Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


8 Shopping Tips for the Holiday Season

November 2019 Volume 14 Issue 11

From the desk of Thomas F. Duffy, MS-ISAC Chair

It’s that time of year again, holiday shopping has begun! Everyone is looking for those unique gifts, hot toys and cool electronics. Whether it is a hard-to-find toy for kids or the latest 4K smart TV. Black Friday sales seldom fail to pique the interests of even the most casual shoppers. Yet even after the chaos of Black Friday lies both Small Business Saturday and Cyber Monday. While it’s clear that businesses are after your dollars during the holidays, you should be aware that cyber-criminals are on the lookout, too.

When it comes to holiday shopping, you need to be careful that you don’t fall prey to these criminals. Here are some tips to following for your holiday shopping: read more…


FBI urges businesses to use biometric factors to mitigate multi-factor authentication risk

The FBI Cyber Task Force recently issued a Private Industry Notice on how businesses can deal with vulnerabilities tied to token and phone-based multi-factor authentication methods.


NSA and NCSC Release Joint Advisory on Turla Group Activity

Original release date: October 21, 2019

The National Security Agency (NSA) and the United Kingdom National Cyber Security Centre (NCSC) have released a joint advisory on advanced persistent threat (APT) group Turla—widely reported to be Russian. The advisory provides an update to NCSC’s January 2018 report on Turla’s use of the malicious Neuron, Nautilus, and Snake tools to steal sensitive data. Additionally, the advisory states that Turla has compromised—and is currently leveraging—an Iranian APT group’s infrastructure and resources, which include the Neuron and Nautilus tools.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information:
•    NSA Advisory Turla Group Exploits Iranian APT To Expand Coverage Of Victims
•    UK NCSC Advisory Turla group exploits Iranian APT to expand coverage of victims
•    January 2018 UK NCSC Report Turla Group Malware


Video: How a Teenager From Idaho Invented TV

In 1921, radio ruled the airwaves and TV was a distant dream no one could turn into reality. Enter a scarily smart teenage sharecropper named Philo Farnsworth. (5:14)


Russia vs Olympics

Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center (MSTIC) routinely tracks malicious activity originating from the Russian advanced persistent threat (APT) group 28, also known as Fancy Bear, STRONTIUM, Swallowtail, Sofacy, Sednit, and Zebrocy. According to Microsoft, APT28 is targeting sporting and anti-doping organizations using spearphishing, password spraying (a brute force technique), fake Microsoft internet domains, as well as open-source and custom malware to exploit internet-connected devices.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages network defenders to remain vigilant and review the Microsoft article, the World Anti-Doping Agency article


MS-ISAC Releases Advisory on PHP Vulnerabilities

Original release date: October 30, 2019

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system.  The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC Advisory 2019-116 and the PHP Downloads page and apply the necessary updates.


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an information technology and cybersecurity instructor for several training and certification organizations. Bob has worked in corporate, military, government, and workforce development training environments Bob is a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.