "We recently discovered a new ransomware (Detected as RANSOM_BLACKHEART.THDBCAH), which drops and executes the legitimate tool known as AnyDesk alongside its malicious payload," Trend Micro reports. 
Author: Trend Micro   Web Site:   Date: 5/1/2018
Topics: Malicious Software Controls