Hackers took advantages of Covid 19 virus which become serious issue in worldwide. They created a fake covid 19 threat map website which contain malware ‘AZORult’ to allure victim to click the link to see the map. This fake map is similar to a legitimate COVID-19 threat map created by Johns Hopkins University which provide information of statistics of people in all countries that have been infected. With this malware, hacker can steal browsing history, cookies, ID and passwords, credit card information storing in user’s browser history.
Virgin Media database containing the personal details of 900,000 people was left unsecured and accessible online for 10 months, the company has admitted. The information was accessed “on at least one occasion” by an unknown user. The database, which was for marketing purposes, contained phone numbers, home and email addresses. It did not include passwords or financial details. The breach was not due to a hack or a criminal attack, but because the database had been “incorrectly configured” by a member of staff not following the correct procedures, Virgin Media said.
Corona virus themed phishing attacks being carried out to deliver malware
Cyber criminals have been quick to exploit the pandemic created by wide spread of corona virus. They seem to be targeting all industry sectors including government. They are primarily using the two most important triggers of social engineering; fear and urgency. Fake emails are being sent on behalf of WHO and CDC.
It is important for us to check the source of any information before reading it.
The article entitled “Confessions of a security pro: I was wrong about host hardening” address important points regarding host hardening. Although it is an old dated article, it points out crucial security issues which are still valid nowadays. The article consists confessions of an experienced security practitioner. He emphasized the security awareness, training and risk management within an organization. He claimed that host hardening practices, including good patching, strong password etc. are important but if you don’t train your employee all these hard works become useless. For instance, unneeded services are required to disabled to mitigate risk of remote buffer overflows. However, most of the buffer overflows attacks were succeed not due to having remote buffer overflows in default Microsoft services, but due to having exploitable gaining access inside the organization by an attacker tricking an end user into clicking on a phishing email.
HACKERS ACCESSED T-MOBILE CUSTOMERS FINANCIAL AND PERSONAL INFORMATION AFTER BREACH THE NETWORK
According to the article the T-MOBILE hack was through a vendor’s email which leads to unauthorized access to certain T-Mobile employee email accounts. Reports from cybersecurity forensics experts revealed that the following details were accessed, names & addresses, SSN, financial account information, government identification numbers, customer’s phone numbers, billing account information, and rate plans.
Cyber criminals designed a coronavirus map that’s designed to steal the personal information of people who click on the link of the map. It feeds on the panic and fear of people who want to learn more about what’s going on by luring them into looking at the map and upon clicking the link, a malware is installed into their personal device.
Cloud providers such as Amazon Web Services, Microsoft’s Azure and Google Cloud have their own security features, but they typically manage security only for the underlying infrastructure.
Customers are responsible for securing the applications and databases that they put on top of that infrastructure/
Congress is currently trying to pass the EARN IT (Eliminating Abusive and Rampant Neglect of Interactive Technologies) Act and has started holding hearings as of March 12th. The bill is an attack on personal privacy and security that will hold tech companies accountable for illegal content shared across those platforms.
The bill’s intent is to combat online child abuse; however, it does not mention anything regarding how law enforcement will utilize, let alone be trained to use, these resources to catch child predators. It’s also worth noting that many tech companies already voluntarily scan for child abuse images by comparing the hash values of known abusive content.
Policy experts have pointed out that the bill is structured in a way that is meant to target encryption, essentially making tech companies weaken their encryption standards and put the rest of their users’ privacy and security at risk.
Title: Major tech platforms say they’re ‘jointly combating fraud and misinformation’ about COVID-19
A coalition made up of seven of the US’s largest tech companies have begun collaborating with government healthcare agencies to provide important updates and combat coronavirus-related fraud and misinformation. The seven companies that are currently making up this joint effort include Facebook, Google, LinkedIn, Microsoft, Reddit, Twitter and YouTube, with an open invitation to other companies seeking to help in these somewhat stressful times.
The topic of ransomware seems to be a very prevalent and recurring topic in this class. This time, the attack was against an unnamed U.S. Pipeline distributor. The ransomware attack was unleashed by an unknown attacker targeted at the control and communication assets of the organization. The attacks caused severe supply chain issues for two days. The distributor was not adequately prepared for the attack because it did not think of cyber attacks as being an eminent form of an attack on their operations.
High-stakes security setups are making remote work impossible
As Covid-19 drives many to work from home, some find them selves in roles that simply cant work form home. Workers at utility companies and security agencies who need the utmost level of security are finding this time especially difficult. For industrial networks like power and gas companies they want their critical infrastructure separated as far as possible form the internet so working remote and connecting through the internet in some cases is imposing too much risk. Especially when the risk is exposing an electrical grid or waste processing plant. As for an agency like the NSA the policy states they are strictly forbidden from working from home and the pandemic hasn’t changed that policy at all. Overall the article is an interesting read and is relevant to thinking about secure network architecture.
US VPN Use Could Soar 150% as Covid-19 Spreads
The use of virtual private networks (VPNS) has surged in some of the countries hardest hit by Covid 19.Atlas VPN points to other countries/regions where usage of VPNS has increased, including the United States, where usage has increased by 53% in the past two weeks. With the influence of covid-19, the use of information technology networks in various countries and regions will greatly increase. The importance of network security will also increase with usage. It will also be important to ensure the stability of network communications and remote control functions. This is a challenge for the IT security community, and the uncertainty will grow in the face of this disaster. https://www.infosecurity-magazine.com/news/vpn-use-could-soar-150-us-covid19/
With concerns over coronavirus on the rise and in a political climate that can generously be described as “charged,” when Facebook began marking and removing posts linking to COVID-19-related articles as spam, many users on the social media platform began eyeing their friends lists with suspicion and even floating conspiracy theories.
But the culprit it seems is a “bug in an anti-spam system unrelated to any changes in our content moderator workforce,” Facebook Vice President of Integrity Guy Rosen tweeted. “We’re in the process of fixing and bringing all these posts back.”
Hackers took advantages of Covid 19 virus which become serious issue in worldwide. They created a fake covid 19 threat map website which contain malware ‘AZORult’ to allure victim to click the link to see the map. This fake map is similar to a legitimate COVID-19 threat map created by Johns Hopkins University which provide information of statistics of people in all countries that have been infected. With this malware, hacker can steal browsing history, cookies, ID and passwords, credit card information storing in user’s browser history.
https://www.infosecurity-magazine.com/news/infostealing-coronavirus-threat/
A Virgin Media data breach affects 900,000 people
Virgin Media database containing the personal details of 900,000 people was left unsecured and accessible online for 10 months, the company has admitted. The information was accessed “on at least one occasion” by an unknown user. The database, which was for marketing purposes, contained phone numbers, home and email addresses. It did not include passwords or financial details. The breach was not due to a hack or a criminal attack, but because the database had been “incorrectly configured” by a member of staff not following the correct procedures, Virgin Media said.
https://www.bbc.co.uk/news/amp/business-51760510
Corona virus themed phishing attacks being carried out to deliver malware
Cyber criminals have been quick to exploit the pandemic created by wide spread of corona virus. They seem to be targeting all industry sectors including government. They are primarily using the two most important triggers of social engineering; fear and urgency. Fake emails are being sent on behalf of WHO and CDC.
It is important for us to check the source of any information before reading it.
https://www.securityweek.com/coronavirus-themed-emails-deliver-malware-phishing-scams
The article entitled “Confessions of a security pro: I was wrong about host hardening” address important points regarding host hardening. Although it is an old dated article, it points out crucial security issues which are still valid nowadays. The article consists confessions of an experienced security practitioner. He emphasized the security awareness, training and risk management within an organization. He claimed that host hardening practices, including good patching, strong password etc. are important but if you don’t train your employee all these hard works become useless. For instance, unneeded services are required to disabled to mitigate risk of remote buffer overflows. However, most of the buffer overflows attacks were succeed not due to having remote buffer overflows in default Microsoft services, but due to having exploitable gaining access inside the organization by an attacker tricking an end user into clicking on a phishing email.
For details, here is the article: https://www.csoonline.com/article/2624054/confessions-of-a-security-pro–i-was-wrong-about-host-hardening.html
HACKERS ACCESSED T-MOBILE CUSTOMERS FINANCIAL AND PERSONAL INFORMATION AFTER BREACH THE NETWORK
According to the article the T-MOBILE hack was through a vendor’s email which leads to unauthorized access to certain T-Mobile employee email accounts. Reports from cybersecurity forensics experts revealed that the following details were accessed, names & addresses, SSN, financial account information, government identification numbers, customer’s phone numbers, billing account information, and rate plans.
https://cybersecuritynews.com/t-mobile-hacked/
https://www.infosecurity-magazine.com/news/infostealing-coronavirus-threat/
Cyber criminals designed a coronavirus map that’s designed to steal the personal information of people who click on the link of the map. It feeds on the panic and fear of people who want to learn more about what’s going on by luring them into looking at the map and upon clicking the link, a malware is installed into their personal device.
Cloud providers such as Amazon Web Services, Microsoft’s Azure and Google Cloud have their own security features, but they typically manage security only for the underlying infrastructure.
Customers are responsible for securing the applications and databases that they put on top of that infrastructure/
How the cloud has opened new doors for hackers
https://www.washingtonpost.com/technology/2020/03/02/cloud-hack-problems/
Congress is currently trying to pass the EARN IT (Eliminating Abusive and Rampant Neglect of Interactive Technologies) Act and has started holding hearings as of March 12th. The bill is an attack on personal privacy and security that will hold tech companies accountable for illegal content shared across those platforms.
The bill’s intent is to combat online child abuse; however, it does not mention anything regarding how law enforcement will utilize, let alone be trained to use, these resources to catch child predators. It’s also worth noting that many tech companies already voluntarily scan for child abuse images by comparing the hash values of known abusive content.
Policy experts have pointed out that the bill is structured in a way that is meant to target encryption, essentially making tech companies weaken their encryption standards and put the rest of their users’ privacy and security at risk.
There’s probably a reason why they’re trying to pass this amidst a global pandemic.
https://nakedsecurity.sophos.com/2020/03/13/earn-it-act-threatens-end-to-end-encryption/
Title: Major tech platforms say they’re ‘jointly combating fraud and misinformation’ about COVID-19
A coalition made up of seven of the US’s largest tech companies have begun collaborating with government healthcare agencies to provide important updates and combat coronavirus-related fraud and misinformation. The seven companies that are currently making up this joint effort include Facebook, Google, LinkedIn, Microsoft, Reddit, Twitter and YouTube, with an open invitation to other companies seeking to help in these somewhat stressful times.
Source: https://www.theverge.com/2020/3/16/21182726/coronavirus-covid-19-facebook-google-twitter-youtube-joint-effort-misinformation-fraud
The topic of ransomware seems to be a very prevalent and recurring topic in this class. This time, the attack was against an unnamed U.S. Pipeline distributor. The ransomware attack was unleashed by an unknown attacker targeted at the control and communication assets of the organization. The attacks caused severe supply chain issues for two days. The distributor was not adequately prepared for the attack because it did not think of cyber attacks as being an eminent form of an attack on their operations.
https://threatpost.com/pipeline-disrupted-ransomware-attack/153049/
High-stakes security setups are making remote work impossible
As Covid-19 drives many to work from home, some find them selves in roles that simply cant work form home. Workers at utility companies and security agencies who need the utmost level of security are finding this time especially difficult. For industrial networks like power and gas companies they want their critical infrastructure separated as far as possible form the internet so working remote and connecting through the internet in some cases is imposing too much risk. Especially when the risk is exposing an electrical grid or waste processing plant. As for an agency like the NSA the policy states they are strictly forbidden from working from home and the pandemic hasn’t changed that policy at all. Overall the article is an interesting read and is relevant to thinking about secure network architecture.
https://arstechnica.com/information-technology/2020/03/high-stakes-security-setups-are-making-remote-work-impossible/
US VPN Use Could Soar 150% as Covid-19 Spreads
The use of virtual private networks (VPNS) has surged in some of the countries hardest hit by Covid 19.Atlas VPN points to other countries/regions where usage of VPNS has increased, including the United States, where usage has increased by 53% in the past two weeks. With the influence of covid-19, the use of information technology networks in various countries and regions will greatly increase. The importance of network security will also increase with usage. It will also be important to ensure the stability of network communications and remote control functions. This is a challenge for the IT security community, and the uncertainty will grow in the face of this disaster.
https://www.infosecurity-magazine.com/news/vpn-use-could-soar-150-us-covid19/
With concerns over coronavirus on the rise and in a political climate that can generously be described as “charged,” when Facebook began marking and removing posts linking to COVID-19-related articles as spam, many users on the social media platform began eyeing their friends lists with suspicion and even floating conspiracy theories.
But the culprit it seems is a “bug in an anti-spam system unrelated to any changes in our content moderator workforce,” Facebook Vice President of Integrity Guy Rosen tweeted. “We’re in the process of fixing and bringing all these posts back.”
https://www.scmagazine.com/home/security-news/bug-leads-facebook-to-mark-covid-19-posts-as-spam/