Blog

Forescout Cyber Weekly Roundup February 22, 2019

Colby Proffitt | February 22, 2019

The Forescout Cyber Roundup is a weekly blog series that highlights some of the major cyber headlines, as well as some of the more obscure stories from the week. The purpose of this curation is to raise cyber awareness, provoke thought and encourage discussion among cyber professionals at all levels. Articles are categorized by industry, not necessarily priority.

Twitter: @proffitt_colby

    Public Sector

  1. Putin’ the Internet in a tighter grip: Russia’s plans to unplug from the global Internet have passed the first gate with approval by the legislature on Tuesday. In addition to disconnecting, Russia also plans to build its own version of the Domain Name System (DNS)–both actions have set off alarms in the U.S., although it’s unclear whether Russia is seeking to censor its own citizens or protect the country from an offensive cyberattack.
    https://thehill.com/policy/technology/overnights/430654-hillicon-valley-kremlin-seeks-more-control-over-russian-internet
  2. Catch me once: Over 90% of cyberattacks start with a phishing email, and once the hackers are on the corporate network, they often observe user behavior and activity for at least eight months before they’re detected—not necessarily caught.
    https://www.abc.net.au/news/2019-02-20/cyber-crime-hits-consumers/10825970

  3. Defense

  4. Battlefield BYOD: Certification & Accreditation meets pragmatic device use, but Authorizations to Operate (ATOs) only approved the use of Killswitch and APASS software on government authorized Android devices. https://www.marinecorpstimes.com/news/your-marine-corps/2019/02/12/marines-have-been-downloading-to-their-phones-this-software-that-helps-coordinate-air-support-that-error-and-big-cyber-flaws-are-putting-lives-at-risk/
  5. Red Team social media military manipulation: The approach researchers at NATO’s Stratcom Center of Excellence employed was similar to the way in which sensitive information is assigned a classification level within the U.S. government and military. In isolation, data might not be that valuable, but when combined with other data, it can be incredibly powerful.
    https://www.wired.com/story/nato-stratcom-catfished-soldiers-social-media
  6. Retail

  7. Can cyber bring retail back into fashion? Retailers are devising new technologies to stay in business and compete with the online market, but failure to bake-in security may ultimately be the demise of brick-and-mortar.
    https://www.techradar.com/news/using-cybersecurity-to-bring-the-retail-sector-back-into-fashion
  8. Is it safer to shop online or in a brick-and-mortar store? Recent research suggests that nearly 5,000 unique websites are compromised via formjacking code every month, making it significantly risky to shop online.
    https://thehill.com/policy/cybersecurity/430763-cyber-criminals-shift-focus-toward-e-commerce-sites-study
  9. Healthcare

  10. Safe harbor—oxymoron or opportunity? Over 1,300 comments have been submitted in response to a recent HIPPA RFI aimed at reducing regulatory burden while also improving secure data sharing for patient care coordination. Some feedback suggests ‘safe harbors’—shelter offered to breached healthcare organizations that follow specific PHI safeguarding standards.
    https://www.bankinfosecurity.com/post-breach-hipaa-enforcement-call-for-safe-harbors-a-12033
  11. The Internet-of-Hand-Sanitizer-Dispensers: The aim of the new IoT-infused dispensers is to increase the frequency of handwashing, but is the level of tracking a bit too personal?
    https://www.forbes.com/sites/tonybradley/2019/02/15/improving-health-and-hygiene-with-purell-azure-and-iot/
  12. Financial Services

  13. More cash, less time: WinPot ATM jackpotting malware used by cybercriminals continues to spread.
    https://threatpost.com/atm-jackpotting-malware-winpot/141960/

  14. Emotet banking malware continues to evolve: BNew XML distribution tactics added to leading banking trojan.
    https://threatpost.com/emotet-evasion-tactic-xml/141862/

  15. Operational Technology / Industrial Control Systems

  16. It isn’t that they cannot find the solution; it’s that they cannot see the problem: Only 28% of last year’s public advisories about security vulnerabilities in industrial control systems provided any meaningful advice about mitigating the associated risks.
    https://www.politico.com/newsletters/morning-cybersecurity/2019/02/14/lousy-advice-about-industrial-cyber-risk-proliferates-512751

  17. New Smart City Standard released to the public: When it comes to cyber adoption, free frameworks are always better received than costly compliance.
    https://www.smart-energy.com/industry-sectors/cybersecurity/new-global-cybersecurity-standard-for-smart-cities-and-critical-infrastructure-released/

  18. State, Local & Education

  19. Add a touch of enumeration, and voila! Tampering with the numeric ID in a url allowed Stanford students to view other students’ sensitive personal data.
    https://www.databreaches.net/changing-numeric-id-in-url-allowed-students-to-view-other-stanford-students-admission-files-sensitive-personal-data/
  20. Your taxes supported a hacker’s salary last year: Recent research shows that there were at least 122 known cybersecurity incidents among K-12 schools last year, hitting 119 different education agencies in 38 states—and those are just the reported incidents.
    https://thejournal.com/articles/2019/02/19/k12-cyber-strikes-cost-millions-last-year.aspx

  21. Editor’s Choice

  22. Vulnerability is in fashion: Lenovo Watch X Riddled with Security Vulnerabilities.
    https://threatpost.com/lenovo-watch-x-riddled-with-security-vulnerabilities/141822/
  23. Don’t give me a break: Most of the major scooter providers nationwide have found their two-wheeled transports hacked at some point. Xiaomi scooters were recently found susceptible to attack—allowing attacks to accelerate or brake at will, making some riders more hesitant to hop on.
    https://www.wired.com/story/xiaomi-scooter-hack/