June 13, 2017
Cybersecurity News Summary – Q2 2017
This is the first installment of a new quarterly cybersecurity news blog on what’s going on in cybersecurity on topics that you might actually care about that can help your business.
Here are some short cybersecurity news nuggets that might impact your company’s future planning for security.
WannaCry Development Errors Enable Possible File Recovery
A combination of various sloppy development errors by the WannaCry developers offers multiple opportunities to recovery your files without payment to the criminals. Check out this article by Kaspersky to see details.
You Should Still be Focused on Phishing as a Huge Threat
Email and phishing still are the #1 threats to your company. Ransomware is the highest profile threat, but so are CEO fraud attacks. Trend Micro says there was a 752% rise in ransomware families last year.
Recent scams include: DMV warning email, CEO fraud phishing asking employees for employee’s W-2 forms, and email scams targeting tax professionals.
Prevention starts with strong email security; gateway and endpoint security; and requires your employees to be trained to avoid attacks.
Yes, Malware Can Install with Only a Mouse-over
Researchers are warning of several recent spam campaigns delivering PowerPoint files that when opened contain a mouse-over link that installs a variant of the Zusy malware.
Zusy is spread via spam email campaigns. This attack shows the creativity of attackers and ability to create new ways to exploit users.
Strong gateway security can help mitigate this threat.
Will Adobe Flash Vulnerabilities be Eliminated Soon?
The number of outdated versions of Adobe Flash running on enterprise computers grew 10 percent year-over-year to 53 percent of endpoints, despite numerous devastating attacks targeting the maligned software and endless calls to eliminate its use.
Adobe looks to be moving away from Flash towards HTML5 providing new HTML5 development tools. Flash continues to be a huge target for hackers.
Is Your Single Sign-on Password Saver Solution Safe?
A breach at OneLogin, a company that provides customers with a single sign on for logging into multiple sites and apps, appears to have compromised customer data, including the ability to decrypt encrypted data. All 2000 customers were affected.
The company notified customers via email that the incident stemmed from unauthorized access to one of its U.S. data centers. In addition to forcing customer password resets the company is also instructing customers to carry out a lengthy list of actions.
Lessons learned? For one, use 2-Factor authentication or similar, whenever you can and certainly on important hosted accounts (like banks, payroll, etc).
What Happens When Your Credentials are Stolen?
More and more when your user name and password credentials are stolen, they are used by criminals to verify not only that they work for the services they originated from, but in other services and Websites as well. That means that if you use passwords for more than one service or Website, criminals might access all of those accounts with a single set of stolen credentials.
Criminals use a tool called a credential stuffer to try access to multiple sites automatically.
Lesson learned: use strong passwords, don’t share them, don’t reuse them, store them securely in an encrypted storage location or in your head if you head is big enough.
CYBERSECURITY COMPLIANCE NEWS
Cybersecurity Continues to Drive Enhanced Regulations
President Trump signed a long-delayed cybersecurity executive order that prioritizes the protection of federal networks and critical industries, and instructs agency heads to implement the NIST Framework for Improving Critical Infrastructure Cybersecurity.
Tom Bossert, Trump’s Homeland Security adviser said the executive order is the first step toward not only enhancing the security of critical industries such as finance, health care and utilities, but also in creating a deterrence policy, calling it long overdue.