WyzGuys Tech Talk

A quick Saturday digest of cybersecurity news articles from other sources.

Shock Treatment: First Disruptive Cyber Attack Hits the U.S. Power Grid 

Firewalls crashing, communications lost, and the realization that this was not a technology failure of the U.S. power grid. It was a first-of-its-kind cyber-attack that reveals the risks of our increasingly connected infrastructure. The North American Electric Reliability Corporation (NERC) revealed details of the new type of attack in a four-page “Lesson Learned” document. Here is what we know. The power grid attack happened during March 2019, in the western United States. Operators at a power control center started losing communication with “multiple remote power generation sites” for minutes at a time. Operators determined the problem: for some reason, internet-facing firewalls were rebooting and going offline.

Vulnerabilities Exploited in Multiple VPN Applications

Original release date: October 4, 2019

The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Alert for more information and to review the following security advisories and apply the necessary updates:

• Palo Alto Security Advisory PAN-SA-2019-0020
• FortiGuard Security Advisory FG-IR-18-384
• FortiGuard Security Advisory FG-IR-18-388
• FortiGuard Security Advisory FG-IR-18-389
• Pulse Secure Security Advisory SA44101

IC3 Issues Alert on Ransomware

Original release date: October 4, 2019

The Internet Crime Complaint Center (IC3) has released an alert on ransomware threats to U.S. businesses and organizations. Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. Cyber criminals often infect organizations with ransomware through email phishing campaigns or exploiting vulnerabilities in software or Remote Desktop Protocol (RDP).

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the IC3 Alert and CISA’s resource page on ransomware for more information on protecting against and responding to ransomware.

NCSC Releases Fact Sheet on DNS Monitoring

Original release date: October 4, 2019

The Dutch National Cyber Security Centre (NCSC) has released a fact sheet on the increasing difficulty of Domain Name System (DNS) monitoring. NCSC warns that although modernization of transport protocols is helpful, it also makes it more difficult to monitor or modify DNS requests. These changes could render an organization’s security controls ineffective.

The Cybersecurity and Infrastructure Security Agency (CISA) recommends users and administrators review the Dutch NCSC fact sheet on DNS monitoring for additional information and recommendations.

NCSAM – Buying a new laptop? Here’s how to secure it

Getting the basics right gives you a lot of protection. Here’s how.  A great tutorial for the new laptop owner.

Google’s Password Manager now checks for breached credentials

Google has taken the next step in its strategy to secure users’ passwords. The search giant has taken a password-checking feature released in February as an extension to its Chrome browser and embedded it directly into its password manager service.

The Top Five Cyber Risks for Children

This post provides the foundation of cyber literacy and cybersecurity children should know to make educated decisions when they go online.  To protect our children, we teach them not to speak to strangers and to look both ways before crossing the street. But do we actively teach them how to protect themselves online?  All month long, we are celebrating National Cybersecurity Awareness Month (NCSAM), to help improve digital safety. If you’re looking to bolster your cybersecurity.