A quick Saturday digest of cybersecurity news articles from other sources.
ILOVEYOU: The Love Bug virus is 20 years old – could it happen again?
The Love Bug virus is 20 years old. It was also known as ILOVEYOU because it spewed itself out in emails with those three words, jammed together as one, in the subject line. This was one of the first mass mailing worms I had to deal with at the start of my IT career. A fascinating look at the technical underpinning of the infamous worm. Ah the memories…
AA20-126A: APT Groups Target Healthcare and Essential Services
Original release date: May 5, 2020
Summary
CISA and NCSC continue to see indications that advanced persistent threat (APT) groups are exploiting the Coronavirus Disease 2019 (COVID-19) pandemic as part of their cyber operations. This joint alert highlights ongoing activity by APT groups against organizations involved in both national and international COVID-19 responses. It describes some of the methods these actors are using to target organizations and provides mitigation advice.
APT actors are actively targeting organizations involved in both national and international COVID-19 responses. These organizations include healthcare bodies, pharmaceutical companies, academia, medical research organizations, and local governments.
APT actors frequently target organizations in order to collect bulk personal information, intellectual property, and intelligence that aligns with national priorities. Read the complete report
More information at SecureWorld
Top 5 ways to make video conferencing safer
Password protection, user authentication, and keeping software patched are a few ways you can keep video conferencing secure. Tom Merritt suggests five things to do to ensure safer video meetings.
AA20-133A: Top 10 Routinely Exploited Vulnerabilities
Original release date: May 12, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patching the most commonly known vulnerabilities exploited by sophisticated foreign cyber actors.
This alert provides details on vulnerabilities routinely exploited by foreign cyber actors—primarily Common Vulnerabilities and Exposures (CVEs)[1]—to help organizations reduce the risk of these foreign threats. Click click to read the complete and extensive article from CISA
And a related article from Sophos Naked Security.
Vcrypt ransomware brings along a buddy to do the encryption
Here’s a ransomware story with a difference. Some of your files can be recovered without paying, while others get wiped out forever.
Police nab InfinityBlack hackers
Five alleged members of hacking group InfinityBlack got some unexpected visitors last week when Polish law enforcement arrested them.
Linux Foundation will host the Trust over IP Foundation
New open source standards are coming that can help technologies such as edge computing and IoT achieve greater security. Technology has evolved to such a state that the transmission of data comes in many forms and from many sources. No longer is user data only transmitted via the traditional network connection—from client-to-server, or client-to-client. The new world order includes IoT, hybrid clouds, artificial intelligence, and edge computing. The complications inherent in these technologies makes it even more crucial that universal security and privacy protocols are developed and put into place.
CISA-FBI Joint Announcement on PRC Targeting of COVID-19 Research Organizations
Original release date: May 13, 2020
My comment: The Chinese lit the fire, and now want to steal information about how water works. With friends like China….
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have jointly released a Public Service Announcement on the People’s Republic of China’s targeting of COVID-19 research organizations. CISA and FBI encourage COVID-19 research organizations to review and apply the announcement’s recommended mitigations to prevent surreptitious review or theft of COVID-19-related material.
For more information on Chinese malicious cyber activity, see https://www.us-cert.gov/china.
[WordPress Security] Vulnerability in Google Plugin Grants Attacker Search Console Access
The Wordfence Threat Intelligence Team has just published details of a critical vulnerability in Google Site Kit, a plugin used by 300,000 WordPress sites. This vulnerability allows attackers to access Google Search Console. The impact of a compromise in Search Console is profound. We cover the full story and how to protect your site on the official Wordfence blog.
Share
MAY
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com