Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Safety and Security While Video Conferencing with Zoom

With much of the world shifting to working from home due to public health concerns with COVID-19, video conferencing is booming. Businesses, and even schools, are turning to platforms such as Zoom, Microsoft Teams, Google hangouts and other technologies to stay connected.

5 things you can do today to make Zooming safer

5 things you can do to make your Zooming safer, more private and more secure…

7 Best Practices to Secure Virtual Meetings, NIST Advises

In most organizations, the only meetings happening right now are virtual meetings. And quite frankly, if you’re reading this article, you may be one of the few in your organization giving the security of these virtual meetings much thought. That does not surprise Jeff Greene, Director of the National Cybersecurity Center of Excellence , which is part of NIST. “Virtual meeting security is often an afterthought… Read more

Coronavirus Cybercrimes Surging: Are these the Lowest of the Low?

It’s a race to the bottom for hackers and cybercriminals looking to make money from the coronavirus pandemic or trying to disrupt information that can help keep people safe. Sometimes, they are doing both at once. Android users are coming across a website that offers you the power of COVID-19 tracking in your pocket. Download the app to see maps and get alerts when someone near you is diagnosed with the virus—even someone on “your street.” You can imagine how tempting this tool would be for many people as a means of protecting themselves. Researchers at Domaintools came across the website and tested the app. “The domain prompts… Read more

Watch out for the new wave of COVID-19 scams, warns IRS

If somebody promises to get your economic impact payment fast, back away: it’s just one flavor of COVID-19 scam the tax agency is seeing.

FBI Warns Industry: Hackers Trying to Phish Office 365 and Google G Suite Users

From time to time, the FBI sends its partners in industry a Private Industry Notification (PIN) about pervasive cyberattacks, and the latest PIN went out this month regarding Business Email Compromise (BEC). “The scams are initiated through specifically developed phish kits designed to mimic the cloud-based email services in order to compromise business email accounts and request or misdirect transfers… Read more

NIST Tests Forensic Methods for Getting Data From Damaged Mobile Phones

Researchers put law enforcement hacking tools to the test.

Internet of Things Candle

[2020.02.20] There’s a Kickstarter for an actual candle, with real fire, that you can control over the Internet.  What could possibly go wrong?  Great way to light your house on fire remotely.  Or use as a trigger to an arson.  Investigation on the Kickstarter site reveals that this device is Bluetooth connected so it should have a range limited to 30 feet.  Still – do we really need a remote scented candle?

Russia Is Trying to Tap Transatlantic Cables

[2020.02.24] The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables.  Ireland is the landing point for undersea cables which carry internet traffic between America, Britain and Europe. The cables enable millions of people to communicate and allow financial transactions to take place seamlessly.

Garda and military sources believe the agents were sent by the GRU, the military intelligence branch of the Russian armed forces which was blamed for the nerve agent attack in Britain on Sergei Skripal, a former Russian intelligence officer. This is nothing new. The NSA and GCHQ have been doing this for decades. Boing Boing post.

Russia’s FSB wanted its own IoT botnet

If you thought the Mirai botnet was bad, what about a version under the control of Russia’s military that it could point like an electronic cannon at people it didn’t like?

CIA Dirty Laundry Aired

[2020.03.10] Joshua Schulte, the CIA employee standing trial for leaking the Wikileaks Vault 7 CIA hacking tools, maintains his innocence. And during the trial, a lot of shoddy security and sysadmin practices are coming out:

All this raises a question, though: just how bad is the CIA’s security that it wasn’t able to keep Schulte out, even accounting for the fact that he is a hacking and computer specialist? And the answer is: absolutely terrible.  The password for the Confluence virtual machine that held all the hacking tools that were stolen and leaked? That’ll be 123ABCdef. And the root login for the main DevLAN server? mysweetsummer.  It actually gets worse than that. Those passwords were shared by the entire team and posted on the group’s intranet. IRC chats published during the trial even revealed team members talking about how terrible their infosec practices were, and joked that CIA internal security would go nuts if they knew. Their justification? The intranet was restricted to members of the Operational Support Branch (OSB): the elite programming unit that makes the CIA’s hacking tools.

The jury returned no verdict on the serious charges. He was convicted of contempt and lying to the FBI; a mistrial on everything else.

Wi-Fi Chip Vulnerability

[2020.03.03] There’s a vulnerability in Wi-Fi hardware that breaks the encryption:

The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter a chipmaker Cypress acquired in 2016. The affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and Wi-Fi routers from Asus and Huawei, as well as the Raspberry Pi 3. Eset, the security company that discovered the vulnerability, said the flaw primarily affects Cypress’ and Broadcom’s FullMAC WLAN chips, which are used in billions of devices. Eset has named the vulnerability Kr00k, and it is tracked as CVE-2019-15126.

Manufacturers have made patches available for most or all of the affected devices, but it’s not clear how many devices have installed the patches. Of greatest concern are vulnerable wireless routers, which often go unpatched indefinitely.  That’s the real problem. Many of these devices won’t get patched — ever.

Ransomware Attacks Causing Employee Layoffs

We all know that ransomware attacks are bad for any organization. They’re costly, they put customers at risk, and they can damage your reputation. But there’s also a factor in ransomware incidents that gets less attention: the impact on employees. When Evraz, a steel manufacturer, experienced a ransomware attack early this year, the event “impacted operations in all of Evraz North America… Read more

 

Be Sociable, Share!

11
APR
0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.