Cyber Connections News Roundup: January 11

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

January 11

DoD Launches University Consortium for Cybersecurity

The Department of Defense has launched the University Consortium for Cybersecurity, or UC2, according to a recent report on www.defense.gov. UC2 will facilitate two-way communication between the Secretary of Defense and academia across the U.S. UC2 will work with community colleges and historically Black universities as well as larger research universities. The Center for Secure and Dependable Systems at the University of Idaho, a National Center of Academic Excellence in Cybersecurity, was selected to serve as the UC2 support center. Other organizations represented at the event included the Office of the Undersecretary of Defense for Acquisition and Sustainment, Office of the Deputy Assistant Secretary of Defense for Cyber Policy, and the House Armed Services Committee. Read more.

Cryptocurrency Crime on the Rise in 2021

According to a recent Chainalysis report, cryptocurrency related crime hit a new high in 2021. As reported on www.cyberscoop.com, illicit addresses tracked by Chainalysis received $14 billion in deposits over the course of 2021, almost double the amount they collected in 2020. Chainalysis found it that cryptocurrency-related scams and theft saw the biggest jumps in 2021. Illicit revenue from scams rose by 82% in 2021 to $7.8 billion worth of cryptocurrency. Researchers attribute a large part of the growth to a boom in so-called “rug pulls,” a fraud scheme in which developers set up seemingly legitimate cryptocurrency projects with the intent to steal investors’ money and disappear. Read more.

FBI Warns of Ransomware Hack Via Mailed USB Drives

According to a recent article on www.cnn.com, an Eastern European cyber criminal group has tried to hack US companies in the transportation, defense and insurance sectors by mailing those organizations malicious USB drives. The companies received a series of fake letters via the US Postal Service and UPS from August to November impersonating the Department of Health and Human Services in some cases, and Amazon in others, according to the FBI. The letters came with a USB stick laced with malicious software. If inserted into a computer, the USB stick could potentially have given the hacking group access to an organization’s networks to deploy ransomware. Read more.

Google Acquires Cyber Startup Siemplify

Google has kicked off 2022 by improving its cloud-based and enterprise security with the acquisition of Siemplify, an Israel-based cybersecurity startup that specializes in end-to-end security services for enterprises, referred to as security orchestration, automation and response (SOAR) services. According to a recent report on www.techcrunch.com, Siemplify will be integrated into the Google Cloud Platform, and specifically its Chronicle operation. Read more.

Is Space the Next Cybersecurity Frontier?

According to a recent article on www.scmagazine.com, the “final frontier” is an areas where we can expect to see bad actors preying on organizations that rely on satellite-based connectivity. The satellite internet industry has taken off in the past few years. SpaceX and Amazon, for example, are working to build satellite-based networks that consist of thousands of small, individual satellites, and Boeing plans another 147 broadband satellites. As satellite-based internet access continues to grow, experts predict that cyber criminals will target organizations that rely on satellite-based connectivity to support low-latency activities, such as delivering critical services to remote locations or online gaming, as well as cruises and airlines, pipelines and remote field offices. Read more.

UMGC Faculty Experts Make Their Predictions for 2022

Zero Trust networks, attacks on the metaverse, cooperative threat hunting, and more. Faculty members in the School of Cybersecurity & Information Technology offer their forecasts for the year ahead. 

The Metaverse Will Become More Vulnerable to Ransomware Attacks 

Jason M. Pittman, Sc.D., collegiate faculty, School of Cybersecurity & Information Technology 

We will begin to see ransomware attacks push into the metaverse, the burgeoning iteration of the internet that supports online 3-D virtual environments accessed through conventional personal computing, as well as virtual and augmented reality devices such as headsets. Specifically, these attacks will target social media influencers on Facebook, Instagram, and other platforms. Augmented reality brings with it a host of truly novel vulnerabilities. Cybercriminals will seek to exploit weaknesses in the devices that enable access to the metaverse, or even from within augmented reality itself.  

An Increase in Zero-trust Frameworks Will Help Security Architects Protect Cloud and On-site Premises 

James Robertson, Ed.D., Program Director, Cyber DevOps, School of Cybersecurity & Information Technology  

As the number of cloud migrations increase, understanding the shared responsibility model—between the security team and provider—continues to be problematic. Cloud migrations and environment updates happen on an increased timeline which, if not handled, can cause security controls to be missed or weakened. Authorization boundaries are often blurred or ill-defined in cloud development efforts leaving additional security gaps. Adopting a Zero Trust model, which incorporates many mechanisms, including the monitoring and logging of all network traffic at those authorization boundaries, will enforce controls for system and application access and protects data. 

Threat Intelligence Sharing and Cooperative Threat Hunting Activities Will Rise 

Valorie King, Ph.D., Program Director, Cybersecurity Management and Policy, School of Cybersecurity & Information Technology  

Threat intelligence sharing and cooperative threat hunting activities will increase in importance as businesses and government organizations seek to improve collaboration and proactively identify potential threats and sources of threats. Stand-alone defenses of an organization’s assets and infrastructures are no longer sufficient to prevent and deter attacks against digital assets and business processes. Additionally, phishing will become more subtle and focused as attackers increase their use of data analytics to target and manipulate specific individuals within organizations.  

Innovative Attack Methods Using Artificial Intelligence Will Expand the Threat Landscape  

Philip Chan, Ph.D., Adjunct Professor, School of Cybersecurity & Information Technology  

In 2022, the use of Artificial Intelligence (AI) will expand the cybersecurity threat landscape, bringing new dangers and altering the typical characteristics of threats. Attackers will employ new and highly innovative methods, notably Machine Learning (ML), which will enable cybercriminals to use AI to carry out more cyber and ransomware strikes. AI/ML techniques will generate more sophisticated phishing intrusions, pervasive ML email attacks and zero-day attacks on top of other well-known ransomware deployments. In the hands of cybercriminals, AI/ML can create significant harm as machine-learning and deep-learning techniques will make cyberattacks more accessible. The result? Faster, better-targeted, and more destructive assaults.  

Attacks on the Software Supply Chain Will Ramp Up, as Will Demands for Transparency  

Chris Hughes, Adjunct Professor, School of Cybersecurity & Information Technology  

Due to several high-profile software supply chain attacks, most notably SolarWinds, we will continue to see an increased focus on the software supply chain. With the Cybersecurity Executive Order, the evolution of the Software Bill of Materials, the Cybersecurity and Infrastructure Security Agency and emerging guidance from the National Institute of Standards and Technology, the software supply chain is one of the most talked-about subjects—and will continue to be so for the coming year. Software consumers are demanding increased transparency from software producers who, in turn, are eager to gain consumer trust. Organizations such as the Cloud Native Computing Foundation are hosting entire conferences that focus on the software supply chain. Emerging technologies and practices are being honed to provide never-before-seen levels of transparency in the software ecosystem.  

Cyber Connections News Roundup: December 28

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

December 28

UMGC Cybersecurity Faculty Experts Make Their Year-end Predictions

We can expect the metaverse to become more vulnerable to attacks. An increase in zero-trust frameworks will help security architects protect cloud and on-site premises. Threat intelligence sharing and cooperative threat hunting activities are on the rise. Innovative attack methods using artificial intelligence will expand the threat landscape. We will see more attacks on the software supply chain. UMGC’s Jason Pittman, James Robertson, Valorie King, Philip Chan and Chris Hughes explain why we should keep an eye out for these trends in 2022. Read more.

Majority of Federal Cyber Leaders Say 2021 Executive Order Falls Short

According to a recent article on www.helpnetsecurity.com, 72% of federal cybersecurity leaders say the White House’s May 2021 Cybersecurity Executive Order (EO) addresses only a fraction of today’s cybersecurity challenges. The article, citing a study from MeriTalk, found that current focus is on the wrong aspects – 77 percent of respondents say their agency is focused on compliance over long-term cyber resilience. The majority of those surveyed believe that their agencies need to better understand the attackers’ perspective to build a more proactive defense. Read more.

New Cybersecurity Class is a First for Virginia High School Students

Germanna Community College has teamed with Spotsylvania Schools to create the first dual enrollment program in Cybersecurity in Virginia. According to a recent report on www.washingtonpost.com, the program, which will soon be offered in Fredericksburg City and Stafford County public schools, is funded by a grant from GO Virginia, the state coalition for promoting economic growth and opportunity in high-demand industries. Students come to the Spotsylvania Career and Tech Center from their home high schools every other day for half the day, and they earn credits that will transfer to Germanna or any other Virginia community college. Read more.

FTC to Address Increase in Impersonation Fraud

According to a recent announcement, the Federal Trade Commission (FTC) will ramp up its efforts to combat government and business impersonation fraud, a problem that has grown worse during the pandemic. Impersonators use methods of communication to trick their targets into trusting that they are the government or an established business and then trade on this trust to steal their identity or money. The FTC, incorporating new data from the Social Security Administration, has reported that costs have increased 85 percent year-over year, with $2 billion in total losses between October 2020 and September 2021. COVID-specific scam reports have included 12,491 complaints of government impersonation and 8,794 complaints of business impersonation. Read more.

Employee Burnout Presents Cybersecurity Threat

A new report from password manager vendor 1Password found that employee burnout presents a security risk. According to a recent article on www.healthcareitnews.com, workers in virtually every industry are reporting high levels of burnout, which results in employees letting their guards down around security threats. The 1Password report suggests that training alone isn’t enough to combat security threats, particularly when employees are not feeling motivated. For example, the report suggests that three times as many burned-out employees as their counterparts say security policies “aren’t worth the hassle.” Read more.

Cyber Connections News Roundup: December 14

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

December 14

New Log4j Vulnerability Could Turn into a Field Day for Hackers

According to a recent article on www.zdnet.com,U.S. government cybersecurity officials believe that a vulnerability in Log4j, a widely used Java logging library, has become a security risk that could affect digital devices across the internet. Security responders are scrambling to patch the bug, which can be easily exploited to take control of vulnerable systems remotely. At the same time, hackers are actively scanning the internet for affected systems. Some have already developed tools that automatically attempt to exploit the bug, as well as worms that can spread independently from one vulnerable system to another under the right conditions. Read more.

Is the U.S. Government Facing a Cybersecurity Brain Drain?

According to a recent article on https://fox28media.com, experts are warning that the U.S. government is failing to keep up with the talent demands of the private sector, which can typically pay higher than many federal agencies. A recruiting website for cybersecurity jobs, funded by the U.S. Department of Commerce, said there are currently 597,767 open cybersecurity jobs nationwide, which includes positions in the public and private sector. In the public sector, the website estimates there are 38,655 open jobs. Read more.

Mitigating Cybersecurity Risks in International Trade Involve Planning and Playing Politics

Companies that sell digital products internationally face a host of cybersecurity concerns that can have a negative impact on their business, according to a recent article on https://hbr.org. Navigating the rules of cybersecurity and managing the cyber risks differ from country to country. Countries can, however, prepare for risks and rules with a strategy that includes building a strong cybersecurity governance culture, preparing for the politics that may arise, and developing a plan for exiting and re-entering markets. Read more.

Cyber Attacks Keep Two Schools Closed After Thanksgiving

Cyberattacks continue to pervade higher education as evidenced by recent issues experienced by Butler County Community College in Pennsylvania and Lewis and Clark Community College in Illinois, according to a recent report on https://edscoop.com. The two schools temporarily closed their campuses following Thanksgiving week to recover from cyberattacks. Butler County Community College said that it was hit with a ransomware attack on Nov. 19, the same day the school’s IT team notified campus on maintenance on several servers, according to updates on the school’s website. It cancelled classes for the Monday and Tuesday following the Thanksgiving weekend. Lewis and Clark, located in southern Illinois, did not specified the type of cyberattack it experienced, but announced on Nov. 28 that it would cancel classes and keep its campuses closed for the week for the necessary recovery time for its IT systems. Read more.

SolarWinds Hackers, One Year Later

The hackers associated with the SolarWinds supply chain compromise last year have been busy since then, according to a recent report on www.cyberscoop.com. Findings published Monday by a team of analysts at Mandiant (formerly FireEye) paint a picture of potentially distinct groups working alongside or within a more established Russian intelligence hacking group known as Nobelium, a name given to the group by Microsoft. The group is also known as Cozy Bear. Read more.

Cyber Connections News Roundup: November 30

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

November 30

Interpol Crackdown Results in More than 1,000 Fraud Arrests

According to a report on www.interpol.int, more than 1,000 arrests and USD 27 million were intercepted recently in massive financial crime crackdown. The coordinated operation, code named HAECHI-II, transpired over four months, from June to September 2021. Police units from 20 countries, as well as from Hong Kong and Macao, targeted specific types of online fraud, including romance scams, investment fraud and money laundering associated with illegal online gambling. In total, the operation resulted in the arrest of 1,003 individuals and allowed investigators to close 1,660 cases. Read more.

Who Is Accountable for Cybersecurity? Gartner Report Finds Lack of Clarity

A recent article on www.techrepublic.com discusses the lack of clarity on who is accountable for security incidents. Citing a recent Gartner survey, the members of various boards of directors finds that, while 88% believe that cybersecurity should be classified as a business risk instead of a technology one, the actions they’ve taken don’t necessarily reflect that. The report found that organizations that classify cybersecurity as a business risk would have a senior-level non-IT person accountable for it, but only 10% of leaders reported that to be the case in their organizations. Read more.

North Korea Hackers Remain on the Attack

According to email security firm Proofpoint, and as reported on www.cyberscoop.com, a North Korean cyber espionage group that targets think tanks, advocacy groups, journalists and other adversaries around the world, has been launching near-weekly attacks in 2021. According to Cyberscoop, ProofPoint examined the activities of a group it refers to as TA406, which it considers to be one of the components of an organization known more broadly as Kimsuky that has been active since at least 2012. That organization’s campaigns remained low in volume until the beginning of January 2021. Then from January to June 2021, the group launched “almost weekly campaigns. Read more.

Upon G7 Endorsement Central Bank Digital Currencies Now Vulnerable to Cyber Attacks

According to a recent article on www.weforum.org, now that G7 officials have endorsed principles for central bank digital currencies (CBDC), widespread deployment is imminent. Like any digital payment system, CBDC is vulnerable to cybersecurity attack, account and data breaches and theft, counterfeiting, and even farther-off challenges related to quantum computing. For citizens to be comfortable adopting CBDC, they will need to be confident in its security. The article enumerates four dimensions of CBDC cybersecurity that must be addressed, including credential theft and loss and user roles. Read more.

Cyberattacks on Two Bio-manufacturing Companies Raise Concerns

A recent article on www.cyberscoop.com reports that a group of likely foreign government-sponsored hackers is behind cyberattacks on two bio-manufacturing companies that occurred this year. The Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) dubbed the malware “Tardigrade” after the resilient micro-animal, and said it looks like the work of an advanced persistent threat group, a term that most often refers to government-backed attackers. The biomanufacturing sector encompasses makers of coronavirus vaccines and treatments, although BIO-ISAC has declined to say whether the firms hit in the spring and then in October were involved in battling COVID-19. Read more.

Cyber Connections News Roundup: November 16

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

November 16

FBI Email System Hacked to Send Out Fake Security Warnings

According to a recent report on www.theverge.com, hackers targeting the Federal Bureau of Investigation’s (FBI) email servers sent out thousands of phony messages that say its recipients have become the victims of a “sophisticated chain attack.” The emails were initially uncovered by The Spamhaus Project, a nonprofit organization that investigates email spammers. The emails claim that Vinny Troia, a cybersecurity evangelist and hacker with Night Lion Security, was behind the fake attacks and falsely state that Troia is associated with the hacking group, The Dark Overlord. Read more.

United States Joins Global Cybersecurity Partnership

The United States has joined the Paris Call for Trust and Security in Cyberspace, the 80-country partnership to condemn reckless behavior in cyberspace mobilize resources to secure the software supply chain, according to a recent report on www.cnn.com. The partnership includes a series of principles such as defending elections from cyberattacks, protecting intellectual property from theft, and condemning the use of hacking tools by non-state actors. The French government began the multilateral cyber initiative in 2018. Read more.

Brain-Computer Interfaces: A New Frontier for Hackers

Jason Pittman, Sc.D., collegiate faculty member at UMGC where he teaches in the School of Cybersecurity and Information Technology, believes that the potential of Brain-Computer Interfaces (BCIs) is enormous, from helping people with disabilities to improving work and personal performance but so, too, are the untold cybersecurity risks. Brain-computer interfaces (BCIs) are already commercially available, but there is a downside. The technology carries attack opportunities for hackers, including . It is important to understand the cybersecurity of BCIs if we are to proactively prevent threats to this new frontier of innovation. Read more.

Businesses Need to Move from Cybersecurity to Cyber Resilience

A recent article on www.weforum.org argues that way we think about securing our businesses and our data hasn’t really kept up with today’s cybersecurity risks. Business resources are still used to defend against attacks and protect the confidentiality and integrity of data. We need cyber resilience in addition to cyber security. Cyber resilience starts with the basics: patching vulnerabilities, detecting and mitigating threats, and educating employees on how to defend company security. But businesses also need to build resilience into every part of the business and limit the impact of cybercrime to a company’s brand, finance, legal, and customer trust obligations. Resilience is not about the ability to respond and recover from an attack, but how quickly we recover and what we prioritize. Read more.

U.S. Takes swift Action Against REvil Ransomware Attackers

According to a recent report on www.cyberscoop.com, the U.S. government took action against the alleged REvil ransomware attackers in Europe, including an arrest, an indictment, seizure of more than $6 million in stolen money, and new sanctions against a cryptocurrency exchange service and companies that support it. Highlighting the efforts was the arrest of Yaroslav Vasinksyi, a 22-year-old Ukrainian national, who is accused of writing the code behind REvil malware, also known as Sodinokibi, which has become among the most virulent ransomware strains in use. According to US Attorney General Merrick Garland, the malware has been “deployed” against roughly 175,000 computers worldwide, generating at least $200 million in extortion fees. Read more.

Cyber Connections News Roundup: October 19

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

October 19

Do Public-Private Cybersecurity Partnerships Really Work?

As University of Maryland Global Campus continues to recognize Cybersecurity Awareness Month, Bruce deGrazia, JD, CISSP, collegiate professor of cybersecurity management and policy at UMGC, examines the effectiveness of public-private partnerships to combat cybersecurity challenges. “A public-private partnership takes various forms, from the sharing of costs and profits, as occurs with a toll road, to the sharing of information between the private sector and the government without the fear of liability for antitrust,” said deGrazia. The question remains: Can these partnerships work in a competitive marketplace where cooperation is difficult, a trade secret might be revealed, or if a company might lose a strategic advantage? Read more.

Law Enforcement Community Warns of Cyber Attacks on Water Facilities

According to a recent article on www.cyberscoop.com and based on U.S. intelligence and law enforcement reports, ransomware attackers are targeting water and wastewater facilities. A cybersecurity advisory published on Oct. 14 from the FBI, the Cybersecurity Infrastructure and Security Agency, the Environmental Protection Agency and the National Security Agency noted incidents in five states between March of 2019 and August 2021, where systems were targeted by either ransomware attacks or other hacks.  The report noted that water facilities could be vulnerable to common tactics such as spear phishing, exploitation of outdated or unsupported operating systems and software, and the exploitation of control system devices with vulnerable firmware versions. Read more.

Biden Signs K-12 Cybersecurity Act, Bolsters Safeguards for Schools

On Oct. 8, President Biden signed into law the K-12 Cybersecurity Act, legislation that requires the Cybersecurity and Infrastructure Security Agency (CISA) to create cybersecurity recommendations and tools for schools to use to defend themselves against hackers. According to a recent article on www.thehill.com, the bipartisan bill lays the groundwork for better cybersecurity policies in our K-12 schools and stronger coordination between them and the experts at CISA. Read more.

TSA to Impose Cybersecurity Mandates for Rail Transit Systems

The federal government, through the Transportation Security Administration (TSA), will impose cybersecurity mandates on “higher-risk’’ railroad and rail transit systems this year, according to a recent article on www.washingtonpost.com. The move reflects a determination by the Biden administration to compel critical industries to improve their cybersecurity in the wake of damaging cyberattacks. The new mandates will apply to passenger rail companies such as Amtrak as well as large subway systems including New York’s and Washington’s. Read more.

Deep Fake Technology Results in $35 Million Bank Heist

A recent story on www.forbes.com chronicles the power and criminal potential of deep fake technology. In early 2020, cybercriminals cloned the voice of a company director in the United Arab Emirates (UAE) to steal as much as $35 million. The article describes how a bank manager in the UAE received a call from someone he recognized who was about to make some acquisitions and needed the bank to authorize transfers totaling $35 million. The bank manager made the transfers not realizing that deep voice technology had been used to clone the director’s speech. The UAE serves as a warning about the use of AI to create so-called deep fake images and voices  in cybercrime. Read more.

Cyber Connections News Roundup: October 5

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

October 5

October is Cybersecurity Awareness Month: Dispelling the Myths of Cyberbullying

Join University of Maryland Global Campus as we raise awareness about the importance of cybersecurity across all aspects of our lives and provide all Americans the resources they need to be safer and more secure online. In the last 15 years or so, a new menace has emerged that threatens to erode trust and destroy lives. Learn more from Richard White, adjunct professor of cybersecurity, about what you can do to identify and prevent cyberbullying. Read more.

U.S. to Meet with Thirty Countries to Discuss Growing Threat of Ransomware

According to a recent report on www.reuters.com, US national security advisers will gather officials from 30 countries this month to discuss the growing threat of ransomware. The goal of the new informal group, called the Counter-Ransomware Initiative, is to “bolster its diplomatic push that has included direct talks with Russia as well as the NATO alliance and Group of Seven (G7) wealthy nations.” It is not immediately clear which countries will participate and when these talks will take place. Read more.

New Maryland Law Aims to Promote Cybersecurity Oversight

Among several new laws in Maryland is SB049/HB038, which requires the secretary of information technology to advise the legislative and judicial branches of the state government on the condition of cybersecurity and ransomware software, with some exceptions. According to a recent article on www.baltimoresun.com, the bill was drawn up in response to a growing number of ransomware attacks, data breaches, and other cyberattacks in 2019 and 2020. Read more.

COVID-19 Vaccine Appointments Are Latest Attack Vector for Scammers

According to a recent article on www.cyberscoop.com, hackers are targeting American and Canadian victims with a malware strain that used coronavirus-themed messages to trick users into downloading software that collects their personal information. The scammers rely on SMS text messages focused on fictional COVID-19 regulations and vaccine information to trick recipients into clicking a link. That link triggers a malicious software – TangleBot – that infects a user device to collect call data, microphone and camera access and can be combined with other hacking tools to gather financial data. Read more.

Luxury Brand Neiman Marcus Discovers Data Breach Dating Back to May 2020

According to a recent report on https://threatpost.com, Dallas-based Neiman Marcus Group revealed that that the company was breached by an attacker back in May 2020. Neiman Marcus recently acknowledged it had just discovered the compromise, which included personal customer information like names, contact information, payment card information (without CVV codes), gift card numbers (without PINs), usernames, passwords and even security questions associated with online Neiman Marcus accounts. In total, Neiman Marcus, which also controls the brands Bergdorf Goodman, Neiman Marcus Last Call and Horchow, said 3.1 million cards were affected. Read more.

Cyber Connections News Roundup: September 21

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

September 21

Apple Emergency Security Updates Close Spyware Flaw

According to a recent report on www.nytimes.com, Apple has issued emergency software updates for a vulnerability in its products after security researchers uncovered a flaw that allows highly invasive spyware from Israel’s NSO Group to infect anyone’s iPhone, iPad, Apple Watch or Mac computer. The spyware, called Pegasus, invisibly infected Apple devices without victims’ knowledge through a method known as “zero click remote exploit.” Apple has urged customers to run the latest software updates for the fixes to take effect, by installing iOS 14.8, MacOS 11.6 and WatchOS 7.6.2. Read more.

UN Calls for Human Rights Safeguards on AI

On Sept. 15, the United Nations’ top human rights official, Michelle Bachelet, called for a global moratorium on the sale and use of artificial intelligence systems that pose human rights concerns until safeguards are put in place. According to a recent article on www.cyberscoop.com, Bachelet pointed to several ways the technology is used in decision-making that can have life-altering consequences, including the rise in the use of facial recognition technology in policing and subsequent cases of false arrests. Read more.

HHS Issues Warning About BlackMatter Ransomware

According to a recent article on www.healthcareitnews.com, the Department of Health and Human Services’ (HHS) cybersecurity arm, the Health Sector Cybersecurity Coordination Center (HC3), recently released a warning about BlackMatter ransomware. BlackMatter claims that they would not attack hospitals. Still, HC3 cautioned that this claim may not be accurate. BlackMatter’s target countries include the US, India, Brazil, Chile and Thailand, and the list is growing. HC3 issued best practices to mitigate BlackMatter, including providing social engineering and phishing training to employees; keeping patches up to date; implementing spam filters at email gateways; and blocking suspicious IP addresses at firewalls. Read more.

Preventing Man-in-the-Middle Attacks Starts with Secure Wi-Fi

A recent article on www.cisomag.com offers a primer on n a man-in-the-middle (MITM) attacks and how to prevent them. MITM attacks, in which the perpetrator places himself in an ongoing communication or data transfer between an application/service and its user to spy or impersonate someone, focus mainly on stealing personal information like bank account numbers, credit/debit numbers, account login credentials, and other banking-related data. Common attacks occur as email hijacking, IP spoofing, session hijacking, DNS spoofing or Wi-Fi eavesdropping. Detecting and preventing MITM attacks start with avoiding public or insecure Wi-Fi connections while using ecommerce or banking websites. Read more.

Moody’s Tackles Cybersecurity Risks Through Investment in BitSight

Moody’s, the is the bond credit rating business of Moody’s Corporation, has announced that it is spending hundreds of millions of dollars to better evaluate the cybersecurity risks that face America’s largest corporations, according to a recent report on www.wtop.com. The company aims to assess the risks that ransomware and other digital threats pose to Fortune 500 firms and government agencies by investing $250 million in cybersecurity ratings company BitSight, which uses an algorithm to assess the likelihood that an organization will be breached. Read more.

Cyber Connections News Roundup: September 7

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

September 7

Microsoft and Google to Invest $30 Billion in Cybersecurity

According to a recent article on https://thehackernews.com, Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next five years. Microsoft will invest $20 billion over the next five years to deliver advanced security solutions, in addition to making available $150 million in technical services to help federal, state, and local governments with upgrading security protections. Google will invest over $10 billion to bolster cybersecurity, including expanding zero-trust programs, helping secure the software supply chain and enhancing open-source security. Read more.

New Federal Recruiting Program Aims to Fill Cybersecurity Positions

According to a recent article on www.thehill.com, the Biden administration on August 27 announced it was establishing a program to recruit and train people to serve in digital positions within the federal government and address issues related to the COVID-19 pandemic and cybersecurity concerns. Called the U.S. Digital Corps, the program will launch later this year as a two-year fellowship for 30 initial participants. Program participants will work at federal agencies during their two years, with initial host agencies including the General Services Administration (GSA), the Department of Veterans Affairs, the Centers for Medicare and Medicaid Services, and the Consumer Financial Protection Bureau. Read more.

Wiper Malware and Malicious AI Top List of Emerging Cyber Threats in US

A recent article on Yahoo!Finance !, Wiper malware as one of the top-five emerging cyber threats in the US. Wipers are a type of malware that can be even more destructive than ransomware because they are designed for the sole purpose of erasing data. Iran, for example, has been implicated in a series of wiper attacks against Israel recently. Additionally, the emerging field of artificial intelligence (AI) will lead to smarter and autonomous malware that can adapt to changing circumstances and learn how to improve its tactics to pull off more advanced attacks. Read more.

Recent McAfee Research Reveals Vulnerabilities in Infusion Pump Software

According to a recent report on www.cyberscoop.com, McAfee researchers have found multiple vulnerabilities in infusion pump software that a skilled hacker could use to alter a patient’s medication dose to a potentially unsafe level. The vulnerabilities were detected in equipment made by multinational vendor B. Braun that are used in pediatric and adult health care facilities in the US. While there are no reports of malicious exploitation of the flaws, the research illustrates the challenge of securing devices developed decades ago from today’s digital threats. The research comes with caveats, however. The attack scenario requires a hacker to first access the local network on which the devices run, and the infusion pumps must be on standby rather than in use. Medical professionals also monitor doses administered by infusion pumps and are trained to spot irregularities. Read more.

Stemming Ransomware Attacks By Modeling the Nonvirtual World

In a recent New York Times opinion piece, Paul Rosenzweig, an attorney and former Department of Homeland Security staffer, maintains that the way to stop ransomware attacks is to tackle the problem at its root – making it harder for criminals to profit from these attacks. And the US government can make it harder by more aggressively regulating cryptocurrencies and limiting their use as an anonymous payment system for unlawful purposes. In the physical world, kidnappings for ransom are unsuccessful because as soon as victims are exchanged for cash, the criminals put themselves at great risk of identification and capture. Adopting and enforcing regulations for the cryptocurrency industry that are equivalent to those that govern the traditional banking industry would be a start. Read more.