Topic   Web Sites   
   
Phishing Attack Prompts Chase Brexton to Notify Over 16,000 Patients
Overview: "Chase Brexton Health Care has notified 16,000 patients of a possible data breach after bad actors targeted its employees with a phishing attack," Tripwire reports. 
 
Author: David Bisson   Web Site: www.tripwire.com   Date: 10/18/2017
Topics: General Security Awareness

Key Reinstallation Attacks
Overview: "We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted," Mathy Vanhoef revealed in new security research.  
 
Author: Mathy Vanhoef   Web Site: www.krackattacks.com   Date: 10/16/2017
Topics: Network Access Control (NAC), Vulnerability Management

Internal Accenture Data, Customer Information Exposed in Public Amazon S3 Bucket
Overview: "A potentially devastating Amazon S3 bucket exposure left internal Accenture private keys, secret API data and other information publicly available to anyone who could then leverage it to attack the global consulting firm and its clients," Threatpost reports. 
 
Author: Michael Mimoso   Web Site: threatpost.com   Date: 10/11/2017
Topics: Configuration Management, Key Management

PornHub visitors hit with malware attack via poisoned ads
Overview: Visitors of X-rated adult site PornHub were hit with malware dubbed Kovter that was spread via poisoned ads delivered by the Traffic Junky advertising network. As discovered by Proofpoint researchers, victims of the site were duped into installing "critical" updates for their browsers, such as Google Chrome, Firefox and Microsoft Edge/Internet Explorer. Both PornHub and Traffic Junky acted quickly to fix the issue after they were notified.
 
Author: Graham Cluley   Web Site: www.grahamcluley.com   Date: 10/10/2017
Topics: Acceptable Use, Malicious Software Controls

Russian Hackers Exploited Kaspersky Software to Steal NSA Exploits: Report
Overview: "A new report in the Wall Street Journal (WSJ) purports to provide the first evidence that directly ties Russian security firm Kaspersky Lab to the Russian government," SecurityWeek reports. 
 
Author: Kevin Townsend   Web Site: www.securityweek.com   Date: 10/6/2017
Topics: General Security Awareness

Microsoft silently fixes security holes in Windows 10 – dumps Win 7, 8 out in the cold
Overview: "Microsoft is silently patching security bugs in Windows 10, and not immediately rolling out the same updates to Windows 7 and 8, potentially leaving hundreds of millions of computers at risk of attack," The Register reports. 
 
Author: Shaun Nichols   Web Site: www.theregister.co.uk   Date: 10/6/2017
Topics: Vulnerability Management

Malware Fools Users with Fake Document While It Steals Their Passwords
Overview: "A new malware variant lulls victims into a false sense of security with a decoy document while it works on stealing their passwords...This as-of-yet-unnamed infostealer ends up on a user’s machine via VBScript, a scripting language developed by Microsoft," Tripwire reports. 
 
Author: David Bisson   Web Site: www.tripwire.com   Date: 10/5/2017
Topics: Malicious Software Controls, Social Engineering (e.g., phishing)

Sole Equifax security worker at fault for failed patch, says former CEO
Overview: "Recently-and-forcibly-retired Equifax CEO Rick Smith has laid the blame for his credit-check biz's IT security breach on a single member of the company's security team," The Register reports. 
 
Author: Simon Sharwood   Web Site: www.theregister.co.uk   Date: 10/4/2017
Topics: Patch Management, Vulnerability Management

Google to enforce HTTPS on TLDs it controls
Overview: "In its sustained quest to bring encryption to all existing Web sites, Google has announced that it will start enforcing HTTPS for the 45 Top-Level Domains it operates," Help Net Security reports. 
 
Author: Zeljka Zorz   Web Site: www.helpnetsecurity.com   Date: 10/4/2017
Topics: Application Security, Encryption

Health Insurer Sets up Relief Program for Victims of PHI Breach
Overview: "A health insurer has set up a program to provide immediate relief to victims of an incident that disclosed patients’ personal health information (PHI)," Tripwire reports. 
 
Author: David Bisson   Web Site: www.tripwire.com   Date: 10/3/2017
Topics: Data Loss Prevention (DLP), General Security Awareness

Behind the Masq: Yet more DNS, and DHCP, vulnerabilities
Overview: "Our team has previously posted about DNS vulnerabilities and exploits. Lately, we’ve been busy reviewing the security of another DNS software package: Dnsmasq. We are writing this to disclose the issues we found and to publicize the patches in an effort to increase their uptake," Google reports. 
 
Author: Fermin J. Serna, Matt Linton and Kevin Stadmeyer   Web Site: security.googleblog.com   Date: 10/2/2017
Topics: Patch Management, Vulnerability Management

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices
Overview: "Netgear recently issued 50 patches for its routers, switches, NAS devices, and wireless access points to resolve vulnerabilities ranging from remote code execution bugs to authentication bypass flaws," Threatpost reports. 
 
Author: Tom Spring   Web Site: threatpost.com   Date: 10/2/2017
Topics: Network Security, Patch Management, Vulnerability Management

Oral Surgery Center Notifies 128K Patients of Ransomware Attack
Overview: "A medical center offering oral surgery services has notified 128,000 patients of a ransomware attack that might have exposed their information," Tripwire reports. 
 
Author: David Bisson   Web Site: www.tripwire.com   Date: 9/28/2017
Topics: General Security Awareness, Malicious Software Controls

iOS apps can read metadata revealing users' location histories
Overview: "In what looks like an Apple oversight, a developer has discovered that apps can access image metadata and therefore a pretty good history of iThing users' location," The Register reports. 
 
Author: Richard Chirgwin   Web Site: www.theregister.co.uk   Date: 9/28/2017
Topics: Mobile Device Security

An Elaborate ATM Threat Crops Up: Network-based ATM Malware Attacks
Overview: "Attackers have started infecting ATMs with malware through the network. Five distinct incidents of network-based ATM malware attacks have already been reported in the media, and we believe this to be significant because it shows how cybercriminals have had ATMs firmly in their crosshairs," Trend Micro reports. 
 
Author: Trend Micro   Web Site: blog.trendmicro.com   Date: 9/26/2017
Topics: Malicious Software Controls

New BankBot Android Malware Variant Exclusively Targets Google Play
Overview: "A new variant of the BankBot malware family is exclusively targeting Google Play in a bid to steal Android users’ credit card details," Tripwire reports. 
 
Author: David Bisson   Web Site: www.tripwire.com   Date: 9/26/2017
Topics: Malicious Software Controls, Mobile Device Security

Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards
Overview: "Sonic Drive-In, a fast-food chain with nearly 3,600 locations across 45 U.S. states, has acknowledged a breach affecting an unknown number of store payment systems. The ongoing breach may have led to a fire sale on millions of stolen credit and debit card accounts that are now being peddled in shadowy underground cybercrime stores," Brian Krebs reports. 
 
Author: Brian Krebs   Web Site: krebsonsecurity.com   Date: 9/26/2017
Topics: Data Loss Prevention (DLP), General Security Awareness

Equifax chief executive steps down after massive data breach
Overview: "Equifax chairman and chief executive Richard Smith has stepped down from the embattled credit rating agency, effective immediately," ZDNet reports. 
 
Author: Zack Whittaker   Web Site: www.zdnet.com   Date: 9/26/2017
Topics: General Security Awareness

Deloitte: ‘Very Few Clients’ Impacted by Cyber Attack
Overview: "Deloitte, one of the 'big four' global accounting firms, admitted Monday it fell victim to a cyber attack, but downplayed the incident saying it only affected a few of its high profile clients," Threatpost reports. 
 
Author: Chris Brook   Web Site: threatpost.com   Date: 9/25/2017
Topics: Authentication, Password Management System

Adobe accidentally releases private PGP key
Overview: "Last week, Adobe's product security incident response team (PSIRT) accidentally published the private PGP key on the PSIRT blog on Friday, a lesson in what you should never reveal unless you want others to impersonate you," ZDNet reports. 
 
Author: Charlie Osborne   Web Site: www.zdnet.com   Date: 9/25/2017
Topics: Electronic Messaging Security, Encryption

Verizon Engineer Exposes Internal System Data
Overview: "Researchers discovered an unprotected Amazon Web Services (AWS) S3 bucket containing potentially sensitive information associated with a system used internally by Verizon," SecurityWeek reports. 
 
Author: Eduard Kovacs   Web Site: www.securityweek.com   Date: 9/25/2017
Topics: Cloud Computing Security, Configuration Management

All the Ways Equifax Epically Bungled Its Breach Response
Overview: "Three weeks since the company first publicly disclosed the situation, a steady stream of gaffes and revelations paint a picture of Equifax's deeply lacking response to catastrophe," Wired reports. 
 
Author: Lily Hay Newman   Web Site: www.wired.com   Date: 9/24/2017
Topics: General Security Awareness, Incident Management

Spoofed IRS notice delivers RAT through link updating trick
Overview: "The malware delivery trick involving updating links in Word documents is apparently gaining some traction: the latest campaign to use it likely takes the form of fake emails from the Internal Revenue Service (IRS)," Help Net Security reports. 
 
Author: Zeljka Zorz   Web Site: www.helpnetsecurity.com   Date: 9/22/2017
Topics: Malicious Software Controls, Social Engineering (e.g., phishing)

What’s New In Android 8.0 Oreo Security
Overview: "In addition to the many tweaks and new features in Google’s Android 8.0 Oreo operating system introduced last month, the biggest changes are its security enhancements," Threatpost reports. 
 
Author: Tom Spring   Web Site: threatpost.com   Date: 9/22/2017
Topics: Mobile Device Security

1.4 million phishing websites are created every month: Here's who the scammers are pretending to be
Overview: "Criminals are replacing phishing websites every few hours in order to avoid detection - thus allowing them to scam more victims out of personal data," ZDNet reports. 
 
Author: Danny Palmer   Web Site: www.zdnet.com   Date: 9/22/2017
Topics: Social Engineering (e.g., phishing)