Security daily (29-10-2020)

AWS extends its MTCS Level 3 certification scope to cover United States Regions

We’re excited to announce the completion of the Multi-Tier Cloud Security (MTCS) Level 3 triennial certification in September 2020. The scope was expanded to cover the United States Amazon Web Services (AWS) Regions, excluding AWS GovCloud (US) Regions, in addition to Singapore and Seoul. AWS was the first cloud service provider (CSP) to attain the […] (AWS Security Blog)

Health sector mobilizes defenses following Ryuk ransomware warning

A day after U.S. federal agencies warned of an “imminent” ransomware threat to hospitals, it’s an all-hands-on deck mentality for a health sector already strained by the coronavirus pandemic. Private threat briefings are being held for hospital executives, federal officials are appealing for more data on the cybercriminals and hospitals are hardening their computer networks. The defensive measures follow an advisory Wednesday from the FBI and departments of Homeland Security and Health and Human Services that cybercriminals were deploying Ryuk ransomware to disrupt IT networks and extort hospitals. It was a stark warning, even for a health care sector accustomed to pandemic-era cyberattacks: Medical organizations are being singled out by capable crooks. While the federal agencies did not name victim organizations, the announcement coincided with suspected ransomware attacks this week on hospitals in New York, Oregon and Vermont, and perhaps other states. The American Hospital Association, which includes 5,000 health […] The post Health sector mobilizes defenses following Ryuk ransomware warning appeared first on CyberScoop. (CyberScoop)

Don't let election-themed misinformation fool you. Here's what to watch out for.

Whether it’s Russian trolls or verified Twitter accounts spreading disinformation during the current political moment almost is besides the point. Four years after Russian operatives aimed to influence the 2016 election in favor of President Donald Trump by spreading lies on social media, a large range of groups, lawmakers and influential political voices have been amplifying false claims in to boost their own political goals ahead of the 2020 elections. U.S. voters are bombarded with misinformation prior to Election Day in the form of social media posts, text messages, robocalls and tweets from President Trump and his campaign staffers. There’s also been threatening emails traced to Iran, and recent reports of how a Russian agent sought to sway political opinion in the U.S. While many could feel a sense of whiplash from the onslaught of manufactured narratives, academics and social scientists are advising Americans to be careful, and fact-check claims about the election, voting processes, and any political candidate, particularly if the allegations […] The post Don't let election-themed misinformation fool you. Here's what to watch out for. appeared first on CyberScoop. (CyberScoop)

Wisconsin Republicans say last minute hack cost party $2 million meant to reelect Trump

Less than a week before Election Day in a vital swing state, Wisconsin Republicans said on Thursday that hackers made off with $2.3 million devoted to reelecting President Donald Trump. The Republican Party of Wisconsin said it first detected the attack on Oct. 22, then notified the FBI the following day about doctored invoices in the names of its vendors. “Cybercriminals, using a sophisticated phishing attack, stole funds intended for the re-election of President Trump, altered invoices and committed wire fraud,” the party’s chairman, Andrew Hitt, said in a statement. “These criminals exhibited a level of familiarity with state party operations at the end of the campaign to commit this crime.” It’s common for hacking victims to claim they were the victims of “sophisticated” attacks, whether the attacks were rudimentary or not. Hitt and a party spokesperson did not immediately respond to questions seeking further details, including any evidence the […] The post Wisconsin Republicans say last minute hack cost party $2 million meant to reelect Trump appeared first on CyberScoop. (CyberScoop)

Why the extortion of Vastaamo matters far beyond Finland — and how cyber pros are responding

Even for veterans of cybercriminal investigations, the recent extortion of a psychotherapy practice in Finland has been unusual — and disturbing. Rather than sticking only to the common tactic of trying to shake down a breached organization, the attackers who stole tens of thousands of patient records from Vastaamo also demanded ransoms from individual people. In doing so, the thieves have been leveraging some of the most sensitive medical data imaginable, and making it difficult for victims to respond collectively. “Therapeutic notes are at a different level of privacy problems,” said Mikko Hypponen, chief research officer at Finnish cybersecurity company F-Secure. “I know of a handful of cases where patients were blackmailed for their health data, but those were much smaller breaches. There’s never been a crime in Finland with so many victims as in this one.” While the incident has rocked Finland, prompting an emergency government meeting and costing Vastaamo’s CEO his job, […] The post Why the extortion of Vastaamo matters far beyond Finland — and how cyber pros are responding appeared first on CyberScoop. (CyberScoop)

FBI “ransomware warning” for healthcare is a warning for everyone!

The US government has warned of a ransomware escalation against the healthcare sector. BUT THAT DOESN'T MEAN THE REST OF US CAN RELAX! (Naked Security)

Buer Loader “malware-as-a-service” joins Emotet for ransomware delivery

A relative newcomer in the "malware-as-a-service" scene is starting to attract the big-money ransomware criminals. (Naked Security)

Learn How to Write & Deliver High-Quality Software with This Bootcamp

Frequent readers of Null Byte are no strangers to the basic elements of app and web development. Whether you're a seasoned programmer who works extensively on front-end designs or an aspiring app-builder who's working on expanding your portfolio, you're likely familiar with at least a few go-to programming languages and platforms that are popular within your field.

But if you want to be a truly successful developer in today's ultra-competitive work environment, you're going to need to know more than just a few programming languages and tools.

The Complete Developer Bootcamp will round out... more (Null Byte « WonderHowTo)

How The Pandemic Is Reshaping The Bug Bounty Landscape

(News ≈ Packet Storm)

Researchers Extract Secret Key Used To Encrypt Intel CPU Code

(News ≈ Packet Storm)

FBI Warns Ransomware Attackers Planning Big Hit On Hospitals

(News ≈ Packet Storm)

Facebook Sued Over Cambridge Analytica Data Scandal

(News ≈ Packet Storm)

Hacker Changed Florida Governor's Address In Voter Registration Database

(News ≈ Packet Storm)

NSA Admits They Learned Their Lesson After Foreign Spies Use Their Crypto Backdoor

(News ≈ Packet Storm)

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems (CMS). The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for popular CMS platforms such as WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, (The Hacker News)

How to Run Google SERP API Without Constantly Changing Proxy Servers

You've probably run into a major problem when trying to scrape Google search results. Web scraping tools allow you to extract information from a web page. Companies and coders from across the world use them to download Google's SERP data. And they work well – for a little while. After several scrapes, Google's automated security system kicks in. Then it kicks you out. The standard was to bypass (The Hacker News)

NVIDIA Patches Critical Bug in High-Performance Servers

NVIDIA said a high-severity information-disclosure bug impacting its DGX A100 server line wouldn't be patched until early 2021. (Threatpost)

Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals

Amid an uptick in attacks on healthcare orgs, malware families, Kegtap, Singlemalt and Winekey are being used to deliver the Ryuk ransomware to already strained systems. (Threatpost)

University Email Hijacking Attacks Push Phishing, Malware

Attackers are compromising email accounts from popular universities, including Purdue and Oxford, to launch attacks that get around DMARC and SPF. (Threatpost)


/security-daily/ 30-10-2020 23:44:25