Latest News Articles


--- TLP:WHITE ---

(https://first.org/tlp/)

########################################################
#### CSIRT-IE End of Week Report ####
########################################################

Date   : Friday 16-08-2019 10:00 ; Friday 23-08-2019 10:00

=====================================
= News =
=====================================
− The Texas Ransomware Attacks: A Gamechanger for Cybercriminals
Security researchers worry that this weekend’s coordinated attacks on 
more than 20 Texas governments mark a change in how ransomware attacks 
will be launched in the future. Texas officials have been left scrambling
after up to 22 Texas entities – the majority of which are local 
governments – were hit by a coordinated ransomware attack on Friday.

https://threatpost.com/the-texas-ransomware-attacks-a-gamechanger-for-
cybercriminals/147597/
 


− Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics
Silence APT, a Russian-speaking cybercriminal group, known for targeting
financial organizations primarily in former Soviet states and neighboring 
countries is now aggressively targeting banks in more than 30 countries 
across America, Europe, Africa, and Asia. Active since at least 
September 2016, Silence APT group's most recent successful campaign was 
against Bangladesh-based Dutch-Bangla

https://thehackernews.com/2019/08/silence-apt-russian-hackers.html


− Forced Password Reset? Check Your Assumptions
Almost weekly now I hear from an indignant reader who suspects a data 
breach at a Web site they frequent that has just asked the reader to 
reset their password. Further investigation almost invariably reveals 
that the password reset demand was not the result of a breach but rather 
the site's efforts to identify customers who are reusing passwords from 
other sites that have already been hacked. But ironically, many companies 
taking these proactive steps soon discover that their explanatio...

https://krebsonsecurity.com/2019/08/forced-password-reset-check-your-
assumptions/


− Companies Act to Defend Privacy of Kazakhstanis
Google and Mozilla act to defend the privacy of users in Kazakhstan 
against their own government.

https://www.infosecurity-magazine.com/news/companies-act-to-defend-
privacy-of/


− Cyber Attack on Google did not cause outage across the United States
However, in a briefing released a few minutes ago, Google has officially
declared that the outage was not caused by a cyberattack, but was due to 
a technical glitch which affected meager 5% of Gmail accounts. An update 
provided by Downdetector says that the service disruption was caused 
only on the....

https://www.cybersecurity-insiders.com/cyber-attack-on-google-did-not-
cause-outage-across-the-united-states/


− Hundreds of Thousands of People Are Using Passwords That Have Already 
Been Hacked, Google Says
A new Google study this week confirmed the obvious: internet users need 
to stop using the same password for multiple websites unless they’re keen 
on having their data hijacked, their identity stolen, or worse. It 
seems like not a day goes by without a major company being hacked or 
leaving user email....

https://www.vice.com/en_us/article/zmjvm9/hundreds-of-thousands-of-
people-are-using-passwords-that-have-already-been-hacked-google-says


=====================================
= Vulnerabilities =
=====================================

− Breaker, breaker. Apple's iOS 12.4 update breaks jailbreak break, un-
breaks the break. 10-4 File under: 'Breaking' news iPhone hackers have 
discovered Apple's most recent iOS update, 12.4, released in July, 
accidentally reopened a code-execution vulnerability that was previously
 patched – a vulnerability that can be abused to jail-break iThings.…

https://www.theregister.co.uk/2019/08/20/apples_ios_update_jailbreak/


− Dear Planet Earth: Patch Webmin now – zero-day exploit emerges for 
potential hijack hole in server control panel Flawed code traced to home
build system, vulnerability can be attacked in certain configs Updated 
The maintainers of Webmin – an open-source application for system-
administration tasks on Unix-flavored systems – have released Webmin 
version 1.930 and the related Usermin version 1.780 to patch a 
vulnerability that can be exploited to achieve remote code execution in 
certain configurations.…

https://www.theregister.co.uk/2019/08/19/webmin_project_zero_day_patch/


− No REST for the wicked: Ruby gem hacked to siphon passwords, secrets 
from web devs
Developer account cracked due to credential reuse, source tampered with 
and released to hundreds of programmers An old version of a Ruby 
software package called rest-client that was modified and released about
a week ago has been removed from the Ruby Gems repository – because it was
found to be deliberately leaking victims' credentials to a remote server.

https://www.theregister.co.uk/2019/08/20/ruby_gem_hacked/


− Cisco Warns of Public Exploit Code for Critical Switch Flaws
Cisco updated the security advisories for three vulnerabilities patched 
in early August warning customers that its Product Security Incident 
Response Team (PSIRT) team is aware of public exploit code being available

https://www.bleepingcomputer.com/news/security/cisco-warns-of-public-
exploit-code-for-critical-switch-flaws/


=====================================
= Community News =
=====================================
− 100 security tips for the next 100 days, #100securedays, cyber security 
tips with Ward Solutions - Irish Tech News
By Rebecca Mathews. Almost 90% of cyber-attacks are caused by human error. 
Companies need to emphasize more on security awareness training to their 
staff beyond simply sending an email. It is not only the ‘IT’ department 
that is responsible for the security of a business, it is the responsibility 
of every employee.

https://irishtechnews.ie/100securedays-cyber-security-tips-with-ward-
solutions/


− Should Companies Block Newly Registered Domains?
A study from Palo Alto Networks indicates that the companies blocking 
NRDs are onto something.

https://www.infosecurity-magazine.com/news/should-companies-block-newly/


− State-Sponsored Cyberattacks Target Medical Research
Cancer research is a particular target among Chinese espionage groups, 
says security firm FireEye.

https://www.darkreading.com/threat-intelligence/state-sponsored-
cyberattacks-target-medical-research/d/d-id/1335590

− Hackers attack Indian healthcare website, steal 6.8 million records
New Delhi: In a startling revelation, US-based cyber security firm FireEye 
said on Thursday that hackers broke into a leading India-based healthcare 
website, stealing 68 lakh records containing patient and doctor information. 
Without naming the website, FireEye said cyber criminals — mostly....

https://www.databreaches.net/hackers-attack-indian-healthcare-website-
steal-68/


--- TLP:WHITE ---