Recent Cyber Attacks & News

Bookmark this page

• Interview with one of the world’s best competitive bug hunters
  Meet Amat Cama, winner of three consecutive Pwn2Own competitions.
  Source: ZDNet | security RSSPublished on 2019-12-07
• Ransomware at Colorado IT Provider Affects 100+ Dental Offices
  A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as “Sodinokibi” or “rEvil” to be installed on computers at more than 100 dentistry businesses that rely on the company for a range of services — including network security, data backup and voice-over-IP phone service. Reached via phone Friday evening, CTS President Herb Miner declined to answer questions about the incident. When asked about reports of a ransomware attack on his company, Miner simply said it was not a good time and hung up. The attack on CTS comes little more than two months after Sodinokibi hit Wisconsin-based dental IT provider PerCSoft, an intrusion that encrypted files for approximately 400 dental practices. Thomas Terronez, CEO of Iowa-based Medix Dental, said he’s heard from several affected practices that the attackers are demanding $700,000 in bitcoin from some of the larger victims to receive a key that can unlock files encrypted by the ransomware. Others reported a ransom demand in the tens of thousands of dollars. In previous ransomware attacks, the assailants appear to have priced their ransom demands based on the number of workstation and/or server endpoints within the victim organization. According to CTS, its clients typically have anywhere from 10 to 100 workstations. Terronez said he’s spoken with multiple other practices that have been sidelined by the ransomware attack, and that some CTS clients had usable backups of their data available off-site, while others have been working with third party companies to independently negotiate and pay the ransom for their practice only. Many of CTS’s customers took to posting about the attack on a private Facebook group for dentists, discussing steps they’ve taken or attempted to take to get their files back. “I would recommend everyone reach out to their insurance provider,” said one dentist based in Denver. “I was told by CTS that I would have to pay the ransom to get my corrupted files back.” “My experience has been very different,” said dental practitioner based in Las Vegas. “No help from my insurance. Still not working, great loss of income, patients are mad, staff even worse.” Terronez said the dental industry in general has fairly atrocious security practices, and that relatively few offices are willing to spend what’s needed to fend off sophisticated attackers. He said it’s common to see servers that haven’t been patched for over a year, backups that haven’t run for a while, Windows Defender as only point of detection, non-segmented wireless networks, and the whole staff having administrator access to the computers — sometimes all using the same or simple passwords. “A lot of these [practices] are forced into a price point on what they’re willing to spend,” said Terronez, whose company also offers IT services to dental providers.
  Source: Krebs on SecurityPublished on 2019-12-07
• Moscow Cops Sell Access to City CCTV, Facial Recognition Data
  Anyone with a little money can buy access to Moscow's surveillance system of tens of thousands of cameras along and check footage stored over the previous five days.
  Source: BleepingComputerPublished on 2019-12-07
• Clever Microsoft Phishing Scam Creates a Local Login Form
  A clever phishing campaign has been spotted that bundles the scam's landing page in the HTML attachment rather than redirecting users to another site that asks them to log in.
  Source: BleepingComputerPublished on 2019-12-07
• FBI Recommends Securing Your Smart TVs and IoT Devices
  The U.S. Federal Bureau of Investigation (FBI) recommends making sure that Internet of Things (IoT) devices and smart TVs in your home are properly configured to protect them and your other devices from potential attackers.
  Source: BleepingComputerPublished on 2019-12-07
• Driving Efficiency and Productivity with Cisco Defense Orchestrator
  Network security professionals today clearly understand that there is no longer just one perimeter surrounding the enterprise. Rather, security and network management now extend across multiple, overlapping perimeters, each of which usually has its own firewall and related network equipment. For security teams and network admins, this translates into the need to oversee and coordinate policy on a potentially large number of separate devices. Cisco Defense Orchestratoris a cloud-based application that enables admins to consistently manage and harmonize policies across a variety of Cisco security products as well as cloud-native tools such as AWS Security Groups. Users of Cisco Defense Orchestrator shared their experiences with the product on IT Central Station. Their reviews reveal a solution that is appreciated for its simplicity and efficiency. Users also noted that Cisco Defense Orchestrator makes their teams more productive, particularly when managing policies across Cisco ASA, FTD and Meraki MX devices. The Simplicity of Cisco Defense Orchestrator Cisco Defense Orchestrator is known for enabling streamlined security policy management across an extended network. As Jairo M., Network and Security Specialist at a small tech services company, explained, “The initial setup was really straightforward. If the person setting this up has knowledge of firewalls and switches, it’s pretty simple. It took about two hours for us to deploy.” Todd E., CTO at a small tech services company, similarly noted, “In terms of visibility and getting everybody involved, it was simple, scalable, and saved them tons of time, which in turn saved them money. Its effect on firewall builds and daily management of firewalls is that it’s super-simple on new deployments.” Efficiency in Centralization IT Central Station members remarked that Cisco Defense Orchestrator has made their teams more efficient. According to Mohamed N., an I.T. Manager at a consumer goods company with over 5,000 employees, “This efficient, time-saving, centralized device manager is easy to deploy and requires minimal administrative IT resources.” Todd E. spoke to this point as well, noting, “The simplicity, efficiency, and effectiveness of it are valuable. It’s efficient, simple, and there’s the visibility on the security side. Deployment is fast. As a security person, I love the visibility and the ease of use when doing my upgrades.” Team Productivity and Support for ASA, FTD and Meraki MX Network managers and security teams want to manage security policies across multiple Cisco products, including ASA, FTD and Meraki MX devices. The outcome is consistent security across the network. Isiac S., Network Administrator at a manufacturing company with over 200 employees, praised Cisco Defense Orchestrator in this context. He said, “Its support for ASA, FTD, and Meraki MX helps maintain consistent security.” Todd E. addressed the team productivity aspects of this capability. He said, “When it comes to making bulk changes across common tasks, like policy management and image upgrades, one of the biggest complaints that I had from a lot of network engineers, was that everything was GUI, that Cisco had gone to GUI. But they can do bulk changes on the CLI. That was
  Source: Security – Cisco BlogPublished on 2019-12-07
• OpenBSD bugs, Microsoft’s bad update, a new Nork hacking crew, and more
  Meanwhile, the DOJ sets its sights on money mules Welcome to yet another El Reg security roundup. Off we go.…
  Source: The RegisterPublished on 2019-12-07
• OpenBSD bugs, Microsoft’s bad update, a new Nork hacking crew, and more
  Meanwhile, the DOJ sets its sights on money mules Welcome to yet another El Reg security roundup. Off we go.…
  Source: The Register – SecurityPublished on 2019-12-07
• OpenBSD bugs, Microsoft’s bad update, a new Nork hacking crew, and more
  Meanwhile, the DOJ sets its sights on money mules Welcome to yet another El Reg security roundup. Off we go.…
  Source: The RegisterPublished on 2019-12-07
• OpenBSD bugs, Microsoft’s bad update, a new Nork hacking crew, and more
  Meanwhile, the DOJ sets its sights on money mules Welcome to yet another El Reg security roundup. Off we go.…
  Source: The Register – SecurityPublished on 2019-12-07