Network Security News Weekly

Current cybersecurity news to keep you informed.
IT Services | Government | Financial | Healthcare | Non-Profit

Articles of interest from the week of March 19, 2018


Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors
Since at least March 2016, Russian government cyber actors—hereafter referred to as “threat actors”—targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. Analysis by DHS and FBI, resulted in the identification of distinct indicators and behaviors related to this activity. Of note, the report Dragonfly: Western energy sector targeted by sophisticated attack group, released by Symantec on September 6, 2017, provides additional information about this ongoing campaign. (By: , part of the Department of Homeland Security.)

Unsecured AWS S3 bucket managed by Walmart jewelry partner exposes data of 1.3M customers
Researchers at Kromtech security came across another publicly accessible Amazon s3 bucket. This one contained a MSSQL database backup, which was found to hold the personal information, including names, addresses, zip codes, phone numbers, e-mail addresses, IP addresses, and, most shockingly, plain text passwords, for shopping accounts of over 1.3 million people (1,314,193 to be exact) throughout the US and Canada. (By: , Security Affairs)

5 Ways to Improve Insider Threat Prevention
Most "mistakes" come from negligent insiders. Unfortunately, these insiders are often the hardest to identify. With no malicious intent, these employees are just trying to be productive and independent, which sometimes leads them to circumvent IT, download insecure apps or mistakenly click that phishing link. The ways that insiders put data at risk are always changing. A combination of education and technology is the best approach to detecting and remediating negligent user behavior. While security training is pretty standard these days for new employees, it's not uncommon for most organizations to forget to build in reminders or to update training over time. Employees may simply forget they aren't supposed to email data or use open Wi-Fi networks. (By: , Data Breach Today)

The Growing Ransomware Threat and Trends
The individuals behind ransomware attacks appear to be motivated by money. Ransomware is pure extortion, whereby the attacker takes control of a victim’s valuable asset (e.g., data), encrypts it, and holds it hostage until a ransom is paid. If organizations don’t pay within a specific amount of time (generally a few days), the extortionist claims he/she will delete the encryption key which renders the data useless and prevents future decryption. (By: , SecurityInfoWatch.com)

Securing the Insecure: Security Challenges Posed by the Internet of Things
Many organizations are experimenting with IoT deployments, ranging from automation systems and sensor networks to critical connected healthcare solutions, connected vehicles, and industrial robotics. Such deployment scenarios can automate device management, improve efficiencies and reduce operational costs, while improving the customer experience. Opportunities exist in every business sector, and early adopters are racing to secure a first-move advantage. (By: , president, engineering and R&D services at HCL Technologies, )

The First 48 Hours - How to Respond to a Data Breach
If you’ve discovered that your company has been hacked, the first 48 hours are absolutely critical. A cybersecurity breach can be privileged client data, business records, company design forecasts, or payment card customer details. Every aspect of your company’s infrastructure could be compromised. Knowing how to actively marginalize further harm and eliminate cybersecurity vulnerability can be dealt with in the first 48 hours with an incident response plan. The plan will determine what security protocols and responsibilities will be implemented to manage risk and protect confidential data. (By: , Barnea's Blog)

Firefox Master Password System Has Been Poorly Secured for the Past 9 Years
For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the "master password" feature. (By: , BleepingComputer)



Sign Up For Netsec News Weekly

Ingalls Information Security
TOP