News Items

The cost of a data breach has risen 12% over the past 5 years. A data breach now costs a company $3.92 million on average, according to IBM. These rising expenses are representative of the multiyear financial impact of breaches, increased regulation and the complex process of resolving criminal attacks. The new research also looked at how long a company would be affected by the cost of a data breach. It was discovered that the effects of a data breach are felt for years. While an average of 67% of data breach costs were realized within the first year after a breach, 22% accrued in the second year and another 11% accumulated more than two years after a breach.

Help Net Security reports: "Average Data Breach Cost has Risen to $3.92 million"

Researchers and security firms are working to develop new cryptographic algorithms that can resist future quantum attacks launched by hackers as quantum computers are expected to render currently used encryption algorithms obsolete. The breaking of current encryption algorithms by quantum computers poses a significant threat to the privacy of sensitive data used in the processes of autonomous vehicles, military hardware, online financial transactions, and more. This article continues to discuss the two main types of digital encryption, why quantum computers pose a threat to current cryptographic defenses, whether such will breach these defenses soon, the impact that quantum attacks could have if quantum-safe cryptographic defenses are not implemented, as well as the concept of post-quantum cryptography and the possible approaches to defending against quantum attacks.

MIT Technology Review reports "What Is Post-Quantum Cryptography?"

Researchers have recently uncovered a new type of phishing campaign that is targeting American Express card users. When these incidents occur, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details. What makes this phishing attack different from most phishing attacks, is that instead of using a hyperlink to send victims to a malicious landing page, this scheme deploys an embedded "base href" URL to help hide the true intent from anti-virus and other security tools. The attackers behind this phishing campaign sought out as many American Express users as possible and did not discriminate between corporate users or consumers. The number of affected customers, the date of the attack, or whether any data has appeared on dark net forums remains unknown.

BankInfoSecurity reports: "Phishing Scheme Targets Amex Cardholders"

A quantum version of a transistor has been built by researchers at Purdue University. The transistor-like quantum gate was built with qudits to allow for the encoding and processing of more quantum information as qudits exist in multiple states. The two-qudit gate developed by researchers improves the entanglement of quantum particles, called photons. The physical principle of entangled photons serves to further secure communication between a sender and receiver from the eavesdropping or interception of listeners. This article continues to discuss the two-qudit gate in regard to how it improves the processing of quantum information as well as the next steps that will be taken in this research.

Purdue University reports "Researchers Build Transistor-Like Gate for Quantum Information Processing -- with Qudits"

FaceApp is an app that denies you any rights in its terms and conditions. The terms in conditions of FaceApp are as follows: When FaceApp is used, "you grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you". When a user reads, an anti-privacy contract, it should concern them, but the most worrying thing discovered from this, is that many people do not take the time to read the terms and conditions of well-known apps, no matter what country they come from. It is important in the future for users to look at terms and conditions of apps, to understand how their data is going to be used.

Naked Security reports: "FaceApp Privacy Panic Sets Internet Alight"

A new Sophos survey shows that IT managers are overwhelmed by cybercriminals' execution of multi-stage cyberattacks. According to the results of the survey, IT managers are finding it difficult to respond to these attacks because of a lack of skilled cybersecurity professionals, budget, and more. This article continues to discuss the use of multi-stage attack techniques by cybercriminals, the need for IT managers to prioritize efforts to manage supply chain security risk, challenges faced by organizations in responding to cyberattacks, and how these challenges could be addressed.

Help Net Security reports "Multi-Stage Attack Techniques Are Making Network Defense Difficult"

Seven apps have been removed from the Google Play Store after being identified by the cybersecurity firm, Avast, as being stalkerware. According to security researchers, these apps were designed to collect users' personal information including location, contacts, call logs, and text messages. The apps discovered to be stalkerware include Spy Kids Trackers, Phone Cell Tracker, Mobile Tracking, SMS trackers, and more. It was also discovered that these apps could have also been used to eavesdrop on encrypted messages sent via WhatsApp and Viber. This article continues to discuss the advertisement, capabilities, impact, and removal of these stalkerware apps, as well as other efforts to identify stalkerware.

Gizmodo reports "Google Yanks Seven Stalkerware Apps Discovered by Security Researchers From the Play Store"

Microsoft had discovered and notified 10,000 Microsoft users that were victims of Nation-State Attacks. Most of the attacks came from state-sponsored hackers from Iran, North Korea, and Russia. Microsoft discovered that around 84% of the nearly 10,000 nation-state attacks it detected, targeted its enterprise customers, and only 16% of these attacks were aimed at home consumers and their personal email accounts. It was also discovered that, there were nation-state attacks against political organizations involved in the electoral process as well.

ZDNet reports: "Microsoft Notified 10,000 Victims of Nation-State Attacks"

New research reveals that organizations with zero-trust network security are increasingly utilizing biometrics to verify users' access to business applications. Zero-trust security refers to an approach in which individuals and devices are not trusted until they are verified, despite whether they are inside or outside of the network perimeter. According to the 2019 Duo Trusted Access Report, biometrics have been enabled on most mobile devices used to access business applications. In addition there has been a slight decrease in the use of SMS-based two-factor authentication. This article continues to discuss what has created challenges for enterprise IT security teams over the years, early efforts to address these challenges, the zero-trust security principle, and the increased use of biometric authentication.

CSO Online reports "Companies with Zero-Trust Network Security Move Toward Biometric Authentication"

A multi-disciplinary team of researchers at the University of Arkansas has been awarded $4.63 million by the National Science Foundation in support of creating a program aimed at cultivating security skills and sustaining a cybersecurity workforce. The Cyber-Centric Multidisciplinary Security Workforce Development program will provide education and training in cybersecurity, transportation security, and critical infrastructure security for graduate and undergraduate students. Job training, research opportunities, and internships, will also be provided to students. This article continues to discuss the program in relation to its purpose, structure, and support.

The University of Arkansas reports "$4.6 Million Award Creates Program to Train Cybersecurity Professionals"

DevOps service provider, GitLab, conducted a survey aimed at highlighting trends that are impacting developers to which 4,000 developers, managers, and executives at software-producing companies responded. The results of the survey reveal a disparity between expectations and reality in regard to writing secure code and an organization's security practices that significantly contributes to the challenges faced by companies in the security of software. This article continues to discuss key findings of the survey in relation to which software development methodologies are being used by most companies, major issues faced by companies in securing their software, and the security benefits of a mature DevOps implementation.

Dark Reading reports "Software Developers Face Secure Coding Challenges"

Magecart is made up of sophisticated hacking groups that perform web-based card-skimming attacks to steal credit card numbers. The threat detection firm, RiskIQ, released a new report, which reveals the scanning of misconfigured Amazon S3 buckets by Magecart hackers to insert malware and steal credit card numbers from the ecommerce sites linked to these buckets. As the misconfiguration of Amazon S3 buckets can allow anyone with an Amazon Web Services account to write to them, hackers could easily insert malicious code. According to RiskIQ, 17,000 domains have been affected so far. This article continues to discuss new discoveries made by researchers surrounding Magecart groups in relation their latest operations and techniques, as well as the impact of these groups.

Wired reports "Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains--and Counting"

Security researchers from Symantec have discovered a vulnerability contained by popular encrypted messaging applications, WhatsApp and Telegram. The exploitation of this vulnerability could enable the modification of images and audio files by hackers. According to researchers, the vulnerability could allow hackers to manipulate photos of invoices, resulting in money being received by incorrect recipients. This article continues to discuss the use of secure messaging apps, the vulnerability found to be contained by WhatsApp and Telegram, how this vulnerability was discovered by researchers, and the discovery of a fake version of one of the apps.

CNET reports "WhatsApp, Telegram Had Security Flaws That Let Hackers Change What You See"

Security researchers at Ben-Gurion University have demonstrated that it is possible for data to be extracted from secure air-gapped computers by attackers, using the Caps Lock, Num Lock, and Scroll Lock LEDs on a keyboard. The attack, called CTRL-ALT-LED poses a threat to highly secure environments such as those that store top-secret documents or non-public proprietary information. The CTRL-ALT-LED exfiltration method has been tested on different optical capturing devices, including security cameras, smartphone cameras, high-grade optical/light sensors, and more. This article continues to discuss how the CTRL-ALT-LED attack works and other research on the exfiltration of data via keyboard LEDs.

ZDNet reports "Academics Steal Data From Air-Gapped Systems via a Keyboard's LEDs"

Proofpoint has released its fourth annual report on end users' understanding of different cybersecurity topics and best practices, titled Beyond the Phish. The report reveals that employees are still inadequately knowledgeable about phishing and data protection, further emphasizing the need for organizations to implement or improve security awareness training. This article continues to discuss what the report features and key findings pertaining to how knowledgable employees are about cyber threats and cybersecurity best practices, along with the importance of effective security awareness training for employees.

AIT News Desk reports "Cybersecurity Training Study Reveals Phishing Identification and Data Protection Are the Top Problem Areas for End Users"

A research group led by De Montfort University Leicester (DMU) has brought further attention to the increased manipulation of artificial intelligence (AI) software in search engines, social media platforms, and more, by online hackers to execute cyberattacks. According to a report published by the European Union-funded project, SHERPA, hackers are increasingly abusing existing AI systems to perform malicious activities instead of creating new attacks in which machine learning is used. This article continues to discuss hackers' increased use of AI systems for malicious purposes, the possible malicious uses of AI identified by researchers, the advancement of AI, and the purpose of the SHERPA project.

DMU reports "Research Shows Humans Are Attacking Artificial Intelligence Systems"

Researchers from the security firm, Check Point, have discovered a new malware targeting Android devices, dubbed Agent Smith, which is capable of replacing legitimate apps on a device with malicious copies. The fake apps display advertisements from which the threat actors gain profit. Agent Smith could also be used by attackers to steal banking credentials. This malware has mostly infected Android devices in India, Bangladesh, Pakistan, and Indonesia. This article continues to discuss Agent Smith in regard to its stages, impact, and targets, as well as the first signs of this malware traced by researchers.

Bleeping Computer reports "25 Million Android Devices Infected by 'Agent Smith' Malware"

GE Healthcare's anesthesia and respiratory devices have been discovered to contain a security vulnerability. According to the CyberMDX researchers who discovered the vulnerability, attackers could exploit it to perform malicious activities such as silence alarms, alter logs, manipulate gas compositions, and more. The vulnerability affects Aestiva anesthesia delivery equipment as well as Aespire models, 7100 and 7900. This article continues to discuss the devices affected by the security vulnerability, what the exploitation of this vulnerability requires, the malicious activities that could be carried out by attackers through this exploitation, and GE Healthcare's response to this discovery made by researchers.

TNW reports "Researchers Find Worrying Security Vulnerability in GE Healthcare Anesthesia Machines"

Instructional hacking videos were deemed harmful or dangerous by Youtube's updated policies, despite the value of such videos to the security community. According to those within the security community, blocking content on instructional ethical hacking reinforces the idea that anyone who discovers security vulnerabilities in products and raises awareness about how these vulnerabilities work, is a malicious actor or criminal. Blocking such videos can also leave the identified vulnerabilities unaddressed. This article continues to discuss the updates made to Youtube's policies to block instructional hacking videos, the purpose of such videos, and how blocking this type of content impacts the security community.

Slate reports "YouTube's Policy on Hacking Videos Makes Everyone Less Safe"

Robert Hansen and Daniel Gillmor are researchers that have recently been targeted by PGP poisoning attacks. PGP (Pretty Good Privacy) is an encryption software used for the authentication and privacy of email messages. PGP poisoning attacks refer to the spamming of certificates with a significant number of signatures or certifications. This article continues to discuss the PGP framework, what is exploited in PGP poisoning attacks, the impact that these attacks could have on security, and suggestions made by researchers as to how such attacks can be mitigated, along with the efforts that have been made by researchers to highlight and address these attacks.

Threatpost reports "PGP Ecosystem Targeted in 'Poisoning' Attacks"

Researchers from the International Computer Science Institute have discovered that over 1,000 Android apps circumvent privacy permission settings, bringing further attention to the difficulty of maintaining online privacy when using phones and mobile apps. As these apps violate permissions, they can gather information such as a user's geolocation. This article continues to discuss the bypassing of privacy protections by Android apps, the type of data gathered by these apps, how this discovery was made by researchers, responses to this finding, and the lack of tools for consumers to control their privacy.

CNET reports "More Than 1,000 Android Apps Harvest Data Even After You Deny Permissions"

Trend Micro conducted a survey to which 1,310 IT decision makers who work in enterprise and SMB organizations responded. The results of the survey indicate that most IT leaders believe the success of DevOps implementation depends on the improvement of communication between IT security and software development teams. This article continues to discuss key findings of the survey in relation to the adoption of a DevOps culture by organizations and what needs to be improved to increase chances of successful DevOps implementation.

Help Net Security reports "To Benefit from DevOps Implementation, Security and Dev Teams Must Communicate Better"

The Administrative Office of the Georgia Courts has been hit by a ransomware attack, resulting in the shutdown of court websites and systems. This ransomware attack is just one of many that have recently been faced by municipalities. Municipalities that have fallen victim to these attacks, including Key Biscayne, Lake City, and Riviera Beach agreed to pay ransomware attackers. However, the U.S. government advises victims to not give into the demands for ransom payments. Ransomware attackers would be motivated to execute more attacks if their demands are met. This article continues to discuss the recent ransomware attacks on municipalities, the increase in targeted ransomware attacks, the decision to pay ransoms, and the actors behind recent attacks.

Wired reports "Ransomware Hits Georgia Courts As Municipal Attacks Spread"

The London-based independent policy institute, Chatham House, recently released a research paper, titled Cybersecurity of NATO's Space-based Strategic Assets. The paper calls for the North Atlantic Treaty Organization (NATO) and its member countries to examine and make efforts to improve the cybersecurity of space-based satellite control systems as these systems have been discovered to be vulnerable to cyberattacks that pose a significant threat to global security. Since most modern military engagements depend on space systems, cyberattacks on such systems could lead to the distribution of false information to troops, redirection of movements, and more. This article continues to discuss key points made in the Chatham House paper in regard to the vulnerability of space-based satellite control systems to cyberattacks, the risk posed by cyberattacks on these systems, and how NATO countries should strengthen the cybersecurity of satellite systems.

ZDNet reports "Cyberwarfare in Space: Satellites at Risk of Hacker Attacks"