BACKGROUND: The FBI, CISA, EPA and NSA announced yesterday a cybersecurity advisory that details ongoing cyber threats to U.S. water and wastewater systems. The advisory highlights ongoing malicious cyber activity targeting the IT and OT networks, systems, and devices of U.S. water and wastewater sector facilities, threatening the ability to provide clean, potable water to, and effectively manage the wastewater of, their communities.
ISBuzz Team
BACKGROUND: With contactless cards hitting a £100 limit of today, consumers are being asked to risk more than ever. Our security is in the hands of financial service and tech organisations. They must continuously spot patterns, listen to customer concerns, and ultimately take responsibility for getting the balance between security and convenience right amid this significant change.
BACKGROUND: The latest industry survey from Deep Instinct is reporting Incident Response to Cyberattacks Take Over Two Working Days, According to Latest Industry Survey. The second edition of Deep Instinct’s bi-annual Voice of SecOps Report shows that fully 83% of cybersecurity professionals were dissatisfied with current EPP and EDR solutions. Report excerpts: The average global response to a cyberattack was found to be 20.9 hours—more than two “working” days. … survey respondents were uncertain whether it is possible to prevent the constant waves of attacks from cybercriminals. In addition, security operations professionals cite threats from within as a persistent issue; 86 percent…
BACKGROUND: It has been reported that in less time than it takes to get a stuffed crust pizza delivered, a new group called SnapMC can breach an organization’s systems, steal their sensitive data, and demand payment to keep it from being published, according to a new report from NCC Group’s threat intelligence team — no ransomware required. Rather than disrupting business operations by locking down a target’s data and systems, SnapMC just focuses on straight-up extortion. However, this low-tech, ransomware-free approach to extortion on a compressed timeline relies on known vulnerabilities with patches readily available.
The issue of building cybersecurity awareness is still a concern for many organisations as found in KnowBe4’s State of Privacy and Security Report, which found that a lack of IT security training is directly correlated with the risk of cyberattacks in the workplace. In fact, 45 percent of the workforce believe that they have no need to take additional safeguards regarding cybersecurity because they don’t work in an IT department. The report evaluated the amount of training the workforce was being given about cybersecurity and privacy best practices and then determining how much was being understood by employees. Furthermore, the…
BACKGROUND: Quest Diagnostics has informed the SEC about a ransomware attack in August that hit ReproSource, a fertility clinic owned by the company. The ransomware attack led to a data breach, exposing a significant amount of health and financial information for about 350,000 ReproSource patients. Quest said ReproSource provided notice that it experienced a data security incident in which an unauthorized party may have accessed or acquired the protected health information and personally identifiable information of some patients.
BACKGROUND: Following the news that Iranian Hackers have been found ‘password spraying’ Office 365 accounts, cybersecurity experts reacted below.
BACKGROUND: This month’s Patch Tuesday release includes fixes for 74 CVEs, three of which are rated critical including one vulnerability that was exploited in the wild as a zero-day.
BACKGROUND: Researchers at Kaspersky technologies are reporting in MysterySnail attacks with Windows zero-day about a Chinese RAT attacking multiple Windows servers using a zero-day privilege escalation for insertion. Reporting: “We discovered that it was using a previously unknown vulnerability in the Win32k driver and exploitation relies heavily on a technique to leak the base addresses of kernel modules.” Excerpts: … we analyzed the malware payload used along with the zero-day exploit and found that variants of the malware were detected in widespread espionage campaigns against IT companies, military/defense contractors, and diplomatic entities. We are calling this cluster of activity MysterySnail.…
BACKGROUND: Following the news that the University of Sunderland has been hit by an apparent cyberattack, which has brought down its website, phones and IT systems, please see below comments from cybersecurity experts.