ANCHOR CYBER FEED

ABA Study Shows the Law Firm Breaches are on the Rise In a survey released this week, the ABA reported that approximately 20% of attorneys surveyed reported that their firms had experienced an information security breach of some type over the past year. Of respondents, 3% reported experiencing breaches the resulted in unauthorized access to client data, and 5% reported that their breaches resulted in the need to notify clients. The greatest increase was seen in firms with 100 or more lawyers. http://www.americanbar.org/groups/departments_offices/legal_technology_resources/publications.html https://bol.bna.com/aba-survey-data-breaches-rising-at-large-firms/ Adobe Releases New Flash Version, Fixes 23 Security Flaws Last Monday, Adobe released a new version of their Flash browser plug-in, version 19.0.0.185. This release fixes 23 security issues with Flash, at least some of which Adobe considers of the highest possible priority (Adobe doesn’t provide priority ratings for indiv...

This post is one in a series of blog posts on the fundamentals of an information security program. You can see the complete list of posts in this series here . When most people think of technical controls for information security, the first one they tend to think of is anti-virus software. After it was first widely commercialized in the late 1980s, antivirus software became known as the thing you needed to have to deal with the security of your computer. And by the mid-90s, when the connecting, communicating, and downloading over the Internet became more and more the reason for using a computer, antivirus software came to be seen as an essential accessory to modern computing life. The traditional approach of anti-virus software was to check digital files against a set of “signatures” of known virus (or, more broadly, malicious software or malware) files, in order to delete or quarantine dangerous files found stored on the computer. This technique has been refined and enhanced, pa...

New WordPress Version Released; Fixes Three Security Issues Last Tuesday, WordPress.org released version 4.3.1 of their web content management system. The new version fixes two cross-site scripting vulnerabilities and a privilege-escalation issue. WordPress is the most popular website management software in use today; in some cases, organizations are using it without even realizing they are doing so. Vulnerabilities in third-party "plugins" for WordPress are common, but the core WordPress code has been relatively trouble-free of late. If you have a website running on WordPress, it is important to ensure you update it as soon as possible. https://wordpress.org/news/2015/09/wordpress-4-3-1/ http://www.darkreading.com/vulnerabilities---threats/wordpress-dodges-further-embarassment-by-patching-three-vulns-/d/d-id/1322213? Malware Found in Hundreds of iPhone/iPad Apps in Official App Store Malware has been discovered in several hundred (so far) apps in the official App...

Malvertising Attacks Via Major Sites and Advertising Providers Persist Dynamic web advertisements containing malicious code are continuing to show up on major, reputable sites and advertising networks. The latest such attack announced involved malicious advertisements distributed through Yahoo's advertising network beginning in late July. In many ways, such malvertising attacks are becoming as big a threat as phishing attacks. The targeting capabilities of web advertising networks enable attackers to use such networks to aim their malware campaigns at users based on common attributes such as income, purchasing interests, etc. Proactive protection against exploits is the best solution, as well as limiting exposure to common web-based vulnerabilities such as Flash-based advertisements. http://www.scmagazine.com/hackers-spread-malware-via-yahoo-ads/article/437075/ http://www.scmagazine.com/drudge-report-other-high-traffic-websites-delivered-malware-over-three-week-period/article...

Survey Shows Many Federal Government Workers Ignore Mobile Security Rules A survey by mobile security software vendor Lookout indicates that a large proportion of government employees ignore their agencies' rules concerning mobile devices, web services, and security. Twenty-four percent of respondents indicated they forwarded work documents to their personal email accounts, 17% used cloud-based file sharing services for work documents, and nearly half used their personal mobile devices for work documents, despite policies prohibiting these behaviors (and annual training to reinforce these policies). While it is important to have policies governing these types of employee behaviors, without technical controls to prevent or monitor them you are likely to experience high levels of non-compliance. https://www.lookout.com/resources/reports/federal-byod http://www.eweek.com/small-business/mobile-device-security-ignored-by-federal-workers.html Google to Configure Chrome Browser ...

This post is one in a series of blog posts on the fundamentals of an information security program. You can see the complete list of posts in this series here . Account management is a basic security function, but not all accounts are created equal. Generally, any network or system has a few key accounts that have privileges or capabilities beyond those of "regular" users accounts. Administrative functions must be performed, and it is unavoidable that accounts and credentials for this purpose must exist. However, if these privileges are abused, the potential for destruction or loss is enormous. Administrative privileges can be abused by an insider who has rightful access to the account(s) in question, or the credentials may be compromised and used by a malicious outside attacker. Stealing or otherwise obtaining administrative credentials is one of the top objectives of any hacker upon gaining initial access to a system, because these will allow them to deepen and bro...

New Security Information Sharing Organization for the Legal Industry Begins Operation The legal industry, facing increasing cyber threats and receiving increased client security demands, has followed the lead of many other industries in establishing a threat information sharing center. The Legal Services Information Sharing and Analysis Organization (LS-ISAO) began operating last week, with services provided by the long-standing Financial Services Information Sharing and Analysis Center (FS-ISAC). http://www.darkreading.com/perimeter/law-firms-form-their-own-threat-intel-sharing-group/d/d-id/1321846 https://www.fsisac.com/ls-isao Microsoft Issues Emergency Patch for Internet Explorer; Vulnerability Already Being Exploited Last Tuesday Microsoft issued a critical out-of-cycle patch for Internet Explorer to address a memory flaw (CVE-2015-2502) that could allow an attacker to execute code remotely against a victim system. The problem affects IE versions 7 through 11 on all Wi...