Weekly Infosec News Brief 20-26 April

US Army and Japanese Nuclear Plant Operator Still Running Lots of Windows XP Machines

As the first anniversary of the end of support for Windows XP passed, news stories show that some large organizations still have significant numbers of Windows XP machines in operation on mission-essential systems. The US Army has been paying Microsoft $200 per computer over the past year for extended support, and is seeking bids from other companies to provide such support for another year. Does your organization still have Windows XP running? Have you assessed the risk you face as a result? What about Windows 2003 Server, which ends support this July?
http://gcn.com/articles/2015/04/13/army-xp-support.aspx
http://www.theregister.co.uk/2015/04/23/fukushima_nuke_plant_owner_told_to_upgrade_from_windows_xp/


 Large Collection of WordPress Plugins Updated to Fix Major Vulnerabilities

Wordpress is the most popular web content management platform in use today, and it has been the source of a lot of serious vulnerabilities in websites. Last week a serious cross-site scripting (XSS) flaw was found that affects a large number of popular WordPress plugins. If your organization is running WordPress, it is vital that you regularly check for security updates both to WordPress and any plugins that are running. If you are not sure whether you're using WordPress or how to check for updates or plugins, Anchor can help.
http://arstechnica.com/security/2015/04/21/swarm-of-wordpress-plugins-susceptible-to-potentially-dangerous-exploits/


Sony Hack May Have Begun with Spear-Phishing Messages Aimed at their IT Staff

An analysis by Cylance of data from the Sony Pictures hack suggests that the incident may have started with spear-phishing messages aimed at IT staff members with privileged access to Sony's systems. The messages purported to be from Apple, requesting that the users confirm their Apple ID credentials. Upon gaining access, the attackers may have used Sony's internal systems management software to distribute malicious code to various hosts throughout the enterprise.
http://www.computerworld.com/article/2913805/cybercrime-hacking/sony-hackers-targeted-employees-with-fake-apple-id-emails.html


US House Approves Cybersecurity Bill Which Encourages Information Sharing

A bill approved by the House last week would provide significant immunity from liability for companies that share information with the federal government regarding computer security breaches and incidents involving their systems and data. Some civil liberties advocates suggest that the immunity is too sweeping and would place customers' personal data at risk. If your organization doesn't have an incident response policy that addresses what information can be shared with authorities and who can approve this sharing, these are important considerations to address.
http://www.cnet.com/news/house-approves-controversial-cybersecurity-bill/

Comments

Post a Comment

Popular posts from this blog

Weekly Infosec News Brief: 14-20 March

Image
Major Media Websites Caught up inNew Malicious Advertising Attacks Last week multiple major advertising networks, including Google's DoubleClick, AppNexus, Rubicon, and AOL were abused by attackers to serve up malicious advertisements on major media sites. These malicious advertisements were redirecting to the "Angler" exploit kit, which uses multiple means to attempt to compromise a browser and install malware. While such malicious ads are common on smaller websites, they are not unheard-of on major media sites. This outbreak, however, was unusually large and long-lived, lasting at least the better part of two days. Given how common malicious web ads are, some security experts are recommending the use of ad blocking technology in web browsers. http://www.computerworld.com/article/3044565/security/advertising-based-cyberattacks-hit-bbc-new-york-times-msn.html Malicious Macros in Word Documents Used to Install Malware with No Files Needed Everything old is new a
Read more

Weekly Infosec News Brief 20-26 July

Image
FBI Sees Massive Increase in Espionage, Including Industrial Espionage, Against the US The FBI on Thursday issued a press release discussing what they believe is an increasing threat of economic espionage against US companies. They estimate that such espionage may cost the US as much as "hundreds of billions" of dollars a year. This espionage is not just directed against large industrial companies, but any place where trade secrets and innovations might be found, including third-party organizations (e.g. business partners, vendors, consultants, lawyers, etc.) affiliated with targeted companies. A key take-away is that the threat is more widespread than most people think, and that few organizations are immune. https://www.fbi.gov/news/pressrel/press-releases/fbi-announces-economic-espionage-awareness-campaign http://www.cnn.com/2015/07/24/politics/fbi-economic-espionage/ Microsoft Releases Out-of-Cycle Patch for Critical Font Driver Bug A flaw uncovered in connecti
Read more

Weekly Infosec News Brief: 22-28 February

Image
Ransomware Observed to Jump from One Device to Another via the Cloud Researchers described last week an incident where they observed malicious "ransomware" propagating from one device to another via cloud-based file synchronization. When the ransomware encrypted files on one machine that synchronized files to a specific folder, it spread to other PCs that synchronized to that same folder. This type of phenomenon is simply another reason for organizations to serious consider limiting or eliminating the use of such file-synchronizing software within their networks. http://www.scmagazine.com/researchers-confirm-cases-of-ransomware-encryption-jumping-devices-via-cloud-apps/article/479572/ New OpenSSL Patches Soon to Come The OpenSSL project team announced last Thursday that they are working on patches to fix at least two "high" severity vulnerabilities in OpenSSL. This is the software that powers the cryptographic security layer of many web servers, browser
Read more