DISC InfoSec blog

PayPal Holdings Inc joined the cryptocurrency market on Wednesday, allowing customers to buy, sell and hold bitcoin and other virtual coins using the U.S. digital payments company’s online wallets.

Source: PayPal to allow cryptocurrency buying, selling and shopping on its network



PayPal to Allow Cryptocurrency Buying, Selling and Shopping on its Network ₿₿₿

Hackers with access to the Signaling System 7 (SS7) used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business.

Source: Hackers hijack Telegram, email accounts in SS7 mobile attack



Telegram SS7 attack

Nook, line and sinker: Servers restored from backups, punters unable to download purchased e-books

Source: Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info

FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, Symantec, and the Microsoft Defender team participated in the takedown.

Source: Microsoft and others orchestrate takedown of TrickBot botnet | ZDNet



Microsoft takes action against Trickbot ransomware attacks

Here’s why it may be impossible to delete your personal information from Houseparty and other social media services – despite privacy legislation!

Source: So you thought your personal data was deleted? Not so fast | WeLiveSecurity



How to erase your iPhone — Apple Support

The Springfield Public Schools district in Massachusetts has become the victim of a ransomware attack that has caused the closure of schools while they investigate the cyberattack.

Source: Massachusetts school district shut down by ransomware attack



FBI warning schools to create a ransomware attack plan

Including HP Official Ink and Toner cartridge security, HP announced rewards up to $10,000 under the new printer bug bounty program.

After pioneering a bug rewards program for printer security, HP takes another step in this direction. As announced, HP has expanded its bug bounty program for printers to include cartridge security vulnerabilities.

Source: HP Printer Bug Bounty Expands To Include Cartridge Security

Jailbreak involves combining last year’s checkm8 exploit with the Blackbird vulnerability disclosed this August.

Source: Hackers claim they can now jailbreak Apple’s T2 security chip | ZDNet



How to Disable T2 Security




👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Download a Security Risk Assessment Steps paper!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

No patients were affected, but the incident was another reminder of the risks in the increasingly common assaults on healthcare computer networks.

A Philadelphia company that sells software used in hundreds of clinical trials, including the crash effort to develop tests, treatments and a vaccine for the coronavirus, was hit by a ransomware attack that has slowed some of those trials over the past two weeks.

The attack on eResearch Technology, which has not previously been reported, began two weeks ago when employees discovered that they were locked out of their data by ransomware, an attack that holds victims’ data hostage until they pay to unlock it. ERT said clinical trial patients were never at risk, but customers said the attack forced trial researchers to track their patients with pen and paper.

Source: Clinical Trials Hit by Ransomware Attack on Health Tech Firm

 
Clinic.al Trials Hit by Ransomware Attack on Health Tech Firm

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Download a Security Risk Assessment Steps paper!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

CMMC – A pocket guide | Available now for pre-order 📢

Suitable for senior management and the C-suite, general or legal counsel, IT executives, IT organizations, and IT and security students, this pocket guide will give you a solid introduction to the CMMC and its requirements.

A clear, concise primer on the CMMC (Cybersecurity Maturity Model Certification), this pocket guide:

• Summarizes the CMMC and proposes useful tips for implementation
• Discusses why the scheme has been created
• Covers who it applies to and why being non-compliant will result in missed business opportunities
• Highlights the requirements for achieving and maintaining compliance

Available for pre-order! Buy today and we’ll email you as soon as The Cybersecurity Maturity Model Certification (CMMC) – A pocket guide becomes available on 11/10/2020. Buy Now

Christopher Wright is one of IT Governance Publishing’s most prolific writers, having released five books with us over the past six years.

His work covers many different topics, including advice on organizational cyber security, project management and risk management auditing.

In How Cyber Security Can Protect Your Business – A guide for all stakeholders, Wright provides an effective and efficient framework to help organizations manage cyber governance, risk and compliance.

How Cyber Security Can Protect Your Business Businesses must protect themselves and their reputations, while reassuring stakeholders they take cyber security seriously. Wright’s pocket guide: Explains in easy-to-understand terms what executives and senior managers need to know and do about the ever-changing cyber threat landscape; Gives strategic, business-focused guidance and advice relevant to C-suite executives; Provides an effective and efficient framework for managing cyber governance, risk and compliance; and Makes clear what is required to implement an effective cyber security strategy. Receive 15% off all of Christopher Wright’s books throughout October by entering the voucher code WRIGHT15 at the checkout.

Buy now

Take a look at the top data breaches and cyber attacks in September, as well as our full list of 102 incidents.

Source: List of data breaches and cyber attacks in September 2020 – 267 million records breached – IT Governance UK Blog

Data Breaches: Crisis and Opportunity

The newly published Building Security in Maturity Model provides the software security basics organizations should cover to keep up with their peers.

As application security methodology and best practices have evolved over more than a decade, the Building Security in Maturity Model (BSIMM) has been there each year to track how organizations are making progress. BSIMM11, released last week by Synopsys, is based on the software security practices in place at 130 different firms across numerous industries, including financial services, software, cloud, and healthcare.

The practices were measured by the model’s proprietary yardstick, which lumps 121 different software security metrics into four major domains: governance, intelligence, secure software development lifecycle (SSDL) touchpoints, and deployment. Each of these domains are further broken down into three practice categories containing numerous activities that slide from simple to very mature.

Similar to previous reports, BSIMM11 shows that most organizations are at the very least hitting the basics — including activities like performing external penetration testing and instituting basic software security training across development organizations. The following are the most common activities cited for each practice category, providing an excellent yardstick for the bare minimum that organizations should be doing to keep up with their peers.

Source: 12 Bare-Minimum Benchmarks for AppSec Initiatives







DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Download a Security Risk Assessment Steps paper!

The mass transition to working from home clearly shows the best technologies for a secure and convenient remote environment.

Users receive the maximum security benefits by connecting to virtual desktops from thin clients.

A thin client is a terminal-mode device. It often doesn’t even have any internal storage, being just a box that connects to a server and lets users connect a monitor and peripheral devices (configuration may vary depending on the specific model). The thin client does not process or store any work data.

Of course, a thin client requires a good communications channel. In recent years, however, that’s not much of a hurdle.

Communication between a thin client and a server is usually conducted over an encrypted protocol, solving the problem of the unreliable network environment.

Source: Thin clients from a security perspective

2020 Security Playbook
1) Data discovery
2) Compartmented Data Access
3) Move to thin client
4) Increase focus on AAA

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Download a Security Risk Assessment Steps paper!

ISO/IEC 27701:2019 provides guidance on data protection, including how organizations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR.

The Standard integrates with the international information security management standard ISO/IEC 27001 to extend an ISMS (information security management system), enabling an organization to establish, implement, maintain and continually improve a PIMS (privacy information management system).

ITG pocket guide ISO/IEC 27701:2019: An introduction to privacy information management is an ideal primer for anyone implementing a PIMS based on ISO 27701.

Improve your privacy information management regime Co-written by Alan Shipman, an acknowledged expert in the field of privacy and personal information and the project editor of ISO/IEC 27701, this pocket guide will help you understand the basics of privacy management, including:   What privacy information management means How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701 Key areas of investment for a business-focused PIMS and How your organization can demonstrate the degree of assurance it offers with regard to privacy information management.

Buy now

ISO 27701 Gap Analysis Tool

Download a Security Risk Assessment Steps paper!







DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet.

The archive contained records for almost 600,000 members or staff, exposed info includes names, addresses, phone numbers, email addresses, last four digits of credit cards, credit card expiration dates, and a member’s billing history.

“Fitness chain Town Sports International has exposed 600,000 records of members and employees on the web without a password or any other authentication required to access it, Comparitech researchers report.” reads the report published by Comparitech, “Comparitech security researcher Bob Diachenko received a tip from cybersecurity expert Sami Toivonen about the exposure on September 21, 2020.”

Source: Data for 600K customers of U.S. fitness chains Town Sports leaked online

If you got someone else’s “free offer” in what looked like a misdirected message, would you take a peek?

Dear Christopher, we have your packet in queue. Address: Londonderry, 
Ballynagard crescent http COLON SLASH SLASH xxxxxxxx DOT com SLASH zzzzzzz

The message is meant to look as though it was sent to the wrong number, so the crooks are relying on you being intrigued enough to click through, whereupon they use some sneaky “reverse authentication” psychology to lure you in further

Source: SMS phishing scam pretends to be Apple “chatbot” – don’t fall for it!

An unnamed U.S. federal agency was hit with a cyber-attack after a hacker used valid access credentials, authorities said on Thursday.

While many details of the hack weren’t revealed, federal authorities did divulge that the hacker was able to browse directories, copy at least one file and exfiltrate data, according to the Cybersecurity & Infrastructure Security Agency, known as CISA.

The hacker implanted malware that evaded the agency’s protection system and was able to gain access to the network by using valid access credentials for multiple users’ Microsoft 365 accounts and domain administrator accounts, according to authorities.

Source: Hacker Accessed Network of U.S. Agency and Downloaded Data

Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!

Download a Security Risk Assessment Steps paper!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Tyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook…

Earlier today, the normal content on tylertech.com was replaced with a notice saying the site was offline. In a statement provided to KrebsOnSecurity after the markets closed central time, Tyler Tech said early this morning the company became aware that an unauthorized intruder had gained access to its phone and information technology systems.

“Upon discovery and out of an abundance of caution, we shut down points of access to external systems and immediately began investigating and remediating the problem,” Tyler’s Chief Information Officer Matt Bieri said. “We have since engaged outside IT security and forensics experts to conduct a detailed review and help us securely restore affected equipment. We are implementing enhanced monitoring systems, and we have notified law enforcement.”

“At this time and based on the evidence available to us to-date, all indications are that the impact of this incident is limited to our internal network and phone systems,” their statement continues. “We currently have no reason to believe that any client data, client servers, or hosted systems were affected.”

Source: Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

A global police sting dubbed Operation DisrupTor targeted vendors and buyers of illicit goods on the dark web, Europol announced.

Source: Operation DisrupTor: police arrested 179 vendors engaged in the sale of illicit good – Security Affairs

Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!

Download a Security Risk Assessment Steps paper!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet