InfoSec News 20190704

  • Publicado: Qui, 04/07/2019 - 10:04

Top News

  • Facebook and Instagram suffer massive outage

"Another day, another service outage at social media giant Facebook and its subsidiary company Instagram. Yes, Facebook and Instagram have been hit by a worldwide service outage forcing both platforms to go offline."

Link

TLP1 : Green

  • Sodin ransomware enters through MSPs

"At the end of March, when we wrote about a GandCrab ransomware attack on an MSP’s clients, we figured it was unlikely to be an isolated case.  Managed service providers are just too tempting a target for cybercriminals to ignore."

Link

TLP1 : Green

  • The Champalimaud Foundation was the target of an "unprecedented"

" The Champalimaud Foundation was the target of an unprecedented computer attack, but was able to overcome the situation without giving in to the demands of the attackers. The Foundation's communications consultant, Vitor Cunha, told Lusa that the attack began about 48 hours ago and that the facility "did not give in to demands from the attackers.""

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Hackers target real estate agent emails in growing loan scam

"Real estate agents are being targeted by hackers, who use the email accounts to learn when a home is about to close, then email clients new wiring instructions shortly before the transaction. The new wiring instructions often direct the funds to bank accounts outside the country."

Link

TLP1 : Green

  • India’s Response to China’s Cyber Attacks

"In a 2018 report to India’s National Security Council Secretariat (NSCS), an unprecedented 35 percent of cyber attacks against the country were attributed to China. Although such attacks have not generated a catastrophic impact in terms of damaged infrastructure, knocked down power grids and any related casualties, China’s cyber policy against India could undermine the country’s conventional power in a future military conflict."

Link

TLP1 : Green

  • Senate Passes Bill to Help Defend U.S. Energy Grid against Digital Attacks

"On 27 June, the Senate passed the Securing Energy Infrastructure Act. Introduced by U.S. Senators Angus King (I-Maine) and Jim Risch (R-Idaho), the main purpose of the bipartisan bill is to remove security vulnerabilities which digital attackers can abuse to access the U.S. energy grid. It seeks to do this by implementing several steps"

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Ex-Equifax CIO, who knew about huge data breach, jailed for insider trading

"In September 2017, Equifax went public about a massive data breach that saw hackers steal information about 143 million US consumers – including names, addresses, social security numbers, and dates of birth. Later, the company confirmed that a further 15.2 million Brits also had their personal data breached. "

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • Cisco Releases Security Updates for Multiple Products

"Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system."

Link

TLP1 : Green

  • Tens of VMware Products affected by SACK Panic and SACK Slowness flaws

"The vulnerabilities could be exploited by a remote unauthenticated attacker to trigger a denial-of-service (DoS) condition and reboot vulnerable systems.

Impacted products are AppDefense, Container Service Extension, Enterprise PKS, Horizon, Hybrid Cloud Extension, Identity Manager, Integrated OpenStack, NSX, Pulse Console, SD-WAN, Skyline Collector, Unified Access Gateway, vCenter Server Appliance, vCloud, vRealize and vSphere products."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • 3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them

"Reviewing and responding to current threat intelligence is an essential part of any organization’s cybersecurity strategy. However, the need to regularly consult threat data and update defenses is amplified in the healthcare space, where interruptions to networks can be life-threatening. This is especially true as health systems become more reliant on technology and connected devices tied directly to patients and critical patient care. In addition, the average healthcare organization spends $1.4 million recovering from a breach, which impacts hospital revenue and can severely undermine reputation and trust — two cornerstones of patient experience and retention."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • Helping to Build the Next Generation of Memory Forensics Researchers and Practitioners

" The Volatility Foundation strives to help build and enhance the memory forensics field. This includes funding and supporting the Volatility Plugin and Analyst Contests; sponsoring conferences significant to the open source digital forensics community, such as OSDFCON and BSidesNOLA; and maintaining the Volatility Memory Analysis Framework."

Link

TLP1 : Green

  • Cyber Command warns of new attacks and malware potentially linked to Iran

"United States Cyber Command issued a warning Tuesday about hackers using a security flaw in Microsoft's Outlook email program, while also uploading new malware to an archive used by cybersecurity researchers that one expert believes is connected to an infamous Iranian attack."

Link

TLP1 : Green

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News