15-06-202117-06-2021

Security daily (16-06-2021)

Encrypt global data client-side with AWS KMS multi-Region keys

Today, AWS Key Management Service (AWS KMS) is introducing multi-Region keys, a new capability that lets you replicate keys from one Amazon Web Services (AWS) Region into another. Multi-Region keys are designed to simplify management of client-side encryption when your encrypted data has to be copied into other Regions for disaster recovery or is replicated […] (AWS Security Blog)

As vaccine passports morph into digital IDs, privacy advocates want to know that user data is protected

Tech companies and global organizations have championed health passes, sometimes known as vaccine passports, as a means to securely reopen businesses and borders as COVID-19 cases drop and vaccination rates rise. The technology is meant to serve as a secure way to prove vaccination without someone needing to present a physical vaccine card or other documentation. For instance, instead of checking a customer’s vaccine card, a business or airline could simply scan a QR code that provides verification based on uploaded medical records. The European Union, Israel, Japan and Singapore have all embraced vaccine passports to an extent to help reopen their borders. Several states including New York and soon California have embraced verification technology. A growing number of states, including Arizona, Florida, and Georgia have banned requiring them. Some opponents of the technology have raised concerns that vaccine passports are an unnecessary replacement for paper, and could disadvantage individuals […] The post As vaccine passports morph into digital IDs, privacy advocates want to know that user data is protected appeared first on CyberScoop. (CyberScoop)

Biden says he gave Putin list of 16 sectors that should be off-limits to hacking

President Joe Biden said he gave Russian President Vladimir Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be the subject of malicious cyber activity during a meeting between the two men in Geneva on Wednesday. The two heads of state also agreed to task cybersecurity experts from each government “to work on specific understandings about what’s off-limits and to follow up on specific [cyber incidents] that originate in either of our countries,” Biden said at press conference after a roughly three-hour meeting with Putin. “I talked about the proposition that certain critical infrastructure should be off-limits to attack, period, by cyber or any other means,” Biden said. A White House official said Biden was referring to 16 critical infrastructure sectors designated by the U.S. government. In addition to energy and water, that list includes election systems, health care and the financial sector. The […] The post Biden says he gave Putin list of 16 sectors that should be off-limits to hacking appeared first on CyberScoop. (CyberScoop)

Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents

For the last six years, hackers have stalked Iranian dissidents with spying tools that mimic the software those dissidents use to protect their communications, security firm Kaspersky said Wednesday. Researchers from Kaspersky and other firms only recently pieced together the activity, showing the limits of the cyber industry’s knowledge of Tehran-linked hacking against those who often bear the brunt of it: Iranian citizens. While Kaspersky researchers did not attribute the hacking to the Iranian government, FireEye, another security firm, said it suspected the hackers were affiliated with Tehran. The findings are consistent with a surveillance dragnet that Iranian authorities have used to jail and beat protesters who challenge the regime. Iranian security services killed 304 people in a 2019 crackdown, according to Amnesty International. The hackers, Kaspersky said, have sent their targets malware-laced images and videos claiming to be from prisoners in Iran. When opened, the malicious documents hijack users’ […] The post Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents appeared first on CyberScoop. (CyberScoop)

DOJ didn't ask for Russia's help tracking down Colonial Pipeline hackers, senior official says

The U.S. Justice Department did not ask Russian law enforcement for help in tracking down the perpetrators of the Colonial Pipeline ransomware attack because Moscow’s history of harboring cybercriminals essentially makes it a waste of time, according to a senior department official. “I think we’ve reached the stage, today, where there’s very little point in doing so,” said John Demers, the assistant attorney general for national security. “We have made those requests in the past.” The Russian government is “not just tolerating this,” Demers said at CyberTalks, presented by CyberScoop. “They’re actively getting in the way of U.S. law enforcement efforts to combat this type of hacking,” he added, referring to previous Russian efforts to block U.S. requests to extradite accused hackers from other countries. The remarks were pre-recorded on June 3. The Justice Department did not answer follow-up questions about possible Russian cooperation in the weeks since. The Russian […] The post DOJ didn't ask for Russia's help tracking down Colonial Pipeline hackers, senior official says appeared first on CyberScoop. (CyberScoop)

NSA cyber director discusses US response, approach to apparent espionage operation

When Russia’s Foreign Intelligence Service staged a sweeping espionage campaign targeting hundreds of U.S. companies and federal government agencies last year, it was a private sector cybersecurity firm that first uncovered the operation, not the U.S. government. Lawmakers have asked in recent weeks why the U.S. intelligence community appears to have gaps in its visibility into foreign hacking, and whether the National Security Agency needs new surveillance authorities. But the NSA’s cybersecurity director, Rob Joyce, suggested that that may not be the best solution. “Inside the U.S. you would expect us to have the best tools and capabilities, but instead what we’re finding — in General Nakasone’s words — is we don’t even see the dots, let alone connect the dots,” Joyce said at CyberTalks, a summit presented by CyberScoop. The NSA Cybersecurity Directorate, which Joyce leads, is responsible for preventing and eradicating threats from foreign hackers targeting U.S. entities. […] The post NSA cyber director discusses US response, approach to apparent espionage operation appeared first on CyberScoop. (CyberScoop)

Clop ransomware suspects busted in Ukraine, money and motors seized

Victims in South Korea and the USA, suspects busted in Ukraine. (Naked Security)

Digital Ad Industry Accused Of Huge Data Breach

(News ≈ Packet Storm)

Peloton Bike+ Was Vulnerable To Remote Hacking, Researchers Find

(News ≈ Packet Storm)

Police Bust Major Ransomware Gang Cl0p

(News ≈ Packet Storm)

Nasty Linux systemd Root Level Security Bug Revealed And Patched

(News ≈ Packet Storm)

Facebook Awards $30,000 Bounty For Exploit Exposing Private Instagram Content

(News ≈ Packet Storm)

Malware Attack on South Korean Entities Was Work of Andariel Group

A malware campaign targeting South Korean entities that came to light earlier this year has been attributed to a North Korean nation-state hacking group called Andariel, once again indicating that Lazarus attackers are following the trends and their arsenal is in constant development. "The way Windows commands and their options were used in this campaign is almost identical to previous Andariel (The Hacker News)

Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets

As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets. "Ransomware operators often buy access from independent cybercriminal groups who infiltrate major (The Hacker News)

Critical ThroughTek Flaw Opens Millions of Connected Cameras to Eavesdropping

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday issued an advisory regarding a critical software supply-chain flaw impacting ThroughTek's software development kit (SDK) that could be abused by an adversary to gain improper access to audio and video streams. "Successful exploitation of this vulnerability could permit unauthorized access to sensitive information, such (The Hacker News)

Instagram‌ ‌Bug Allowed Anyone to View Private Accounts Without Following Them

Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow them. "This bug could have allowed a malicious user to view targeted media on Instagram," security researcher Mayur Fartade said in a Medium post today. "An attacker could have been able to see details of private/archived posts, stories, reels, IGTV without (The Hacker News)

IKEA Fined $1.2M for Elaborate ‘Spying System’

A French court fined the furniture giant for illegal surveillance on 400 customers and staff. (Threatpost)

Exclusive Ransomware Poll: 80% of Victims Don’t Pay Up

Meanwhile, in a separate survey, 80 percent of organizations that paid the ransom said they were hit by a second attack. (Threatpost)

Takeaways from the Colonial Pipeline Ransomware Attack

Hank Schless, senior manager of security solutions at Lookout, notes basic steps that organizations can take to protect themselves as ransomware gangs get smarter. (Threatpost)

Euros-Driven Football Fever Nets Dumb Passwords

The top easy-to-crack, football-inspired password in a database of 1 billion unique, clear-text, breached passwords? You probably guessed it: "Football." (Threatpost)

15-06-202117-06-2021

/security-daily/ 17-06-2021 23:44:22