Cyber Security Headlines – October 27, 2021

Iranian gas stations out of service after cyberattack

The National Iranian Oil Products Distribution Company (NIOPDC), who operate a network of more than 3,500 gas stations across Iran, saw gas station operations come to a halt Tuesday due to a cyberattack, leaving Iranians waiting in gas station lines for hours. As news of the incident spread, a string of hacks on electronic road billboards displayed messages demanding an explanation or asking for fuel. One message reading “cyberattack 64411”, appears to make reference to a cyberattack in July that disrupted Iran’s train service. The BBC reports that Iran’s Supreme Council of Cyberspace believes the incident is state-sponsored, although it’s too early to say which country is responsible.

(Bleeping Computer)

Nevada and North Dakota top cybercrime lists

According to new research from AdvisorSmith, which analyzed data from the FBI’s 2020 Internet Crime Report, residents of North Dakota experienced the highest losses due to cybercrime of any US state with a per capita average of $33.12. Identity theft and personal data breaches were the largest sources of loss in the state. Washington D.C. and New York followed with average per capita losses of $27.47 and $20.58 respectively. The report also identified states with the most cybercrime victims ranking Nevada the highest with 519 cybercrime victims per 100,000 residents. Washington D.C. and Iowa followed with 309 and 294 victims per capita. The report noted that identity theft, ransomware and non-payment/non-delivery were the most common forms of cybercrime in these three states.

(Security Magazine)

Researcher cracked 70% of sampled WiFi networks

CyberArk security researcher Ido Hoorvitch has managed to crack 70% of a 5,000 WiFi network sample in his hometown, Tel Aviv.  The researcher roamed the city armed with a $50 network card and a freeware sniffing setup comprised of WireShark on UbuntuWiFi to gather hashes and then exploited a flaw that allows the retrieval of the PMKID hash. Using a standard laptop and a dictionary attack using the Rockyou dictionary file, the researcher cracked 3,359 passwords many of which were set to the user’s cell phone numbers or used a weak passwords comprised of only lower-case characters. The research highlights that many home networks are easy to hijack and to better protect them, home users should set passwords at least ten characters long with a mix of lower case and upper case letters, symbols and digits. Further, it is recommended that users also disable both roaming and WPS, if they are supported by their router.

(Bleeping Computer)

Mozilla Firefox cracks down on malicious add-ons

On Monday, Mozilla’s Firefox browser team said they have cracked down on malicious add-ons it first discovered back in June, and which are used by more than 450,000 users. While add-ons are designed to customize a user’s browsing experience, in this case the add-ons also tampered with the browser’s update functionality rendering users unable to download updates, access updated blocklists, or update remotely configured Firefox content. The add-ons have been blocked and, starting with v.91.1, Firefox has hardened the update process to fallback to direct connections. Mozilla has urged users to make sure their Firefox version is up to date. 

(ZDNet)

Thanks to our episode sponsor, Banyan Security

Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments.
Replace your traditional network access boxes – VPNs, bastion hosts, and gateways – with a cloud-based zero trust remote access solution and enable a safe and reliable “work from anywhere” environment. Visit banyansecurity.io for more information.

More than half of healthcare applications vulnerable to attack

The Application Security Division of NTT Ltd. released a report reflecting the current state of application security, analyzing more than 400 million lines of application code spanning all industry sectors. The report found that 52% of the applications in healthcare had at least one vulnerability rating ‘high’ or ‘critical’ on the CVSS scale open throughout the year. Further, only 18% of critical vulnerabilities were fixed within one month of discovery. While these stats are alarming, in the past three months, Healthcare has performed 14% better than the industry average which is a positive trend for the industry which historically performs below average.

(Security Magazine)

Amazon joins the race for quantum computing

Amazon is officially joining the race with US and Chinese rivals to develop a quantum computer. Amazon will base its quantum team at a new center on the campus of Caltech in Pasadena, California, which officially opens this week. Caltech described it as the first “corporate-partnership building” which showcases, “Caltech’s interests in bringing fundamental science to the marketplace.” The investment reflects growing corporate interest in quantum computers, which could someday crack major scientific problems or in the context of cybersecurity, may be able to break existing forms of encryption, making them a hot development priority for many nations including the US and China.

(The Washington Post)

Scammers found leveraging QR codes to steal Microsoft passwords

Fraudsters are attempting to capitalize on the increased use of quick response (QR) codes,  which have become more common in restaurants and stores, to steal users’ Microsoft credentials and other data. On Tuesday, email security company Abnormal, unveiled a campaign luring victims to open the email on their computer and scan the QR code, which would then take them to the fake Microsoft login page to harvest their credentials. The campaign leveraged compromised email accounts in order to bypass standard security screening. The campaign is the latest example of “QRishing” or “quishing” which was the subject of warnings issued by both the Better Business Bureau and the Army Criminal Investigation Command’s Major Cybercrime Unit earlier this year. Given the proliferation of QR codes in the COVID-19 era, the research serves as a reminder to think twice upon receiving an unsolicited QR code via email.

(Cyberscoop)

UK schools pause facial recognition lunch plans

Nine schools in North Ayrshire, UK have paused use of facial recognition technology days after introducing it, following UK’s Information Commissioner’s Office (ICO) inquiries. The schools wanted pupils to use the system for contactless lunch payments. Separately, Great Academy Ashton has decided to completely drop its rollout of a facial recognition system in response to the ICO commenting that  organisations should consider a “less intrusive” approach where possible. Facial recognition technology producer, CRB Cunninghams, notes that its technology works with face masks and can achieve an average serving time of five seconds per pupil. Jen Persson, director of children-focused digital rights group Defend Digital Me, said, “From places in the US to Europe, authorities are banning facial recognition. But in the UK we are using children as guinea pigs for the most privacy invasive technologies on the market.” 

(BBC)

Sean Kelly
Sean Kelly is a cyber risk professional and leader who thrives on learning, collaborating and helping the business securely advance its mission. Sean is also a musician and outdoor enthusiast who loves spending time with his family and two cats.