WyzGuys Tech Talk

Verizon says data of 6 million customers leaked online

If you are a Verizon customer, you may want to consider updating your user information and account password.

About 6 million Verizon subscribers’ personal data was leaked online thanks to a security lapse from Nice Systems, an Israel-based company that partnered with Verizon to analyze customer service calls. The information stemmed from recorded customer service calls over the past six months.

The leaks included customer names, cell phone numbers and account PINs, which can be used to access online accounts, according to ZDNet, which broke the news.

ZDNet reported that at least 14 million records of subscriber calls, which is different from  personal data records, were leaked.

The Girl Scouts are adding a cybersecurity badge

from CNNtech by way of Naked Security

Girl Scouts, best known for their cookies (real cookies, not the ones stored in your browser) will soon be able to add another badge to the ones they can already earn for skills ranging from first aid to storytelling: a badge for cybersecurity skills, according to CNN Tech.

10 Must-Read Books For Information Security Professionals

From TechWorm

In this article, we have compiled a list of top 10 must-read books, which according to us can offer you knowledge and insight about IT security.

HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure

from US-CERT on June 15, 2017

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA.

If users or administrators detect the custom tools indicative of HIDDEN COBRA, these tools should be immediately flagged, reported to the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and given highest priority for enhanced mitigation. This alert identifies IP addresses linked to systems infected with DeltaCharlie malware and provides descriptions of the malware and associated malware signatures. DHS and FBI are distributing these IP addresses to enable network defense activities and reduce exposure to the DDoS command-and-control network. FBI has high confidence that HIDDEN COBRA actors are using the IP addresses for further network exploitation.

Introduction to Brute Force Attacks

From WordFence

What’s a Brute Force Attack?

Fundamentally, a brute force attack is exactly what it sounds like: a means of breaking in to the back end of a website with relentless successive attempts. With a brute force attack on WordPress websites, a hacker attempting to compromise your website will attempt to break in to your site’s admin area by trial and error, using thousands of possible username/password combinations. This is usually accomplished with automated software specifically designed to generate and then try countless combinations one after the other, over and over, with the aim of finding a needle-in-a-haystack combination that will let them into your WordPress admin area. From there, they can wreak havoc on your site to their hearts’ desire.

The email that cost $1.9m

from Naked Security

South Oregon University is the latest institution to fall for social engineering, after scammers conned the university into wiring funds to them.

The Mail Tribune reports that scammers purporting to be Andersen Construction, who were carrying out building work on a student recreation center, emailed the university requesting that their spring payment be made to a new bank account.

The accounts department transferred $1.9 million but a few days later the construction company confirmed that they hadn’t received it.

TA17-163A: CrashOverride Malware

06/12/2017 05:44 PM EDT

Systems Affected

Industrial Controls Systems

Overview

The National Cybersecurity and Communications Integration Center (NCCIC) is aware of public reports from ESET and Dragos outlining a new, highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine. As reported by ESET and Dragos, the CrashOverride malware is an extensible platform that could be used to target critical infrastructure sectors. NCCIC is working with its partners to validate the ESET and Dragos analysis, and develop a better understanding of the risk this new malware poses to the U.S. critical infrastructure.