Facebook updates its premature victory policy

On election night, Facebook told the Wall Street Journal that it’s policy to label candidate posts claiming premature victory in the US election only applied to claims over the Presidential race overall, not for claiming victory in individual states. However on November 4th, Facebook announced it was now expanding the policy to apply to the state level as well. 

(Engadget)

Michigan approves Proposal 2

This proposal amends the state constitution to require law enforcement officers to get a warrant before searching a suspect’s electronic data. The amendment prohibits unreasonable search and seizure of electronic data and electronic communications.  Michigan becomes the 13th US state to include privacy protections in its constitution. 

(Bloomberg Government)

Vermont National Guard called in to help with cyberattack

The University of Vermont Health Network had six hospitals impacted by a cyberattack on the week of October 25th. This resulted in staff at some locations being unable to access appointment schedules and some or all patient information, and postponing some outpatient procedures and studies. Even when systems weren’t totally down, patients also experienced significant wait times due to disruptions. To assist in recovery efforts, Vermont governor Phil Scott deployed the Vermont Army National Guard’s Combined Cyber Response Team 1 to help the hospital’s IT staff review endpoints and logs. Patient data does not appear to have been exposed in the attack. 

(InfoSecurity Magazine)

GitHub denies getting hacked

The code repository was believed to have been hacked after the source code for its  GitHub Enterprise Server was added as a commit on GitHub’s DMCA section. The commit also attempted to spoof being sent from GitHub CEO Nat Friedman. Friedman denied posting the code, and said it had accidentally been leaked by GitHub months ago to some enterprise customers. GitHub said it is working to patch the flaw in its system that lets users add commits to projects under assumed identities. 

(Packet Storm Security)

Thanks to our sponsor, Trusona

Modern enterprise security starts at the desktop. 

By removing passwords from your desktop sign-in, you can instantly mitigate eight of the most common attack vectors, including SIM swapping, keylogging and credential stuffing. And with a single desktop sign-in using Trusona’s passwordless MFA, employees are automatically authenticated into their SSO for simple, secure access to all corporate applications, including Office 365. Bring your security up to date and learn more at trusona.com/desktopSSO.

Unpatched VOIP flaws targeted by hackers

Security researchers at Check Point say that in the past year, a hacking campaign has compromised VoIP networks of almost 1,200 organisations in over 20 countries. The attackers appear to be exploiting a flaw in Sangoma and Asterisk VoIP phone systems that allows outsiders to remotely gain access without any form of authentication. The flaw has been patched but many organizations have apparently left systems vulnerable. These systems could be used to have the VOIP systems dial premium rate numbers in order to siphon funds from the victims, sell access to the systems to other parties, or used as a beachhead to gain further network access.

(ZDNet)

Campari on the rocks after ransomware attacks

The attack hit the Italian beverage maker on November 1st, taking down a large part of its IT network. Based on the ransomware note, the attack was initiated by the RagnarLocker ransomware gang. The attackers have demanded a ransom and are threatening to leak internal documents. Campari is not communicating with the ransomware operaters, saying it quickly detected the intrusion and doesn’t anticipate the attack impacting its financials. As of November 5th, Campari’s websites, email servers, and phone lines are still down.

(ZDNet)

Report finds financial services are common cyberattack targets

A survey by HelpSystems of CISOs and CIOs at financial services firms found that 65% had suffered a cyberattack in the last year, with 45% seeing a rise in attacks since the start of the COVID-19 pandemic. Unsurprisingly 92% reported increases to security budgets, with secure file transfer, remote workforce protection and cloud security identified as the biggest priorities. 43% of respondents say that digital transformation forced by remote work and COVID-19 has been their biggest security challenge. 

(InfoSecurity Magazine)

We found out what happened to that $1 billion in Bitcoin

Remember how we reported on those 69,000 or so Bitcoins that were mysterious emptied from a dormant wallet yesterday? Turns out they were seized by the US Justice Department as funds linked to the Silk Road marketplace that it shut down in 2013. The funds were identified when the IRS found 54 previously undetected Silk Road Bitcoin transactions, leading them to the world’s fourth-richest crypto wallet. This marks the largest cryptocurrency bust by the US government.’

 (Bloomberg)