Week of March 2, 2018


Week of March 2, 2018

Millions of Office 365 Accounts Hit with Password Stealers*:

  • A new wave of phishing attacks aims to dupe users and steal their passwords by disguising malicious emails as tax-related notifications from the IRS.
  • This threat lures victims with Microsoft 365 Office files claiming to be tax forms or other official documents.
  • Examples of this tactic include files named “taxletter.doc”.
  • The use of popular file types like Word and Excel, which are globally known and used, further ensures victims will fall for it.
  • Users are hit with the password stealer when they download and open the malicious document.
  • Tens of millions of people have been affected by these phishing emails; while Exchange server makes up a large portion of people affected, other types of email accounts are also targeted with the malicious files.
  • Password theft is increasing overall, a sign of attackers shifting their goals and strategies.
  • Ransomware was big last year; this year, password stealers are appearing in phishing emails, browser extensions, and other programs as criminals hunt login data.
  • Cybercriminals are aiming for mass data theft and many are impersonating executives to request W-2 information from human resources.
  • It's a timely opportunity for attackers to capitalize on users' wariness of tax season and make their campaigns more effective.

*Source: Dark Reading, March 02, 2018


Breaches on the Rise as 70% of Healthcare Firms Are Hit*:

  • Some 70% of global healthcare organizations (HCOs) have suffered a data breach, as the sector increasingly shifts towards using digital platforms.
  • A recent report revealed that only 30% have yet to suffer a breach, a 17% decrease from 2016.
  • In the past year, 39% of HCOs were hit and over half (55%) of respondents claimed they now feel “very” or “extremely” vulnerable to data breaches.
  • The growing risk to HCOs comes as virtually all (93%) now use cloud, big data, IoT and container technologies with sensitive data.
  • Almost all (96%) said they are using IoT technologies, including internet-connected heart-rate monitors, implantable defibrillators and insulin pumps.
  • On the plus side, 84% said they plan to increase spending on cybersecurity over the next year, although only 40% want to do so on encryption tools, despite the forthcoming GDPR coming into force in May.
  • Last year the NHS suffered yet another security wake-up call after the WannaCry ransomware campaign caused widespread damage, leading to the cancellation of an estimated 19,000 operations and appointments.

*Source: Info Security, March 05, 2018


Equifax Says 2.4 Million More People Were Impacted by Huge 2017 Breach*:

  • Equifax has disclosed that an additional 2.4 million people were impacted by a massive cybersecurity breach last year, bringing the total to about 148 million people.
  • The credit reporting agency says the new consumers were identified during forensic examination of the breach.
  • They were previously unidentified, the company says, because their Social Security numbers were not stolen, but their names and some of their driver’s license information was taken.
  • Equifax says it will directly notify these 2.4 million people “and will offer identity theft protection and credit file monitoring services at no cost to them.”
  • The company has struggled to rebuild public trust after the revelation of the breach and what is widely perceived as a bungled response.
  • Democrats from the House Committee on Oversight and Government Reform recently pressed Equifax to extend their free identity theft protection and credit file monitoring from one year to three.
  • When the breach was first disclosed, the number of American consumers affected was about 44 percent of the US population.
  • A new survey from found that 50 percent of adults surveyed have not checked their credit scores and reports since the breach.
  • Additionally, "twenty percent of all respondents have heard little or nothing about the Equifax breach, including 46 percent of those aged 18-37.”

*Source: National Public Radio, March 01, 2018


GitHub Hit by 1.35 Tbps DDoS attack*:

  • The online version control and code distribution platform GitHub has suffered a series of massive distributed denial of service (DDoS) attacks, causing service disruption by forcing its website to go offline.
  • In the first phase of the attack, GitHub’s website suffered a shocking 1.35 terabits per second (Tbps) spike while in the second phase Github’s network monitoring system detected 400 Gbps spike.
  • The attacks lasted for over 8 minutes and due to the massive traffic used by the attacks, this is the largest DDoS attack ever witnessed.
  • In this case, the DDoS attacks were possible due to a critical security flaw in Memcached servers.
  • According to researchers, implementation of the Memcached servers’ UDP protocol is flawed and anyone can launch a major DDoS attack without much ado.
  • GitHub has confirmed it was an amplification attack using the memcached-based approach.
  • If hackers manage to prepare the amplification attack well, they can launch an attack with lowest possible IP spoofing capacity, as low as 1Gbps, and successfully launch very large attacks.
  • To mitigate the attacks, GitHub decided to use Akamai’s Prolexic which provides fully managed DDoS protection and as expected Akamai filtered and blocked the malicious traffic packets.
  • GitHub has apologized to its users, maintained that at no point was user data at risk.

*Source: Hack Read, March 02, 2018


Cybercrime 'Pandemic' May Have Cost the World $600 Billion Last Year*:

  • The global cost of cybercrime has now reached as much as $600 billion – about 0.8 percent of global GDP – according to a new report.
  • More worrying than that figure may be the massive growth from 2014, when the same analysis showed the cost was only as much as $445 billion.
  • That rapid increase is largely due to the lower cost of entry and advancements in technology such as machine learning and artificial intelligence.
  • Cybercrime is the only criminal enterprise that has a “help desk,” and would-be criminals don’t need to be technologically advanced to conduct a cyber-attack.
  • Certain nation states have come to be regarded as safe havens for cybercriminals; countries such as North Korea, Iran, and Russia tend to go after financial services and “espionage activities” are more common in China.
  • A headline-grabbing example is the recent hack of Tokyo-based cryptocurrency exchange Coincheck, where almost 58 billion yen of NEM coins were stolen.
  • Cryptocurrency users and investors have voiced concerns about the need for higher standards and broad regulatory systems to safeguard their interests.

*Source: CNBC, February 22, 2018


Pennsylvania AG says Uber Must Pay Over Data Breach*:

  • Pennsylvania Attorney General filed a lawsuit against Uber after the San Francisco-based ride-sharing company took more than 12 months to inform users that it suffered a major hack.
  • In a press release, Uber is accused of violating Pennsylvania law by failing to put residents on timely notice of the massive data breach.
  • The attackers accessed the information of 25 million users in the US, 4.1 million of whom were drivers.
  • Approximately 600,000 driver's license numbers were compromised, but no credit card or Social Security numbers were stolen; about 13,500 of the affected Uber drivers lived in Pennsylvania.
  • Under Pennsylvania law, they can sue for $1,000 for each violation and that means the attorney general's office could seek $13.5 million from Uber.
  • Although the hack took place in October 2016, the company didn’t notify the public until November 2017, and the lawsuit asserts Uber failed to notify users in a “reasonable” time frame.
  • An Uber spokesman said, “While we make no excuses for the previous failure to disclose the data breach, Uber’s new leadership has taken a series of steps to be accountable and respond responsibly.”
  • During his testimony, Uber’s chief security explained the steps Uber has taken to strengthen its security systems and procedures going forward.
  • Data breaches, meanwhile, have become a fact of life in a world devoted to apps, e-commerce and an internet overstuffed with personal information.
  • The Pennsylvania AG’s office is asking any state residents who feel they were affected by Uber’s breach to file a complaint with the Bureau of Consumer Protection.

*Source: CNET, March 05, 2018


Women Create Alternate Tech Conference, Protesting Snub at Big Security Confab*:

  • After a furor over the lack of women in the line-up at one of the world's largest computer security conferences, a group of women and their allies have organized an alternate conference to run at the same time and in the same city.
  • The alternate conference is dubbed "Our Security Advocates Conference," or OURSA – a not-so-subtle dig at RSA.
  • RSA Conference was criticized last week for having announced just one female keynote speaker out of 22 this year.
  • The alternate conference was inspired by a lack of diverse representation at other computer security events.
  • RSA blamed the lack of women in the field, where just 11% of positions worldwide are held by women, according to a recent estimate from research firm Forrester.
  • In response, the group of women and men in security came together and created their alternative conference on the fly.
  • The vice president of the RSA Conference said, “we applaud the efforts of OURSA for putting this event together, and bringing attention to the need for diversity in information security.”
  • The OURSA organizers hope this will be a one-off event and their intent is not to create an ongoing, separate conference for women and those who are underrepresented in security.
  • The conference will only have space for a few hundred attendees as compared with the 43,000 who attended RSA last year, but will have a live feed as well so others can take part.

*Source: USA today, March 05, 2018


Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

scroll top